Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - fmoreira86

Pages: [1] 2
1
Directory and Authentication / Goal of idmap.ldb and RFC 2307 with zentyal
« on: December 22, 2022, 11:06:54 am »
Hello,

I've two questions

- One of my installs, idmap.ldb has arround 58 records however I've more AD objects than that. Since Zentyal uses RFC 2307 why do we need idmap.ldb? How is it populated?
- As I said, Zentyal uses RFC 2307, and I can see that it manages uidnumber, gidnumber, etc automatically. Lets supposed that you join zentyal to a domain where some objects already have some uidnumbers and gidnumbers. How does it deal with that?

Cheers

2
I was trying to do this procedure:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRhCAK

Basically it would allow my firewall to identify the users based on the samba4 logs.

You've to add this:

  syslog = 3
        vfs object = full_audit
        full_audit:success = connect
        full_audit:failure = disconnect
        full_audit:prefix = %u %I | %S
        full_audit:facility = local5

To smb.conf.

I added to /usr/share/zentyal/stubs/samba/smb.conf.mas , rebooted the server and the logs work.

However if I try to create a GPO via RSAT, with this configuration, I get "This security ID may not be assigned as the owner of this object"

Pretty much like this report:

https://lists.samba.org/archive/samba/2017-April/207962.html

Any hint?

Thank you!

3
Directory and Authentication / Changing .local to .com Domain
« on: December 27, 2021, 01:23:41 pm »
Hello,

Is it possible to change the AD domain from .local to .com (this is purely Zentyal infrastructure)?

Thanks!

4
Installation and Upgrades / Problems with DNS on 7.0
« on: March 10, 2021, 04:18:19 am »
Hi!

So I upgraded to 7.0.

Everything looked ok till I found that DNS is not replicating and that my machines can't update their records.
Also found that some external records just won't resolve it's ip's.

If I add a record manually at one DC the record won't replicate to other DC's.

I've 4 DC's (all zentyal 7.0)

Some logs:

Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: ldb: replmd_add: unable to find invocationId
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz:
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: failed to modify DC=XXXDSK04,DC=XXX.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=XXX,DC=local - WERR_GEN_FAILURE
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: cancelling transaction on zone XXX.local


I also have some logs like this:

DNS format error from 208.67.222.222#53 resolving brightcloud.com/DS: invalid response

Please help.

EDIT: Also Domain objects are not replicating. If I do a samba-tool drs replicate with  --full-sync it it's synced.
EDIT2: Just reverted to Zentyal 6.2.7. This is not ready for prime time.

5
Hi!

On your Windows domain machine do on a CMD ipconfig /registerdns.

A Record will be updated correctly.

Reverse record will NOT.

In my example my workstation is 192.168.21.41 / 24
however in the syslog it shows up this:

client @0x7f2754100c10 192.168.21.41#50367: updating zone '168.192.in-addr.arpa/IN': update failed: not authoritative for update zone (NOTAUTH)

The correct zone should be 21.168.192.in-addr.arpa I believe.
By the way, my DC's are in different networks than my workstations.

The zone 21.168.192.in-addr.arpa exists. It was created via samba-tool and I also tried via RSAT. Same results.

Thanks!

6
Installation and Upgrades / Stuck Upgrading from 5.1.3 to 6.0
« on: November 25, 2018, 02:32:55 am »
Hi,

I'm getting stuck here:

2018/11/25 00:50:47 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: dns
2018/11/25 00:50:48 INFO> DNS.pm:91 EBox::DNS::appArmorProfiles - Setting DNS apparmor profile


Any hint?

7
Installation and Upgrades / Upgrade Zentyal to 6.0 and Ubuntu to 18.04
« on: October 31, 2018, 01:29:52 pm »
Hi!

What would be the correct procedure to upgrade Zentyal from 5.1.1 to version 6.0 and also ubuntu 16.04 to 18.04?

Thank you!

8
Installation and Upgrades / [SOLVED] Sysvol not syncing Version 5
« on: February 26, 2017, 05:29:30 pm »
Since I upgrade a domain to version 5 (2 zentyal servers) I have no sysvol replication.

Before I had these messages on zentyal.log

SysvolSync.pm:194 EBox::Samba::SysvolSync::sync - Synchronizing sysvol share from xxx.domain.local

Now it doesn't show anything.

What can I do?

9
Installation and Upgrades / Can't add additional DC
« on: February 26, 2017, 05:44:21 am »
Hi!

I'm trying to add a Zentyal Server (version 5) as an additional DC of an already existing domain that which PDC is a Zentyal Server also (version 5).

I get this error:

Quote
2017/02/26 04:37:21 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK failed.
Error output: update failed: NOTAUTH

Command output: .
Exit value: 2 at root command nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK failed.
Error output: update failed: NOTAUTH

Command output: .
Exit value: 2 at /usr/share/perl5/EBox/Sudo.pm line 240
EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/zentyal/tmp/66lDsmFVAY.cmd 2> /var/lib/zentyal/tmp/stderr', 'nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK', 512, 'ARRAY(0x92434f0)', 'ARRAY(0x45a0c80)') called at /usr/share/perl5/EBox/Sudo.pm line 210
EBox::Sudo::_root(1, 'nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK') called at /usr/share/perl5/EBox/Sudo.pm line 153
EBox::Sudo::root('nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK') called at /usr/share/perl5/EBox/DNS.pm line 923
EBox::DNS::_postServiceHook('EBox::DNS=HASH(0x7374fa8)', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 941
EBox::Module::Service::_regenConfig('EBox::DNS=HASH(0x7374fa8)') called at /usr/share/perl5/EBox/Module/Base.pm line 234
eval {...} at /usr/share/perl5/EBox/Module/Base.pm line 233
EBox::Module::Base::save('EBox::DNS=HASH(0x7374fa8)') called at /usr/share/perl5/EBox/GlobalImpl.pm line 689
eval {...} at /usr/share/perl5/EBox/GlobalImpl.pm line 687
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x68b6340)', 'progress', 'EBox::ProgressIndicator=HASH(0x686b888)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x686c9c8)', 'progress', 'EBox::ProgressIndicator=HASH(0x686b888)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30
2017/02/26 04:37:21 ERROR> GlobalImpl.pm:695 EBox::GlobalImpl::saveAllModules - Failed to restart dns after save changes: root command nsupdate -g -t 10 /var/lib/zentyal/tmp/g1QXiQP8NK failed.
Error output: update failed: NOTAUTH

Command output: .
Exit value: 2
2017/02/26 04:37:21 ERROR> GlobalImpl.pm:736 EBox::GlobalImpl::saveAllModules - The following modules failed while saving their changes, their state is unknown: dns  at The following modules failed while saving their changes, their state is unknown: dns  at /usr/share/perl5/EBox/GlobalImpl.pm line 736
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x68b6340)', 'progress', 'EBox::ProgressIndicator=HASH(0x686b888)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x686c9c8)', 'progress', 'EBox::ProgressIndicator=HASH(0x686b888)') called at /usr/share/zentyal/global-action line 32
eval {...} at /usr/share/zentyal/global-action line 30

Any help?

10
I've been using Zentyal for 2 years.

Now I got this error when I try to open Group Policy Management: a processing error occurred collecting data using this base domain controller

I'm using the latest version. Servers are completly updated...

Any hint?

11
Hi!

When I click "Synchronization" inside Users and Computers I get:

Code: [Select]
Run.pm:83 EBox::CGI::Run::run - Unable to load CGI: URL=Samba/View/Master CLASS=EBox::Samba::CGI::View::Master ERROR: Can't locate EBox/Samba/CGI/View/Master.pm in @INC (you may need to install the EBox::Samba::CGI::View::Master module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .) at (eval 843) line 2, <GEN0> line 245.
BEGIN failed--compilation aborted at (eval 843) line 2, <GEN0> line 245.

Hints?

12
Installation and Upgrades / Zentyal 4.1 - GUI Domain Options
« on: March 29, 2015, 11:49:32 pm »
Hi!

Upgraded to 4.1 version and now I can only see "Settings" inside Domain menu.

Before there was GPO options.

Is it a Bug?

13
Installation and Upgrades / Question About Reverse DNS
« on: March 22, 2015, 03:00:38 pm »
Hi!

I don't use Zentyal as DHCP server.

I would like to automatically update reverse zone with "Update Associated Pointer" option on RSAT but it's not working.

Is this even possible?

Thanks

14
Hi Guys!

I've been testing Zentyal for some time and I find an odd situation.

There are some kind of gpo settings that are not applied when the GPO is linked into an OU.

Example: setting a wallpaper with "administrative templates" or creating a folder via gpo.

Other types works everywhere. Example: Computer Configuration - > Preferences -> Windows Settings -> Shortcuts

Any explanation?

The very same GPO when applied to the root of the domain works.

When I run

 sudo samba-tool gpo aclcheck

Quote
params.c:pm_process() - Processing configuration file "/etc/samba/shares.conf"
ldb_wrap open of secrets.ldb
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element'
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/gpo.py", line 1150, in run
    ds_sd_ndr = m['nTSecurityDescriptor'][0]

Don't know if it's related...
Hints?

15
Fourtantly I had a backup of Zentyal VM.

Basically when I try to link a GPO into a OU (Via zentyal web gui) I get this log:

2015/03/13 13:17:13 ERROR> LDAPBase.pm:576 EBox::LDAPBase::_errorOnLdap - LDAP error: The request contained an invalid DN

and the web interface says:

Element not found

we're sorry

The request contains a reference to a element which doest not exists
If you typed the page address manually, please check it
Maybe the element was removed and the page address is not longer valid
It can be also a parameters cache error, in this case you can navigate again to the page using the left menu
If you need more help, you may want visit Zentyal homepage for documentation and mailing lists

This also breaks the hability to run RSAT to manage GPO.

After this error everytime I click "Domain Group Policy Links" it shows the error.

I can reproduce it over and over again because my Zentyal is a VM.

Pages: [1] 2