Recent Posts

Pages: [1] 2 3 ... 10
Dear team

IN Remote Server Administration Machine , IN GPO Section there is a default Domain Policy and in that i have edited policy for password ,

i-e if user attempts 3 invalid password then lock the user , but can't be implemented although other policies working for example USB

Please suggest

Faisal Abbas
Thanks for this information

how can save this login logoff log

Faisal Abbas
Other modules / Re: Problems saving network data
« Last post by turalyon on May 18, 2022, 11:21:35 am »

Well, basically Apparmor is blocking the script that manages the DDNS feature. So, as the link explains, you have 2 alternatives:

1. Disable apparmor.
2. Tune the dhcpd profile of Apparmor.

Once you have applied one of those 2 solutions, I recommend you enable the debug in the script, so you can analyze each step until you confirm that it worked correctly. To do this, just add 'set -x' in the second line of the script located at '/usr/share/zentyal-dhcp/'.

Once you did all the above, try again to get a DHCP IP from a computer while you monitor the log file '/var/log/syslog'.

Code: [Select]
sudo tail -f /var/log/syslog

I hope it helps you.
Directory and Authentication / Re: Reverse PDC to BDC and BDC to PDC
« Last post by turalyon on May 18, 2022, 11:13:47 am »

Unfortunately, you cannot use roaming profile feature in a Zentyal server that was configured as an additional domain controller. Below are a few things you can try:

1. Retrieve the information of one domain user who uses the roaming profile.

Code: [Select]
ldbsearch -H /var/lib/samba/private.sam sAMAccountName=some_user_name

2. After you get that information, you will see an attribute that points to the 'old' server.

3. Through an LDIF file, change the value of that attribute for your current Zentyal. Below is an example:

Code: [Select]
## LDIF content
dn: CN=Gabriel Batistuta,CN=Users,DC=lab,DC=lan
changetype: modify
replace: profilePath
profilePath: \\additional.LAB.LAN\profiles\gabriel

## Command to apply the LDIF
ldbmodify -H /var/lib/samba/private/sam.ldb roaming-profile.ldif

NOTE: I didn't use this method for a while, so try it in a test environment.

4. Copy the domain user personal roaming folder to the other Zentyal server.

NOTE: Be careful with the permissions and the directory structure. It must the same on both servers.

5. Try to login with that domain user and check if it worked.

Hope it helps.

“This world is ours, and by the Holy Light we will keep it safe, now and forever".

You can get that information from the log file '/var/log/samba/samba.log'. So, the best approach is to create a shell script that search, parse and display the information as you want.

Below you have two commands that you can try to retrieve the information you are looking for:

Code: [Select]
## Login
grep -B 1 'connect to service netlogon' /var/log/samba/samba.log

## Logout
grep -B 1  -P 'closed connection to service (?!.*IPC|netlogon)' /var/log/samba/samba.log

“This world is ours, and by the Holy Light we will keep it safe, now and forever".
MY Question is

how we monitor Domain users LOGON and LOGOUT Events in Zentyal Server , although in Windows Server we just go to Event Viewer and see all

please reply

Faisal Abbas
Dear Zentyal

Issue resolved by Zentyal team

Directory and Authentication / Reverse PDC to BDC and BDC to PDC
« Last post by mdtech on May 17, 2022, 06:59:27 pm »

I have 2 6.2 Zentyal Server.  1 (older) is the Primary DC and the other (Newer) is an Additional DC.  I would like the New to be our primary and remove the old server.
sudo ./ad-migrate ran just fine.
But Roaming Profiles and and associated data remain with the old server. If i change the users default server all I get are temporary profiles on the workstations.

Spanish / VPN y DNS
« Last post by pabloayala1 on May 17, 2022, 12:22:13 am »
Hola a todos, resulta que tengo 2 servidores zentyal uno es controlador de dominio y el otro es un controlador de dominio adicional. Los servidores están en 2 oficinas remotas interconectadas con el servicio de VPN que ofrece Zentyal.

La ip del servidor principal es (en adelante segmento 1) y la del servidor secundario es (en adelante segmento 2)
Debajo del servidor tengo un servidor Issabel, entonces desde las ips del segmento 1 si puedo acceder via web al servidor debajo del segmento 2.

Debajo del segmento 1 tengo 2 servidores, 1 es servidor de issabel ( y otro un servidor donde tengo mi crm ( Sin embargo hay equipos a los que entro via web (puerto 80) (por ejemplo: y

Debo de entrar a estos equipos desde el segmento 2, sin embargo solo puedo entrar al
Los demas no me lo permiten, en la opcion de "Redirecciones de puertos" he redirigido el trafico que va al puerto 80 a la ip

Creen que sera por eso que los demas no me lo permiten?
Leyendo los logs del cortafuegos las ips 0.8, 0.9 y 0.4 dicen "Rechazado".

Ya lo movi de todo y no me funciona  :'( :'( :'( :'(
Other modules / Re: Problems saving network data
« Last post by mkugler on May 14, 2022, 11:23:09 am »
Hi, first of all thank you very much for your help, I was on vacation for 2 weeks now so I couldn't get back to you. The problem with the antivirus I could solve by changing the path, the 2nd part I unfortunately do not understand exactly, how was the file called, must this be linked, can you help me here please again. Thanks in advance.

Antivirus changes: at '/lib/systemd/system/zentyal.antivirus-clamonacc.service' - Path to '/usr/sbin/'

sudo systemctl daemon-reload
sudo zs antivirus restart
Regarding the memory problem, I created a file named "dhcpd" and stored the information from the link.
This is probably not correct, since the problem persists and I have not found any other solution on the Internet. Would you have another idea.

Many Thanks in advanced

Pages: [1] 2 3 ... 10