Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - fmoreira86

Pages: [1] 2 3
1
Directory and Authentication / Goal of idmap.ldb and RFC 2307 with zentyal
« on: December 22, 2022, 11:06:54 am »
Hello,

I've two questions

- One of my installs, idmap.ldb has arround 58 records however I've more AD objects than that. Since Zentyal uses RFC 2307 why do we need idmap.ldb? How is it populated?
- As I said, Zentyal uses RFC 2307, and I can see that it manages uidnumber, gidnumber, etc automatically. Lets supposed that you join zentyal to a domain where some objects already have some uidnumbers and gidnumbers. How does it deal with that?

Cheers

2
Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: December 21, 2022, 09:44:22 pm »
Yep!

I also confirm!



3
Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: November 05, 2022, 07:12:52 pm »
Hello,

I just configured my own Ubuntu Servers with Samba 4.17.2.

You have good documentation here:

https://samba.tranquil.it/doc/en/samba_config_server/samba_conf_index.html#samba-ad-under-debian

And if you use Ubuntu Server 22.02 like I do, you can use this repo:

https://launchpad.net/~linux-schools/+archive/ubuntu/samba-latest

So this is my goodbye to Zentyal as, in fact, I prefer my own configurations and to have a better control.

Thank you everyone!


4
I didn't have any problem since I made this config.


5
Solution:

vfs objects = acl_xattr full_audit

6
I was trying to do this procedure:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRhCAK

Basically it would allow my firewall to identify the users based on the samba4 logs.

You've to add this:

  syslog = 3
        vfs object = full_audit
        full_audit:success = connect
        full_audit:failure = disconnect
        full_audit:prefix = %u %I | %S
        full_audit:facility = local5

To smb.conf.

I added to /usr/share/zentyal/stubs/samba/smb.conf.mas , rebooted the server and the logs work.

However if I try to create a GPO via RSAT, with this configuration, I get "This security ID may not be assigned as the owner of this object"

Pretty much like this report:

https://lists.samba.org/archive/samba/2017-April/207962.html

Any hint?

Thank you!

7
Directory and Authentication / Re: Changing .local to .com Domain
« on: December 28, 2021, 06:42:38 pm »
Thanks!

What about GPOs?

Also, would it be possible to keep the same account settings at workstations after joining the "new" domain?

Thanks

8
Directory and Authentication / Changing .local to .com Domain
« on: December 27, 2021, 01:23:41 pm »
Hello,

Is it possible to change the AD domain from .local to .com (this is purely Zentyal infrastructure)?

Thanks!

9
Installation and Upgrades / Problems with DNS on 7.0
« on: March 10, 2021, 04:18:19 am »
Hi!

So I upgraded to 7.0.

Everything looked ok till I found that DNS is not replicating and that my machines can't update their records.
Also found that some external records just won't resolve it's ip's.

If I add a record manually at one DC the record won't replicate to other DC's.

I've 4 DC's (all zentyal 7.0)

Some logs:

Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: ldb: replmd_add: unable to find invocationId
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz:
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: failed to modify DC=XXXDSK04,DC=XXX.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=XXX,DC=local - WERR_GEN_FAILURE
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: cancelling transaction on zone XXX.local


I also have some logs like this:

DNS format error from 208.67.222.222#53 resolving brightcloud.com/DS: invalid response

Please help.

EDIT: Also Domain objects are not replicating. If I do a samba-tool drs replicate with  --full-sync it it's synced.
EDIT2: Just reverted to Zentyal 6.2.7. This is not ready for prime time.

10
Hi!

On your Windows domain machine do on a CMD ipconfig /registerdns.

A Record will be updated correctly.

Reverse record will NOT.

In my example my workstation is 192.168.21.41 / 24
however in the syslog it shows up this:

client @0x7f2754100c10 192.168.21.41#50367: updating zone '168.192.in-addr.arpa/IN': update failed: not authoritative for update zone (NOTAUTH)

The correct zone should be 21.168.192.in-addr.arpa I believe.
By the way, my DC's are in different networks than my workstations.

The zone 21.168.192.in-addr.arpa exists. It was created via samba-tool and I also tried via RSAT. Same results.

Thanks!

11
Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: December 08, 2018, 10:57:17 pm »
Hi!

Tried that and kill some process at time.

The machine upgraded sucessfully.

I've other machine that is stuck on:

Setting up zentyal-core (6.0.1) ...
Installing new version of config file /etc/cron.daily/zentyal ...


any idea? :(

12
Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: November 30, 2018, 09:43:10 pm »
nothing?

13
Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: November 26, 2018, 10:44:53 am »
You mean stop DNS?

I tried it and it kept stuck.

14
Installation and Upgrades / Stuck Upgrading from 5.1.3 to 6.0
« on: November 25, 2018, 02:32:55 am »
Hi,

I'm getting stuck here:

2018/11/25 00:50:47 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: dns
2018/11/25 00:50:48 INFO> DNS.pm:91 EBox::DNS::appArmorProfiles - Setting DNS apparmor profile


Any hint?

15
When is the button gonna be available?

Pages: [1] 2 3