Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / [SOLVED] [samba] Error open file [...] NT_STATUS_ACCESS_DENIED
« on: April 25, 2011, 03:12:42 pm »
Hi,
I've a weird problem with samba. When I'm connected with the VPN (not yet tested on site), I cannot open a file I have just created.
So, I open my personal folder (idem with shared folders), create a new file "test.txt", open it, write a sentence, save it and exit. No problem. Now, when I try to open it again I have a permission problem...
I've activated the log of samba (log level = 3) and in the log:
But I can still, rename the file, move it and delete it without any error. I just cannot open it again?!?
I've check the ACL before and after the first edit. No change:
I've this problem with the PDC enable or not. And the problem is the same using the samba Ubuntu client or with a Windows XP box.
I still need to test this on site without VPN tomorrow.
Any help greatly will be greatly appreciate.
I've a weird problem with samba. When I'm connected with the VPN (not yet tested on site), I cannot open a file I have just created.
So, I open my personal folder (idem with shared folders), create a new file "test.txt", open it, write a sentence, save it and exit. No problem. Now, when I try to open it again I have a permission problem...
I've activated the log of samba (log level = 3) and in the log:
Code: [Select]
[...] smbd/open.c:424(open_file)
Error opening file new.txt (NT_STATUS_ACCESS_DENIED) (local_flags=0) (flags=0)
[...] smbd/error.c:60(error_packet_set)
error packet at smbd/error.c(136) cmd=45 (SMBopenX) NT_STATUS_ACCESS_DENIEDBut I can still, rename the file, move it and delete it without any error. I just cannot open it again?!?
I've check the ACL before and after the first edit. No change:
Code: [Select]
# getfacl new.txt
# file: new.txt
# owner: dmoraine
# group: __USERS__
user::rwx
group::r--
other::r--
I've this problem with the PDC enable or not. And the problem is the same using the samba Ubuntu client or with a Windows XP box.
I still need to test this on site without VPN tomorrow.
Any help greatly will be greatly appreciate.
2
Installation and Upgrades / [HOWTO] Mailman
« on: April 17, 2011, 04:33:04 pm »
Hi,
I've finally successfully installed Mailman on my Zentyal box. As requirement you must have a sub-domain dedicated to yours mailing lists (ex: lists.domain.com). Edit: This sub-domaincan not must be referred as a Virtual domain aliase in the Zential web administration (if not, you'll see Relay access denied in mail log).
This has been tested on a system without Zarafa installed. If you do have Zarafa installed further tests must be done.
There're quite a lots of files to modify. So let's go step-by-step...
First of all, install mailman package:
Create the required mailman list:
Check your mailman installation (check permission file) :
if there are errors, type :
Create the file /etc/apache2/conf.d/mailman-apache.conf
Next, modify mailman configuration. Here are the relevant parameters:
/etc/mailman/mm_cfg.py
Postfix must now be informed that we're going to use mailman. We have to modify the stubs files of Zential:
/usr/share/ebox/stubs/mail/main.cf.mas
And:
/usr/share/ebox/stubs/mail/transport.mas
Force the templates to be redeployed by restarting the Mail on the Zential dashboard.
You can now create your own mailing list via the web interface (http://.../mailman) or with the command line newlist.
Feedbacks are welcome!!!
I've finally successfully installed Mailman on my Zentyal box. As requirement you must have a sub-domain dedicated to yours mailing lists (ex: lists.domain.com). Edit: This sub-domain
This has been tested on a system without Zarafa installed. If you do have Zarafa installed further tests must be done.
There're quite a lots of files to modify. So let's go step-by-step...
First of all, install mailman package:
Code: [Select]
$ sudo aptitude install mailmanCreate the required mailman list:
Code: [Select]
$ newlist mailmanCheck your mailman installation (check permission file) :
Code: [Select]
$ cd /usr/lib/mailman
$ sudo bin/check_permsif there are errors, type :
Code: [Select]
$ sudo bin/check_perms –fCreate the file /etc/apache2/conf.d/mailman-apache.conf
Code: [Select]
#------------------------------------------------------------
# mailman
#------------------------------------------------------------
# We can find mailman here
ScriptAlias /cgi-bin/mailman /usr/lib/cgi-bin/mailman
# And the public archives:
Alias /pipermail/ /var/lib/mailman/archives/public/
Alias /mailman/public /var/lib/mailman/archives/public
# Logos:
Alias /images/mailman/ /usr/share/images/mailman/
# Redirect to mailman start page
RedirectMatch ^/mailman[/]*$ /cgi-bin/mailman/listinfo
<Directory /usr/lib/cgi-bin/mailman>
Options ExecCGI
AllowOverride None
order deny,allow
deny from all
allow from all
</Directory>
<Directory /var/lib/mailman/archives/public>
Options Indexes Includes FollowSymLinks
order deny,allow
deny from all
allow from all
</Directory>
<Directory /usr/share/images/mailman/>
AllowOverride None
Order allow,deny
Allow from all
</Directory>Next, modify mailman configuration. Here are the relevant parameters:
/etc/mailman/mm_cfg.py
Code: [Select]
DEFAULT_EMAIL_HOST = 'lists.domain.com'
DEFAULT_URL_HOST = 'lists.domain.com'
[...]
MTA='Postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS = ['lists.domain.com']Postfix must now be informed that we're going to use mailman. We have to modify the stubs files of Zential:
/usr/share/ebox/stubs/mail/main.cf.mas
Code: [Select]
[...]
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
[...]
virtual_alias_maps = ldap:valiases, hash:/var/lib/mailman/data/virtual-mailman
[...]
# Mailman
owner_request_special = no
mailman_destination_recipient_limit = 1
transport_maps = hash:/etc/postfix/transport
And:
/usr/share/ebox/stubs/mail/transport.mas
Code: [Select]
[...]
lists.domain.com mailman:Force the templates to be redeployed by restarting the Mail on the Zential dashboard.
You can now create your own mailing list via the web interface (http://.../mailman) or with the command line newlist.
Feedbacks are welcome!!!
3
Installation and Upgrades / [Howto] Mediawiki with LDAP authentication
« on: April 15, 2011, 11:28:56 am »
Hi,
This quick howto will help you to restrict the access of your Mediwiki to known Zentyal users.
In this sample, the user must be member of any Zentyal Group1 or Group2 (cf. $wgLDAPRequiredGroups).
First, you need to install the mediawiki-extensions:
Edit: Enable the module with:
Append the following code to /etc/mediawiki/LocalSettings.php and change all "dc=domain,dc=lan" with your Base DN:
That's all.
This quick howto will help you to restrict the access of your Mediwiki to known Zentyal users.
In this sample, the user must be member of any Zentyal Group1 or Group2 (cf. $wgLDAPRequiredGroups).
First, you need to install the mediawiki-extensions:
Code: [Select]
sudo aptitude install mediawiki-extensionsEdit: Enable the module with:
Code: [Select]
$ mwenext LdapAuthentication.phpAppend the following code to /etc/mediawiki/LocalSettings.php and change all "dc=domain,dc=lan" with your Base DN:
Code: [Select]
#######################
# LDAP Authentication #
#######################
$wgAuth = new LdapAuthenticationPlugin();
//The names of one or more domains you wish to use
$wgLDAPDomainNames = array("zentyal");
//The fully qualified name of one or more servers per domain you wish to use.
$wgLDAPServerNames = array("zentyal"=>"localhost");
//The type of encryption you would like to use when connecting to the LDAP server.
//Available options are "tls", "ssl", and "clear"
//Default: tls
$wgLDAPEncryptionType = array("zentyal"=>"clear");
//Base DNs. Group and User base DNs will be used if available; if they are not defined, the search
//will default to $wgLDAPBaseDNs
$wgLDAPBaseDNs = array("zentyal"=>"dc=domain,dc=lan");
//The search string to be used for straight binds to the directory; USER-NAME will be
//replaced by the username of the user logging in.
$wgLDAPSearchStrings = array("zentyal"=>"uid=USER-NAME,ou=Users,dc=domain,dc=lan");
//Munge the case of the username to lowercase when doing searches in groups
//Default: false
$wgLDAPLowerCaseUsername = array("zentyal"=>true);
//The objectclass of the groups we want to search for
$wgLDAPGroupObjectclass = array("zentyal"=>"eboxGroup");
//The attribute used for group members
$wgLDAPGroupAttribute = array("zentyal"=>"memberUid");
//The naming attribute of the group
$wgLDAPGroupNameAttribute = array("zentyal"=>"cn");
//An array of the groups the user is required to be a member of.
$wgLDAPRequiredGroups = array(
"zentyal"=>array(
"cn=Group1,ou=Groups,dc=domain,dc=lan",
"cn=Group2,ou=Groups,dc=domain,dc=lan")
);
//Option for getting debug output from the plugin. 1-3 available. 1 will show
//non-sensitive info, 2 will show possibly sensitive user info, 3+ will show
//sensitive system info. Setting this on a live public site is probably a bad
//idea.
//Default: 0
$wgLDAPDebug = 0;
$wgDebugLogGroups["ldap"] = "/tmp/mediawiki-debug.log" ;
//Don't automatically create an account for a user if the account exists in LDAP
//but not in MediaWiki.
//Default: false.
$wgLDAPDisableAutoCreate = array("zentyal"=>false);
# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = false;
$wgGroupPermissions['*']['createaccount'] = false;
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
$wgGroupPermissions['*']['createtalk'] = false;
$wgGroupPermissions['*']['createaccount'] = false;
# But allow them to access the login page or else there will be no way to log in!
# NOTE: You also need to provide access here to the .css and .js files that the
# allowed pages attempt to load; otherwise, users will get errors on the page
# when they attempt to load it (IE will complain about the errors;
# FF will show them in its error console)
# [You also might want to add access to "Main Page", "Wikipedia:Help", etc.)
$wgWhitelistRead = array ("Special:Userlogin", "MediaWiki:Common.css", "MediaWiki:Common.js", "MediaWiki:Monobook.css", "MediaWiki:Monobook.js", "-", "Main Page");
That's all.
4
Installation and Upgrades / [Mail] Changing hostname
« on: April 14, 2011, 06:33:20 pm »
Hi all,
I need to change the hostname but I can't get access to Mail --> General after this change.
I've tried to uninstall (+ purge) all email modules and reinstall them. Problem stays...
I'm running out of solution. Any help greatly appreciate.
Regards
I need to change the hostname but I can't get access to Mail --> General after this change.
Code: [Select]
$ tail /var/log/ebox/error.log
[...]
hostname: Name or service not knownI've tried to uninstall (+ purge) all email modules and reinstall them. Problem stays...
I'm running out of solution. Any help greatly appreciate.
Regards
Pages: [1]