Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: Another mess between DNS and Samba
« on: August 05, 2013, 12:22:50 pm »
Eventually I got Samba to reprovision itself, which seems to have solved the situation. It would still be nice to know how Zentyal got itself in this mess. If it was the setup wizard dying, which was the only hiccup I noticed during install, this is a bug that needs fixing.
2
Installation and Upgrades / Re: Another mess between DNS and Samba
« on: August 01, 2013, 01:59:51 pm »
In case nobody knows a quick solution, which related packages can I purge and reinstall/reconfigure without fear of losing user accounts or data? I've done that in the past, but can't remember what's safe and what's not.
Full reinstall is out of the question now, since the server can't be inaccessible for extended periods. Normally I keep a spare server in case stuff hits the fan like this, but the other one is still waiting for a new hard drive.
Full reinstall is out of the question now, since the server can't be inaccessible for extended periods. Normally I keep a spare server in case stuff hits the fan like this, but the other one is still waiting for a new hard drive.
3
Installation and Upgrades / [SOLVED] Another mess between DNS and Samba
« on: August 01, 2013, 10:29:00 am »
A SSD running Zentyal suddenly died (this was the second one – never going to buy another OCZ), so I had to do a quick reinstall of Ubuntu, Zentyal and some additional software. Most services are already running, but once again I'm having trouble with DNS and/or File Sharing. I haven't slept for two days, as I need a working server today, so my brains are running a bit too slow to solve complex problems.
The initial module selection died screaming because Zarafa wasn't available for some reason (really dumb, BTW), but Zarafa can wait. Is it possible that this caused some malfunction or incomplete configuration?
I managed to install the necessary components through Software Management, but activating File Sharing fails, with zentyal.log saying:
What file or directory is this? Should I reinstall something? Is some configuration missing?
When I reboot, DNS initially fails to start, but afterwards starts fine from Dashboard, although after that Samba error I can't even access DNS configuration until I disable File Sharing. DNS is configured with zentyal-domain.lan pointing to the server IP. Is this sufficient?
I read some forum posts indicating problems with DHCP so I switched to static IP, but it didn't seem to help.
Any help would be much appreciated.
The initial module selection died screaming because Zarafa wasn't available for some reason (really dumb, BTW), but Zarafa can wait. Is it possible that this caused some malfunction or incomplete configuration?
I managed to install the necessary components through Software Management, but activating File Sharing fails, with zentyal.log saying:
Quote
LDB.pm:193 EBox::LDB::safeConnect - Could not connect to samba LDAP server: connect: No such file or directory, retrying. (300 attempts)
LDB.pm:197 EBox::LDB::safeConnect - FATAL: Could not connect to samba LDAP server: connect: No such file or directory
What file or directory is this? Should I reinstall something? Is some configuration missing?
When I reboot, DNS initially fails to start, but afterwards starts fine from Dashboard, although after that Samba error I can't even access DNS configuration until I disable File Sharing. DNS is configured with zentyal-domain.lan pointing to the server IP. Is this sufficient?
I read some forum posts indicating problems with DHCP so I switched to static IP, but it didn't seem to help.
Any help would be much appreciated.
4
Installation and Upgrades / Re: Can't access shares after lastest filesharing update
« on: June 03, 2013, 01:44:48 pm »
I've experienced something like this once or twice when upgrading zentyal-samba, so looks like I was wise not to run the latest updates on my server before following these forums for a while.
Any idea, if this happen to everyone, or under some specific conditions? Does restarting related services or rebooting help? Do the logs in /var/log/samba or /var/log/zentyal reveal anything more specific?
Any idea, if this happen to everyone, or under some specific conditions? Does restarting related services or rebooting help? Do the logs in /var/log/samba or /var/log/zentyal reveal anything more specific?
5
Installation and Upgrades / [SOLVED] Ejabberd attempts S2S when sending contact authorization request
« on: May 14, 2013, 12:44:35 pm »
I have the Jabber service up and running seemingly without problems, but users cannot find each other.
Users can connect fine, but when user1@domain tries to add user2@domain to his contact list, no authorization request is displayed, and ejabberd logs this ("domain" is a FQDN):
New s2s connection started
Trying to open s2s connection: domain -> user2 with TLS=true
s2s connection: domain -> user2 (remote server not found)
Reconnect delay expired: Will now retry to connect to user2 when needed.
It's as if ejabberd thinks the users are not on the same server, which makes no sense. Does the domain have to be somewhere else in Zentyal configuration for this to work? The one used is only meant for Jabber, so that we can point it to another server, if necessary.
S2S is disabled, and so is shared roster. We're using Pidgin as client. Zentyal runs behind NAT with the appropriate ports forwarded to it.
Edit: Each user's contact list is populated if shared roster is enabled, but we don't wish to use it, as our rather complicated grouping setup and multiple system accounts would confuse users.
Edit 2: After some digging the reason seems to be either a DNS issue or users who didn't RTFM. Marking as solved, since others got this working.
Users can connect fine, but when user1@domain tries to add user2@domain to his contact list, no authorization request is displayed, and ejabberd logs this ("domain" is a FQDN):
New s2s connection started
Trying to open s2s connection: domain -> user2 with TLS=true
s2s connection: domain -> user2 (remote server not found)
Reconnect delay expired: Will now retry to connect to user2 when needed.
It's as if ejabberd thinks the users are not on the same server, which makes no sense. Does the domain have to be somewhere else in Zentyal configuration for this to work? The one used is only meant for Jabber, so that we can point it to another server, if necessary.
S2S is disabled, and so is shared roster. We're using Pidgin as client. Zentyal runs behind NAT with the appropriate ports forwarded to it.
Edit: Each user's contact list is populated if shared roster is enabled, but we don't wish to use it, as our rather complicated grouping setup and multiple system accounts would confuse users.
Edit 2: After some digging the reason seems to be either a DNS issue or users who didn't RTFM. Marking as solved, since others got this working.
6
Installation and Upgrades / Re: Apache LDAP authentication for external applications in Zentyal 2.3
« on: August 08, 2012, 01:50:49 pm »
Using LAT I found there's a "zentyalro" read-only login (along with a plain-text password) in Zentyal LDAP. Feels a bit safer than giving Apache root DN logins. A simple .htaccess LDAP auth thus looks like this:
To add some safety, chown and chmod .htaccess to be readable only by Apache.
As there currently seems to be no authorization solution better than the above, I'm marking this solved. Please correct me if I'm wrong.
Code: [Select]
Order deny,allow
Deny from All
AuthName "LDAP authorization"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPUrl ldap://127.0.0.1:390/ou=Users,dc=example,dc=com?uid
AuthLDAPBindDN cn=zentyalro,dc=example,dc=com
AuthLDAPBindPassword <zentyalro password>
Require valid-user
Satisfy anyTo add some safety, chown and chmod .htaccess to be readable only by Apache.
As there currently seems to be no authorization solution better than the above, I'm marking this solved. Please correct me if I'm wrong.
7
Installation and Upgrades / Re: Users and Groups is "Stopped" after installing file sharing
« on: August 07, 2012, 08:49:29 am »
I'm having the same problem. Whenever I try to enable File Sharing, Users and Groups is stopped with no button to restart, and if there's a share defined I get an error message: "sAMAccountName [group name] does not exist", (from LDB.pm:652 EBox::LDB::getSidById)
I've unconfigured, purged and reinstalled zentyal-users, zentyal-samba, slapd and associated packages countless times, tried various different configurations, and still no luck. I thought I fixed it once (see my older topic), but the problem soon reappeared. I'd like to understand the cause, so I could at least avoid this problem, if a specific configuration is to blame.
Did someone find a solution, or is this a bug?
I've unconfigured, purged and reinstalled zentyal-users, zentyal-samba, slapd and associated packages countless times, tried various different configurations, and still no luck. I thought I fixed it once (see my older topic), but the problem soon reappeared. I'd like to understand the cause, so I could at least avoid this problem, if a specific configuration is to blame.
Did someone find a solution, or is this a bug?
8
Installation and Upgrades / Re: Zentyal 2.3-1 trouble (File Server, Users and Groups)
« on: July 09, 2012, 01:03:49 pm »
After tinkering with both related and seemingly unrelated settings, File Server finally started, but now it spewed errors about missing sAMAccountName.
Deleting groups and creating new ones didn't help, so I assumed that the pre-2.3-1 Zentyal version, from which my LDAP data originated, had something missing from the LDAP schema. I ran /usr/share/zentyal-users/reinstall. Unfortunately the script failed to reinstall slapd; Looked a lot like this bug (invoke-rc.d: initscript slapd, action "start" failed).
I'm not quite sure what exactly fixed it, but my last reinstall attempt using aptitude instead of apt-get succeeded.
As both services seem to be working now, I'm marking this as solved.
Edit: The reinstall script failed again. Manually purging and reinstalling slapd along with associated Zentyal modules seems to fix it.
Quote
2012/07/03 13:56:40 DEBUG> LDB.pm:570 EBox::LDB::getSidById - sAMAccountName mygroup does not exist.
Deleting groups and creating new ones didn't help, so I assumed that the pre-2.3-1 Zentyal version, from which my LDAP data originated, had something missing from the LDAP schema. I ran /usr/share/zentyal-users/reinstall. Unfortunately the script failed to reinstall slapd; Looked a lot like this bug (invoke-rc.d: initscript slapd, action "start" failed).
I'm not quite sure what exactly fixed it, but my last reinstall attempt using aptitude instead of apt-get succeeded.
As both services seem to be working now, I'm marking this as solved.
Edit: The reinstall script failed again. Manually purging and reinstalling slapd along with associated Zentyal modules seems to fix it.
9
Installation and Upgrades / Re: Jabber authentication problem in Zentyal 2.3
« on: June 28, 2012, 02:00:34 pm »
Apparently the 2.3-1 update fixed this issue.
10
Installation and Upgrades / Re: Zentyal 2.3-1 trouble (File Server, Users and Groups)
« on: June 21, 2012, 01:48:00 pm »
Thanks, kernevil! That worked perfectly to fix the user removal problem.
The File Server problem still remains, although it now logs slightly different errors:
Any further ideas?
The File Server problem still remains, although it now logs slightly different errors:
Quote
2012/06/21 14:42:54 DEBUG> Samba.pm:522 EBox::Samba::__ANON__ - domain MYDOMAIN does not exist.
2012/06/21 14:42:54 DEBUG> DomainTable.pm:640 EBox::DNS::Model::DomainTable::_getDomainRow - domain MYDOMAIN does not exist.
2012/06/21 14:42:54 DEBUG> Samba.pm:522 EBox::Samba::__ANON__ - domain MYDOMAIN does not exist.
2012/06/21 14:42:54 DEBUG> DNS.pm:277 EBox::DNS::getHostnames - domain MYDOMAIN does not exist.
2012/06/21 14:42:54 ERROR> Samba.pm:304 EBox::Samba::__ANON__ - domain MYDOMAIN does not exist.
2012/06/21 14:42:54 DEBUG> Sudo.pm:82 EBox::Sudo::command - command: rm -f /var/lib/zentyal/conf/configured/samba
2012/06/21 14:42:54 DEBUG> ConfigureModuleController.pm:68 EBox::CGI::ServiceModule::ConfigureModuleController::__ANON__ - Failed to enable: domain MYDOMAIN does not exist.
Any further ideas?
11
Installation and Upgrades / [SOLVED] Zentyal 2.3-1 trouble (File Server, Users and Groups)
« on: June 20, 2012, 08:05:25 am »
Not yet knowing about the new release, I did an apt-get upgrade remotely, eagerly waiting for bugfixes to certain packages. I was surprised to see some Kerberos stuff being installed and configured, but entered some dummy data and proceeded, thinking I could easily change it afterwards. Zentyal got really broken, just as promised in the announcement. 
I purged Zentyal packages and reinstalled. The setup got stuck at ("Current operation: Setting up zentyal-webserver (2.3.3) ..."), but that was solved with /etc/init.d/zentyal apache restart
User data remained in LDAP from the previous version, but now I can't delete users ("FATAL: Couldn't connect to synchronizer: /var/run/ldb") and trying to start the File Server module fails ("domain MYDOMAIN does not exist").
Here are the essential log bits for the above events:
Any idea what might have gone wrong?
I purged Zentyal packages and reinstalled. The setup got stuck at ("Current operation: Setting up zentyal-webserver (2.3.3) ..."), but that was solved with /etc/init.d/zentyal apache restart
User data remained in LDAP from the previous version, but now I can't delete users ("FATAL: Couldn't connect to synchronizer: /var/run/ldb") and trying to start the File Server module fails ("domain MYDOMAIN does not exist").
Here are the essential log bits for the above events:
Quote
2012/06/20 08:53:25 ERROR> LDB.pm:214 EBox::LDB::safeConnect - Couldn't connect to LDB server ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldapi, retrying
2012/06/20 08:53:30 DEBUG> LDB.pm:218 EBox::LDB::safeConnect - FATAL: Couldn't connect to LDB server: ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldapi
2012/06/20 08:53:30 ERROR> SambaLdapUser.pm:176 EBox::SambaLdapUser::__ANON__ - FATAL: Couldn't connect to LDB server: ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldapi
2012/06/20 08:53:30 DEBUG> LDB.pm:472 EBox::LDB::enableZentyalModule - Enabling Zentyal LDB module
...
2012/06/20 08:53:45 DEBUG> Sudo.pm:164 EBox::Sudo::_root - sudo commands: status 'zentyal.s4sync'
2012/06/20 08:53:45 ERROR> LDB.pm:183 EBox::LDB::safeConnectSync - Couldn't connect to synchronizer /var/run/ldb, retrying
2012/06/20 08:53:50 DEBUG> LDB.pm:187 EBox::LDB::safeConnectSync - FATAL: Couldn't connect to synchronizer: /var/run/ldb
Quote
2012/06/20 08:47:04 DEBUG> Samba.pm:522 EBox::Samba::__ANON__ - domain MYDOMAIN does not exist.
2012/06/20 08:47:04 DEBUG> DomainTable.pm:640 EBox::DNS::Model::DomainTable::_getDomainRow - domain MYDOMAIN does not exist.
Any idea what might have gone wrong?
12
Installation and Upgrades / Re: Missing software update?
« on: June 20, 2012, 07:09:50 am »
Seems like a good idea to always check out the announcements before upgrading a beta release. I also found out the hard way that the latest packages won't work without a reinstall.
13
Installation and Upgrades / Re: Jabber authentication problem in Zentyal 2.3
« on: June 15, 2012, 12:23:09 pm »
It's not wrong, just not the default set by Zentyal; I used /usr/share/zentyal-users/reinstall to shorten the base DN. Works fine everywhere. I doubt ejabberd would even bind successfully if it was wrong. Or did you mean something else?
14
Installation and Upgrades / Re: Jabber authentication problem in Zentyal 2.3
« on: June 15, 2012, 11:03:49 am »
Thanks for the tip, but my Ubuntu clients are already using the latest Pidgin from the developer PPA, and they work with an earlier Zentyal version without problems, so this looks more like a server issue. Do you know any URLs with some technical background information (bug reports etc.)?
15
Installation and Upgrades / [SOLVED] Jabber authentication problem in Zentyal 2.3
« on: May 31, 2012, 08:51:27 am »
I started testing Jabber on Zentyal 2.3, but Pidgin fails to log in, saying "Not authorized". This earlier (unsolved?) topic is identical: http://forum.zentyal.org/index.php?topic=5921.0
I increased ejabberd logging level and found these lines in /var/log/ejabberd/ejabberd.log:
ejabberd connects (port 390) and binds with LDAP successfully, but it looks as if "userJabberAccount" object doesn't exist. On the other hand, looking at LDAP data using ldapsearch shows it's there, and Jabber is enabled for the user account.
Is the Jabber module still unfinished, or is this just a configuration issue?
I increased ejabberd logging level and found these lines in /var/log/ejabberd/ejabberd.log:
Quote
=INFO REPORT==== 2012-05-30 15:54:44 ===
D(<0.269.0>:eldap:696) : {searchRequest,
{'SearchRequest',"dc=zentyal",wholeSubtree,
neverDerefAliases,0,0,false,
{'and',
[{equalityMatch,
{'AttributeValueAssertion',"uid",
"my.user"}},
{equalityMatch,
{'AttributeValueAssertion',"objectClass",
"userJabberAccount"}}]},
["uid"]}}
=INFO REPORT==== 2012-05-30 15:54:44 ===
D(<0.269.0>:eldap:767) : {searchResDone,
{'LDAPResult',noSuchObject,[],[],asn1_NOVALUE}}
ejabberd connects (port 390) and binds with LDAP successfully, but it looks as if "userJabberAccount" object doesn't exist. On the other hand, looking at LDAP data using ldapsearch shows it's there, and Jabber is enabled for the user account.
Is the Jabber module still unfinished, or is this just a configuration issue?