This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Spanish / Re: Los permisos en las carpetas compartidas no funcionan
« on: November 29, 2020, 09:19:44 pm »
yo tengo una publicación que te puede servir para mejorar las carpetas compartidas.
https://forum.zentyal.org/index.php/topic,33218.msg110266.html#msg110266
https://forum.zentyal.org/index.php/topic,33218.msg110266.html#msg110266
2
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: September 04, 2020, 05:15:13 pm »Hello, can you tell me what you changed or how the server restarted, I have the same problem and can't get any further. Thank you very much in advance.https://youtu.be/L0I7i_lE5zA
Greeting Mathias
3
Installation and Upgrades / error updating zentyal-core
« on: August 04, 2020, 02:44:58 am »
Tengo este error en zentyal-core al actualizar los paquetes.
Code: [Select]
administrator@servidor:~$ sudo apt upgrade
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
Calculando la actualización... Hecho
Los paquetes indicados a continuación se instalaron de forma automática y ya no son necesarios.
libllvm9 linux-headers-4.15.0-111 linux-headers-4.15.0-111-generic
linux-image-4.15.0-111-generic linux-modules-4.15.0-111-generic
linux-modules-extra-4.15.0-111-generic
Utilice «sudo apt autoremove» para eliminarlos.
Se instalarán los siguientes paquetes NUEVOS:
linux-headers-4.15.0-112 linux-headers-4.15.0-112-generic
linux-image-4.15.0-112-generic linux-modules-4.15.0-112-generic
linux-modules-extra-4.15.0-112-generic
Se actualizarán los siguientes paquetes:
firefox grub-common grub-pc grub-pc-bin grub2-common libllvm10 libmysqlclient20
librsvg2-2 librsvg2-common libseccomp2 linux-generic linux-headers-generic
linux-image-generic linux-libc-dev mysql-server python3-apt python3-distupgrade
ubuntu-release-upgrader-core zentyal-dhcp zentyal-dns zentyal-software
21 actualizados, 5 nuevos se instalarán, 0 para eliminar y 0 no actualizados.
16 no instalados del todo o eliminados.
Se necesita descargar 0 B/142 MB de archivos.
Se utilizarán 334 MB de espacio de disco adicional después de esta operación.
¿Desea continuar? [S/n] s
Preconfigurando paquetes ...
Configurando zentyal-core (6.1.6) ...
Connection DB Error: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
dpkg: error al procesar el paquete zentyal-core (--configure):
installed zentyal-core package post-installation script subprocess returned error exit status 2
Se encontraron errores al procesar:
zentyal-core
E: Sub-process /usr/bin/dpkg returned an error code (1)
administrator@servidor:~$ sudo zentyal-core --configure
sudo: zentyal-core: command not found
4
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: August 04, 2020, 02:37:06 am »
Thank you very much, you already solved the problem. Regards.
5
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: July 21, 2020, 03:22:14 am »
No, the problem was, I did not update the system 3 months ago. When updating the operating system, when rebooting, I am left with kernel panic error.
8
Contributions / Tips&Tricks / Features Requests / Re: [HELP] How to enable forwarding for wireless network?
« on: May 06, 2019, 12:17:27 am »
Hello, can someone help me interpret, how to add these rules to the zentyal firewall from the web GUI?
Code: [Select]
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
iptables -A FORWARD -i eth2 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth2 -j ACCEPT
9
Contributions / Tips&Tricks / Features Requests / [HELP] How to enable forwarding for wireless network?
« on: April 26, 2019, 09:59:26 pm »
hello, greetings to the zentyal team.
I have zentyal 6.0 with an ethernet adapter and a TP-LINK wireless adapter model TL-WDN4800.
My zentyal server only works as an active domain controller directory.
From the ethernet adapter called as interface eth2 with the IP address 192.168.1.2 mask 255.255.255.0
get internet through this adapter through the 192.168.1.1 gateway which is a commercial UTM firewall.
The wireless adapter called as interface wlan0 with the IP address 192.168.137.1 mask 255.255.255.0.
/etc/network/interfaces
The DHCP server delivers IP addresses to the 192.168.137.1 interface with a range of 192.168.137.100 to 192.168.137.254 with DNS 8.8.8.8 and 8.8.4.4.
/etc/dhcp/dhcpd.conf
/etc/default/hostapd
we configure
/etc/hostapd/hostapd.conf
Start test
we create the service...
According to the guide I am reading, I must edit the configuration file: /etc/sysctl.conf
change: net.ipv4.ip_forward = 1
save.
add the configuration to the firewall.
sudo iptables -t nat -A POSTROUTING -s 192.168.137.0/24 -o eth2 -j MASQUERADE
The problem is that this configuration is temporary, because zentyal when restarting does not save the change.
How can I enable Internet connection to wireless devices permanently?
I have zentyal 6.0 with an ethernet adapter and a TP-LINK wireless adapter model TL-WDN4800.
My zentyal server only works as an active domain controller directory.
From the ethernet adapter called as interface eth2 with the IP address 192.168.1.2 mask 255.255.255.0
get internet through this adapter through the 192.168.1.1 gateway which is a commercial UTM firewall.
The wireless adapter called as interface wlan0 with the IP address 192.168.137.1 mask 255.255.255.0.
/etc/network/interfaces
Code: [Select]
administrator@servidor:~$ cat /etc/network/interfaces
allow-hotplug lo eth2 wlan0
iface lo inet loopback
iface eth2 inet static
address 192.168.1.2
netmask 255.255.255.0
broadcast 192.168.1.255
offload-gro off
offload-gso off
offload-tso off
iface wlan0 inet static
address 192.168.137.1
netmask 255.255.255.0
broadcast 192.168.137.255
offload-gro off
offload-gso off
offload-tso off
The DHCP server delivers IP addresses to the 192.168.137.1 interface with a range of 192.168.137.100 to 192.168.137.254 with DNS 8.8.8.8 and 8.8.4.4.
/etc/dhcp/dhcpd.conf
Code: [Select]
shared-network wlan0 {
subnet 192.168.137.0 netmask 255.255.255.0 {
option routers 192.168.137.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;
option ntp-servers 192.168.137.1;
default-lease-time 1800;
max-lease-time 7200;
pool {
next-server 192.168.137.1;
range 192.168.137.100 192.168.137.254;
}
}
group {
option routers 192.168.137.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;
option ntp-servers 192.168.137.1;
default-lease-time 1800;
max-lease-time 7200;
}
}
/etc/default/hostapd
Code: [Select]
administrator@servidor:~$ cat /etc/default/hostapd
# Defaults for hostapd initscript
#
# See /usr/share/doc/hostapd/README.Debian for information about alternative
# methods of managing hostapd.
#
# Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
# file and hostapd will be started during system boot. An example configuration
# file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
#
DAEMON_CONF="/etc/hostapd/hostapd.conf"
# Additional daemon options to be appended to hostapd command:-
# -d show more debug messages (-dd for even more)
# -K include key data in debug messages
# -t include timestamps in some debug messages
#
# Note that -B (daemon mode) and -P (pidfile) options are automatically
# configured by the init.d script and must not be added to DAEMON_OPTS.
#
#DAEMON_OPTS=""
we configure
/etc/hostapd/hostapd.conf
Code: [Select]
# Plantilla de configuracion hostapd para router Wi-Fi 2.4 GHz generico modo abierto para Venezuela
# /etc/hostapd/hostapd.conf
# Adaptador PCI-E TP-LINK TL-WDN4800 N900
#
# Opciones Generales hostapd
#
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
interface=wlan0
#bridge=br0
driver=nl80211
#driver_params=
ssid=Internet Libre
#
# Ajustes regulatorios para Venezuela
#
ieee80211d=1
country_code=VE
# Entorno para Interiores: 0x49 Exteriores: 0x4f Todos los entornos: 0x20
#country3=0x49
#local_pwr_constraint=3
#spectrum_mgmt_required=1
#
# Opciones de Seguridad
#
ignore_broadcast_ssid=0
disassoc_low_ack=1
wpa=0
macaddr_acl=0
deny_mac_file=/etc/hostapd/hostapd.deny
#
# Ajustes de bandas IEEE 802.11 (b/g)
#
hw_mode=g
#
# Ajustes de banda IEEE 802.11n (n)
#
ieee80211n=1
require_ht=1
ht_capab=[LDPC][HT40-][HT40+][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-3839][DSSS_CCK-40][MAX-A-MPDU-LEN-EXP3]
#
# Ajustes IEEE 802.11u-2011
#
#interworking=1
#access_network_type=3
#internet = 1
#venue_group=2
#venue_type=0
#
# QoS
#
wmm_enabled=1
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
#
# Ajustes Avanzados
#
channel=0
#acs_num_scans=5
#acs_chan_bias=1:0.8 6:0.8 11:0.8
#chanlist=1 6 11-13
beacon_int=100
dtim_period=2
max_num_sta=255
rts_threshold=-1
fragm_threshold=-1
#supported_rates=10 20 55 110 60 90 120 180 240 360 480 540
#basic_rates=10 20
#basic_rates=10 20 55 110
#basic_rates=60 120 240
#beacon_rate=10
#preamble=1
#
# Registro
#
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
Start test
Code: [Select]
sudo hostapd -dd /etc/hostapd/hostapd.conf
Ctrl+C (exit)we create the service...
Code: [Select]
sudo systemctl unmask hostapd
sudo systemctl enable hostapd
sudo systemctl start hostapd
sudo systemctl status hostapd
● hostapd.service - Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
Loaded: loaded (/lib/systemd/system/hostapd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2019-04-27 15:19:56 -04; 21min ago
Process: 18270 ExecStart=/usr/sbin/hostapd -P /run/hostapd.pid -B $DAEMON_OPTS ${DAEMON_CONF} (code=exited, status=0/SUCCESS)
Main PID: 18271 (hostapd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/hostapd.service
└─18271 /usr/sbin/hostapd -P /run/hostapd.pid -B /etc/hostapd/hostapd.conf
abr 27 15:19:56 servidor systemd[1]: Starting Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator...
abr 27 15:19:56 servidor hostapd[18270]: Configuration file: /etc/hostapd/hostapd.conf
abr 27 15:19:56 servidor hostapd[18270]: wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
abr 27 15:19:56 servidor hostapd[18270]: ACS: Automatic channel selection started, this may take a bit
abr 27 15:19:56 servidor hostapd[18270]: wlan0: interface state COUNTRY_UPDATE->ACS
abr 27 15:19:56 servidor hostapd[18270]: wlan0: ACS-STARTED
abr 27 15:19:56 servidor systemd[1]: Started Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator.
I have hostapd installed and I already made my test configuration, which mobile devices connect but does not have internet.According to the guide I am reading, I must edit the configuration file: /etc/sysctl.conf
change: net.ipv4.ip_forward = 1
save.
add the configuration to the firewall.
sudo iptables -t nat -A POSTROUTING -s 192.168.137.0/24 -o eth2 -j MASQUERADE
The problem is that this configuration is temporary, because zentyal when restarting does not save the change.
How can I enable Internet connection to wireless devices permanently?
10
Installation and Upgrades / [Help] remove hard drive that fails.
« on: April 19, 2019, 05:12:43 pm »
Greetings to the zentyal team.
I have a problem with a hard drive that installs my zentyal server. The hard drive is as storage for the HOME partition, which I have many music files and programs for PDQ Deploy software installations, to share on the network. Last week I installed 2 new hard drives to extend the volume, but I did not notice that one of them is the one that is failing, it is also a different model.
I need to remove without damaging the system, I made an attempt to remove it abruptly and zentyal does not start.
I have a problem with a hard drive that installs my zentyal server. The hard drive is as storage for the HOME partition, which I have many music files and programs for PDQ Deploy software installations, to share on the network. Last week I installed 2 new hard drives to extend the volume, but I did not notice that one of them is the one that is failing, it is also a different model.
Code: [Select]
administrator@servidor:~$ sudo lsscsi
[sudo] password for administrator:
[0:0:0:0] disk ATA WDC WD5000AAKX-0 1H15 /dev/sda
[1:0:0:0] disk ATA ST3750640NS 3CNR /dev/sdb
[4:0:0:0] disk ATA ST3750525AS JC45 /dev/sdc
[5:0:0:0] disk ATA ST3750640NS 3CNR /dev/sdd
[6:0:0:0] disk Generic STORAGE DEVICE 9833 /dev/sde
The problem is ST3750525AS with the extension /dev/sdcI need to remove without damaging the system, I made an attempt to remove it abruptly and zentyal does not start.
Code: [Select]
administrator@servidor:~$ sudo lsblk -fm
NAME FSTYPE LABEL UUID MOUNTPOINT SIZE OWNER GROUP MODE
sda 465,8G root disk brw-rw----
├─sda1 ext2 BOOT 694c0d39-ca9e-47f6-8cc9-c3ae7d107986 /boot 1,9G root disk brw-rw----
├─sda2 swap a7585f9d-98c4-4aee-b970-14f95e0ee81a [SWAP] 8G root disk brw-rw----
├─sda3 1K root disk brw-rw----
└─sda5 LVM2_member a7FzEB-amue-MqwT-i571-qR1P-m85V-CyZ6cn 455,9G root disk brw-rw----
├─servidor_vg-root_vl ext4 ROOT 565b1925-bb20-4a88-a765-56043b2828ee / 176,5G root disk brw-rw----
└─servidor_vg-srv_vl ext4 SRV 17922afb-d5a6-467a-bc74-39853afff2a0 /srv 279,4G root disk brw-rw----
sdb 698,7G root disk brw-rw----
└─sdb1 LVM2_member Erzj3X-1nuW-nDwi-SKEN-KYcC-VfEW-CtYc82 698,7G root disk brw-rw----
└─servidor_vg-storage_vl ext4 HOME 803e8428-0ff1-45f5-bcc4-d0e9906797ec /home 2T root disk brw-rw----
sdc 698,7G root disk brw-rw----
└─sdc1 LVM2_member A2dleM-MmRA-FWOn-30iD-wHdf-g2u5-308tsn 698,7G root disk brw-rw----
├─servidor_vg-backup_vl ext4 BACKUP 2a5b3339-b60b-4b8a-b8c5-1bc3e05eff86 /bak 46,7G root disk brw-rw----
└─servidor_vg-storage_vl ext4 HOME 803e8428-0ff1-45f5-bcc4-d0e9906797ec /home 2T root disk brw-rw----
sdd 698,7G root disk brw-rw----
└─sdd1 LVM2_member 2iY9uh-n3iA-Peg6-5u3L-oq5h-hS1d-RHwswE 698,7G root disk brw-rw----
└─servidor_vg-storage_vl ext4 HOME 803e8428-0ff1-45f5-bcc4-d0e9906797ec /home 2T root disk brw-rw----
Code: [Select]
administrator@servidor:~$ sudo lvdisplay
--- Logical volume ---
LV Path /dev/servidor_vg/root_vl
LV Name root_vl
VG Name servidor_vg
LV UUID giYw25-XP8J-YXAn-wckO-D8ur-2WTh-eP0gNT
LV Write Access read/write
LV Creation host, time servidor, 2019-03-01 17:37:21 -0400
LV Status available
# open 1
LV Size <176,49 GiB
Current LE 45181
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0
--- Logical volume ---
LV Path /dev/servidor_vg/srv_vl
LV Name srv_vl
VG Name servidor_vg
LV UUID 9BYX7s-CZRg-xYEg-FXmG-6pDa-uI9A-BI1GoF
LV Write Access read/write
LV Creation host, time servidor, 2019-03-01 17:37:35 -0400
LV Status available
# open 1
LV Size <279,40 GiB
Current LE 71526
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:1
--- Logical volume ---
LV Path /dev/servidor_vg/backup_vl
LV Name backup_vl
VG Name servidor_vg
LV UUID kDHbDG-LZsx-qd78-a4QI-YHeW-ywJ1-fSP2aC
LV Write Access read/write
LV Creation host, time servidor, 2019-03-01 17:39:25 -0400
LV Status available
# open 1
LV Size 46,70 GiB
Current LE 11956
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:2
--- Logical volume ---
LV Path /dev/servidor_vg/storage_vl
LV Name storage_vl
VG Name servidor_vg
LV UUID Cjufl9-zSem-eSqA-m8Bk-RNHN-9r5R-L08pW2
LV Write Access read/write
LV Creation host, time servidor, 2019-03-01 17:39:35 -0400
LV Status available
# open 1
LV Size 2,00 TiB
Current LE 524594
Segments 3
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:3
Code: [Select]
administrator@servidor:~$ sudo vgdisplay
--- Volume group ---
VG Name servidor_vg
System ID
Format lvm2
Metadata Areas 4
Metadata Sequence No 9
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 4
Open LV 4
Max PV 0
Cur PV 4
Act PV 4
VG Size 2,49 TiB
PE Size 4,00 MiB
Total PE 653257
Alloc PE / Size 653257 / 2,49 TiB
Free PE / Size 0 / 0
VG UUID vBHTK9-fBf3-2N8d-k3qu-5rFL-9HZr-AiGkQ2
11
Directory and Authentication / Re: Missing 'defult\domain users' group
« on: April 10, 2019, 06:12:17 pm »
Test:
Code: [Select]
administrator@servidor:~$ su root
Password:
root@servidor:/home/administrator# mkdir -p /home/samba/profiles
root@servidor:/home/administrator# chgrp -R "Domain Users" /home/samba/profiles
root@servidor:/home/administrator# chmod 1750 /home/samba/profiles
root@servidor:/home/administrator#reboot
12
Directory and Authentication / Re: Missing 'defult\domain users' group
« on: April 10, 2019, 05:58:35 pm »
I think there is a problem with the shared folder permissions of the mobile profiles.
that is the same problem when you try to create a shared folder within zentyal, it does not give access to traverse the directory in spite of giving permissions to the groups of reading and writing.
Roaming Windows User Profiles
that is the same problem when you try to create a shared folder within zentyal, it does not give access to traverse the directory in spite of giving permissions to the groups of reading and writing.
Roaming Windows User Profiles
13
Directory and Authentication / Re: netbios name
« on: April 10, 2019, 05:42:21 pm »
example:
hostname: servidor
netbios name: servidor
review this information
hostname: servidor
netbios name: servidor
Code: [Select]
administrator@servidor:~$ hostname
servidor
administrator@servidor:~$ domainname
(none)
administrator@servidor:~$ dnsdomainname
savidoca.com
administrator@servidor:~$ nisdomainname
nisdomainname: Local domain name not set
administrator@servidor:~$ ypdomainname
ypdomainname: Local domain name not set
administrator@servidor:~$ hostname --fqdn
servidor.savidoca.com
administrator@servidor:~$
Code: [Select]
administrator@servidor:~$ cat /etc/samba/smb.conf
[global]
workgroup = savidoca
realm = SAVIDOCA.COM
netbios name = servidor
server string = Zentyal Server
server role = dc
server role check:inhibit = yes
server services = -dns
server signing = auto
dsdb:schema update allowed = yes
ldap server require strong auth = no
drs:max object sync = 1200
idmap_ldb:use rfc2307 = yes
winbind enum users = yes
winbind enum groups = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
template shell = /bin/bash
template homedir = /home/%U
min protocol = SMB2
rpc server dynamic port range = 49152-65535
interfaces = lo,eth2
bind interfaces only = yes
map to guest = Bad User
log level = 3
log file = /var/log/samba/samba.log
max log size = 100000
include = /etc/samba/shares.conf
[netlogon]
path = /var/lib/samba/sysvol/savidoca.com/scripts
browseable = no
read only = yes
[sysvol]
path = /var/lib/samba/sysvol
read only = no
review this information
14
Directory and Authentication / Re: File Sharing does not work
« on: March 30, 2019, 07:35:58 pm »
Solve creating a custom directory on the route: /home/administrator/shares/wallpapers
then in zentyal add the directory path to be shared with the permissions of the read and write groups.
It should be noted that zentyal lacks some options that are important for file sharing and security options to work correctly. What I did was copy the configuration template located at: /usr/share/zentyal/stubs/samba/smb.conf.mas and /usr/share/zentyal/stubs/samba/shares.conf.mas
modify the template in this way:
* Minimum SMB2 protocol established for protection against WannaCrypt. see article.
* Added the missing settings to share files, vfs objects = acl_xattr, map acl inherit = yes, store dos attributes = yes, see article.
* customize the network adapters that I only want to work in my active directory, excluding eth0, eth1, wlan0, vmnet8 so that it does not interfere with the operation. this may be irrelevant.
/etc/zentyal/stubs/samba/smb.conf.mas
* Added lost line to share files setting: read only = no, see article.
/etc/zentyal/stubs/samba/shares.conf.mas
the result was this:
/etc/samba/smb.conf
/etc/samba/shares.conf
Code: [Select]
su root
password:
#mkdir -p /home/administrator/shares/wallpapers
#chmod -R 775 /home/administrator/shares/wallpapers
#chown root:"Domain Admins" /home/administrator/shares/wallpapers
then in zentyal add the directory path to be shared with the permissions of the read and write groups.
It should be noted that zentyal lacks some options that are important for file sharing and security options to work correctly. What I did was copy the configuration template located at: /usr/share/zentyal/stubs/samba/smb.conf.mas and /usr/share/zentyal/stubs/samba/shares.conf.mas
Code: [Select]
sudo mkdir /etc/zentyal/stubs
sudo mkdir /etc/zentyal/stubs/samba
sudo cp /usr/share/zentyal/stubs/samba/smb.conf.mas /etc/zentyal/stubs/samba/
sudo cp /usr/share/zentyal/stubs/samba/shares.conf.mas /etc/zentyal/stubs/samba/
modify the template in this way:
* Minimum SMB2 protocol established for protection against WannaCrypt. see article.
* Added the missing settings to share files, vfs objects = acl_xattr, map acl inherit = yes, store dos attributes = yes, see article.
* customize the network adapters that I only want to work in my active directory, excluding eth0, eth1, wlan0, vmnet8 so that it does not interfere with the operation. this may be irrelevant.
/etc/zentyal/stubs/samba/smb.conf.mas
Code: [Select]
<%args>
$workgroup
$netbiosName
$description
$mode
$realm
$domain
$roamingProfiles => 0
$profilesPath
$sysvolPath
$ifaces => undef
$shell
$radius => 0
$print => 0
$shares => 0
</%args>
<%init>
use EBox::Gettext;
</%init>
[global]
workgroup = <% $workgroup %>
realm = <% $realm %>
netbios name = <% $netbiosName %>
server string = <% $description %>
server role = <% $mode %>
server role check:inhibit = yes
server services = -dns
server signing = auto
dsdb:schema update allowed = yes
ldap server require strong auth = no
drs:max object sync = 1200
idmap_ldb:use rfc2307 = yes
winbind enum users = yes
winbind enum groups = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
template shell = <% $shell %>
template homedir = /home/%U
min protocol = SMB2
rpc server dynamic port range = 49152-65535
% if ($ifaces) {
interfaces = lo,eth2
bind interfaces only = yes
% }
map to guest = Bad User
log level = 3
log file = /var/log/samba/samba.log
max log size = 100000
% if ($radius) {
lanman auth = yes
ntlm auth = yes
% }
% if ($print) {
include = /etc/samba/printers.conf
% }
% if ($shares) {
include = /etc/samba/shares.conf
% }
% if ($mode eq 'dc') {
% if ($roamingProfiles) {
[profiles]
path = <% $profilesPath %>
browseable = no
read only = no
% }
[netlogon]
path = <% $sysvolPath %>/<% $domain %>/scripts
browseable = no
read only = yes
[sysvol]
path = <% $sysvolPath %>
read only = no
% }
* Added lost line to share files setting: read only = no, see article.
/etc/zentyal/stubs/samba/shares.conf.mas
Code: [Select]
<%args>
@shares => ()
$unmanagedAcls => 0
$disableFullAudit => 0
$recycle => 0
$recycle_exceptions => {}
$recycle_config => {}
$prefix => 'Zentyal'
$backup_path => '/tmp'
</%args>
<%init>
use EBox::Gettext;
</%init>
[homes]
comment = <% __('Home Directories') %>
path = /home/%S
read only = no
browseable = no
create mask = 0611
directory mask = 0711
% my $rb = ($recycle xor defined($recycle_exceptions->{'users'}));
% my $objects = 'acl_xattr';
% unless ($disableFullAudit) {
% $objects .= ' full_audit';
% }
% if ($rb) {
% $objects .= ' recycle';
% }
vfs objects = <% $objects %>
full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
% if ($rb) {
% foreach my $key (keys %{$recycle_config}) {
% next unless $key;
recycle: <% $key %> = <% $recycle_config->{$key} %>
% }
% }
# <% @shares ? "Shares\n" : "No shares configured" %>
% foreach my $share (@shares) {
[<% $share->{share} %>]
% if ($share->{comment}) {
comment = <% $share->{comment} %>
% }
path = <% $share->{path} %>
browseable = yes
read only = no
force create mode = 0660
force directory mode = 0660
% if ($share->{guest}) {
guest ok = yes
read only = no
% } elsif ($unmanagedAcls) {
read only = no
% } else {
valid users = <% $share->{validUsers} %>
read list = <% $share->{readOnly} %>
write list = <% $share->{readWrite} %>
admin users = <% $share->{administrators} %>
% }
% my $rb = ($recycle xor defined($recycle_exceptions->{'share'}->{$share->{'share'}}));
% my $objects = 'acl_xattr';
% unless ($disableFullAudit) {
% $objects .= ' full_audit';
% }
% if ($rb) {
% $objects .= ' recycle';
% }
vfs objects = <% $objects %>
% if ($unmanagedAcls) {
acl_xattr:ignore system acls = yes
% }
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
% if ($rb) {
% foreach my $key (keys %{$recycle_config}) {
% next unless $key;
recycle: <% $key %> = <% $recycle_config->{$key} %>
% }
% }
% }
the result was this:
/etc/samba/smb.conf
Code: [Select]
[global]
workgroup = savidoca
realm = SAVIDOCA.COM
netbios name = servidor
server string = Zentyal Server
server role = dc
server role check:inhibit = yes
server services = -dns
server signing = auto
dsdb:schema update allowed = yes
ldap server require strong auth = no
drs:max object sync = 1200
idmap_ldb:use rfc2307 = yes
winbind enum users = yes
winbind enum groups = yes
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
template shell = /bin/bash
template homedir = /home/%U
min protocol = SMB2
rpc server dynamic port range = 49152-65535
interfaces = lo,eth2
bind interfaces only = yes
map to guest = Bad User
log level = 3
log file = /var/log/samba/samba.log
max log size = 100000
include = /etc/samba/shares.conf
[netlogon]
path = /var/lib/samba/sysvol/savidoca.com/scripts
browseable = no
read only = yes
[sysvol]
path = /var/lib/samba/sysvol
read only = no
/etc/samba/shares.conf
Code: [Select]
[homes]
comment = Directorios de usuario
path = /home/%S
read only = no
browseable = no
create mask = 0611
directory mask = 0711
vfs objects = acl_xattr full_audit
full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
# Shares
[wallpapers]
comment = fondo de pantalla
path = /home/administrator/shares/wallpapers
browseable = yes
read only = no
force create mode = 0660
force directory mode = 0660
valid users = @"vendedores", @"cybers", @"tech", @"gerentes"
read list = @"vendedores", @"cybers"
write list = @"tech", @"gerentes"
admin users =
vfs objects = acl_xattr full_audit
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
15
Spanish / Re: [Ayuda] Cómo saber quién está usando un documento del dominio en tiempo real?
« on: March 28, 2019, 11:58:18 pm »
para obtener la contraseña root de la base de datos:
recuerda abrir el puerto 3306 en el cortafuegos.
y si necesitas agregar un nuevo usuario con privilegios limitados te sugiero este tema:
http://www.daniloaz.com/es/como-crear-un-usuario-en-mysql-mariadb-y-concederle-permisos-para-una-base-de-datos-desde-la-linea-de-comandos/
Code: [Select]
cat /var/lib/zentyal/conf/zentyal-mysql.passwd
recuerda abrir el puerto 3306 en el cortafuegos.
y si necesitas agregar un nuevo usuario con privilegios limitados te sugiero este tema:
http://www.daniloaz.com/es/como-crear-un-usuario-en-mysql-mariadb-y-concederle-permisos-para-una-base-de-datos-desde-la-linea-de-comandos/