Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Serious 3.5 problem!
« on: August 15, 2014, 03:42:44 pm »
I found a serious flaw in 3.5 and I think this is causing all my current 3.5 challenges.
They removed something with 3.5 to clean things ups regarding LDAP, but in my opinion something was forgotten. Let me try to explain.
I had a 24x7 server running, which cost me a fortune on electricity, so I decided to buy a Zotac ID42 and use Zentyal as my home BDC, Internet gateway, proxy server, ad blocker etc.
I have my PDC running in a virtual 2008 R2 system and I finally managed with many reinstalls to get a working Zentyal 3.3. An upgrade to 3.4 worked just fine, but problems started happening again as soon as I executed the 3.5 upgrade. I managed to overcome this by a clean install, but the upgrade or me (?) corrupted my pdc. Because my PDC now thought it was a BDC. After several dcdiag and ntdsutil actions, I recovered my original PDC and making Zentyal the BDC finally worked again!
This is not a Corperate environment, just my Home setup, but something could happen in a Corperate environment too.
With 3.3 and 3.4, I was able to shutdown my 230 watt consuming server, during the times that there was no electricity coming from my solar panels. With 3.5, when my PDC is down, lots of services, like http proxy and web server fail as soon as I make a change and save changes or after an update and reboot.
The zentyal log now (!) shows that these services are unable to reach my PDC, this while Zentyal itself is a BDC!!! As I said with 3.3 and 3.4 THIS WAS NOT A PROBLEM!!! Now it suddenly is!
My geuss is somebody hardcoded a PDC address somewhere, while in my opinion any LDAP related query should be handled by the BDC, if the PDC is not available!!! With 3.5 this is not happening, with 3.3 and 3.4 it was!
This can simply be replicated, if you have just 1 PDC and Zentyal is your BDC, remove the network cable from your PDC and reboot 3.5. HTTP proxy will fail to start, at least it does at my end ;-)
They removed something with 3.5 to clean things ups regarding LDAP, but in my opinion something was forgotten. Let me try to explain.
I had a 24x7 server running, which cost me a fortune on electricity, so I decided to buy a Zotac ID42 and use Zentyal as my home BDC, Internet gateway, proxy server, ad blocker etc.
I have my PDC running in a virtual 2008 R2 system and I finally managed with many reinstalls to get a working Zentyal 3.3. An upgrade to 3.4 worked just fine, but problems started happening again as soon as I executed the 3.5 upgrade. I managed to overcome this by a clean install, but the upgrade or me (?) corrupted my pdc. Because my PDC now thought it was a BDC. After several dcdiag and ntdsutil actions, I recovered my original PDC and making Zentyal the BDC finally worked again!
This is not a Corperate environment, just my Home setup, but something could happen in a Corperate environment too.
With 3.3 and 3.4, I was able to shutdown my 230 watt consuming server, during the times that there was no electricity coming from my solar panels. With 3.5, when my PDC is down, lots of services, like http proxy and web server fail as soon as I make a change and save changes or after an update and reboot.
The zentyal log now (!) shows that these services are unable to reach my PDC, this while Zentyal itself is a BDC!!! As I said with 3.3 and 3.4 THIS WAS NOT A PROBLEM!!! Now it suddenly is!
My geuss is somebody hardcoded a PDC address somewhere, while in my opinion any LDAP related query should be handled by the BDC, if the PDC is not available!!! With 3.5 this is not happening, with 3.3 and 3.4 it was!
This can simply be replicated, if you have just 1 PDC and Zentyal is your BDC, remove the network cable from your PDC and reboot 3.5. HTTP proxy will fail to start, at least it does at my end ;-)
2
Installation and Upgrades / upgrade 3.4 to 3.5 failed
« on: August 01, 2014, 10:33:33 pm »
After finally managed to install 3.4 and running it for months successfully, i made the error to upgrade to 3.5 to soon. The upgrade seemed to run fine, but after a reboot a transparent proxy would not start. I had to uncheck it, for users to gain access to the internet without caching and rules.
The zentyal log complained about ldap, so I tried to recreate zentyal as a basic domain controller.
users and computers showed all users and computers in my domain before I started and in the end I got the basic Zential domain controller setup.
Like with 3.3 and 3.4 I now have again problems with making Zentyal an additional DC.
On my PDC I see my zentyal machine being added, but zentyal showes and error in the zentyal log with a text "Samba is not yet provisioned " and module users and computer is stopped and is not startable at all. Setting domain back to domain controller fixes everything except still the empty domain.
The 3.5 docs do not yet show how to rejoin a domain and what to remove on the Zentyal machine before attempting, like maybe removing all users from /home???
Does anybody already successfully rejoined a 3.5 with a Server 2008 R2 domain and wrote the steps down?
Thanks
Ron
The zentyal log complained about ldap, so I tried to recreate zentyal as a basic domain controller.
users and computers showed all users and computers in my domain before I started and in the end I got the basic Zential domain controller setup.
Like with 3.3 and 3.4 I now have again problems with making Zentyal an additional DC.
On my PDC I see my zentyal machine being added, but zentyal showes and error in the zentyal log with a text "Samba is not yet provisioned " and module users and computer is stopped and is not startable at all. Setting domain back to domain controller fixes everything except still the empty domain.
The 3.5 docs do not yet show how to rejoin a domain and what to remove on the Zentyal machine before attempting, like maybe removing all users from /home???
Does anybody already successfully rejoined a 3.5 with a Server 2008 R2 domain and wrote the steps down?
Thanks
Ron
3
Installation and Upgrades / Wrong domain when registering.
« on: April 07, 2014, 11:29:21 am »
Today I tried to register my Zentyal machine and although the correct name and domain are within System settings, the fqd is made up as nlamrt00.zentyal.me.
Within Users and Computers, ldap settings, I see root DN cn=zentyal,dc=nl1106,dc=eu ,
Read-only root DN cn=zentyalro,dc=nl1106,dc=eu
Why are these not cn=nlamrt00
And how can I correct it, although System, General, Hostname=nlamrt00 and domain=nl1106.eu
Within Users and Computers, ldap settings, I see root DN cn=zentyal,dc=nl1106,dc=eu ,
Read-only root DN cn=zentyalro,dc=nl1106,dc=eu
Why are these not cn=nlamrt00
And how can I correct it, although System, General, Hostname=nlamrt00 and domain=nl1106.eu
4
Installation and Upgrades / After ad-migrate and switch off orginal PDC no transparent proxy!
« on: March 26, 2014, 10:22:35 pm »
After a succesfull ad-migrate my Zentyal machine works perfect and users are able to access the internet and the filter profile works great. No more dirty pictures and unwanted popups.
All fishing stuff like doubleclick are denied, all is fine until I powerdown my orginal server with my previous PDC, IIS and database server. None of these machines are used by my Zentyal setup, except as hostnames.
The dns reference of my old PDC are also removed from my zentyal machine within dhcp and DNS, so???
As soon as I switch the server off, all internet access is gone or very very slow, until I disable transparent proxy, then all internet access works, but of course no filtering!
This morning I switched on the old server reenabled transparent proxy and all is fine again, leaving me clueless.
Regards
All fishing stuff like doubleclick are denied, all is fine until I powerdown my orginal server with my previous PDC, IIS and database server. None of these machines are used by my Zentyal setup, except as hostnames.
The dns reference of my old PDC are also removed from my zentyal machine within dhcp and DNS, so???
As soon as I switch the server off, all internet access is gone or very very slow, until I disable transparent proxy, then all internet access works, but of course no filtering!
This morning I switched on the old server reenabled transparent proxy and all is fine again, leaving me clueless.
Regards
5
Installation and Upgrades / Zentyal 3.3 recreate Zentyal BDC fails after 1st successfull join
« on: March 26, 2014, 10:07:56 pm »
Could somebody explain what exactly is updated within your PDC as soon as you join your Zentyal machine as an additional domain controller?
Within ADUC I see the Zentyal machine being added as domain controller,
I see a kerberos http-zentyal and mail-zentyal entry created and dns entries.
When I reinstall Zentyal 3.4 or 3.3, without restoring my PDC, I am unable to join.
If I delete the Zentyal dc within UDUC, it is created again as soon as I try to join, but no machines and users are created within the Zentyal machine and the join fails.
After a restore of the PDC and retrying the join, all goes fine, so???
Why does a rejoin fail without a restore and why is a second initial Zentyal Domain controller not setup as like as with a complete reinstall?
Using the command: sudo /usr/share/zentyal/unconfigure-module users gives me the install choice, but then also just an empty domain is created. No Zentyal machine is added to the new domain and also no guest account is created!
Thanks
Within ADUC I see the Zentyal machine being added as domain controller,
I see a kerberos http-zentyal and mail-zentyal entry created and dns entries.
When I reinstall Zentyal 3.4 or 3.3, without restoring my PDC, I am unable to join.
If I delete the Zentyal dc within UDUC, it is created again as soon as I try to join, but no machines and users are created within the Zentyal machine and the join fails.
After a restore of the PDC and retrying the join, all goes fine, so???
Why does a rejoin fail without a restore and why is a second initial Zentyal Domain controller not setup as like as with a complete reinstall?
Using the command: sudo /usr/share/zentyal/unconfigure-module users gives me the install choice, but then also just an empty domain is created. No Zentyal machine is added to the new domain and also no guest account is created!
Thanks
6
Installation and Upgrades / Zentyal 3.3 network performance
« on: March 25, 2014, 11:07:05 am »
Hi, some of you probably already read my 3.4 remarks and my final return to 3.3, but I forgot why I even tried 3.4. A few days after my successfull return to 3.3 I realised why.
I have a 150 MBs download and 10 MBs uploaded internet subscription and when I test the speed with speedtest.net or upc.nl/speedtest, I only get 67 MBs down and 10 MBs up, so <half of my download.
My traffic interface rules are, up 16384 Kb/s and down 163840 Kb/s the same as with 3.4.
With 3.4 I had full speed.
I could try Ubuntu network performance tips, because I found no Zentyal network tuning tips.
Any suggestions?
Thanks
Ron
I have a 150 MBs download and 10 MBs uploaded internet subscription and when I test the speed with speedtest.net or upc.nl/speedtest, I only get 67 MBs down and 10 MBs up, so <half of my download.
My traffic interface rules are, up 16384 Kb/s and down 163840 Kb/s the same as with 3.4.
With 3.4 I had full speed.
I could try Ubuntu network performance tips, because I found no Zentyal network tuning tips.
Any suggestions?
Thanks
Ron
7
Installation and Upgrades / Reopen: Zentyal 3.4 create bdc failing on?
« on: March 19, 2014, 08:06:18 pm »
With 3.3 i encountered usernames containing #, so I fixed these and I was able to reinstall 3.3 and make it a windows 2008 r2 BDC.
All 3.4 betas up until the last two daily builds and the GA (General Available) went fine at install time, but after a day they gave dns problems every time one day after successfull install or when I activated mail modules.
This morning I reinstalled again the 3.4 GA build and after 45 minutes I had a successfull running machine and people could browse the internet through this machine. All was fine and working until I tried to make it a BDC.
I got;
The following modules failed while saving their changes, their state is unknown: samba The following modules failed while saving their changes, their state is unknown: samba at Trace begun at /usr/share/perl5/EBox/GlobalImpl.pm line 735 EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x3d62678)', 'progress', 'EBox::ProgressIndicator=HASH(0x29f8168)') called at /usr/share/perl5/EBox/Global.pm line 95 EBox::Global::AUTOLOAD('EBox::Global=HASH(0x3d664b0)', 'progress', 'EBox::ProgressIndicator=HASH(0x29f8168)') called at /usr/share/zentyal/global-action line 32 eval {...} at /usr/share/zentyal/global-action line 30
Within my pdc I saw the machine being created as domain controller and also within my domain dns a dns-account was created. (see attached zentyal.log)
The attached log was created after I did a sudo apt-get remove zentyal-samba and reinstall.
Before this final try, I already reinstalled 3 times today, everytime with the same result.
Although IBM and microsoft certified, I am unable to understand why things are failing.
I bet, if I try 3.3 all will go just fine, as before, so???
Who can hint me on how to determine and repait this?
Thanks
Ron
All 3.4 betas up until the last two daily builds and the GA (General Available) went fine at install time, but after a day they gave dns problems every time one day after successfull install or when I activated mail modules.
This morning I reinstalled again the 3.4 GA build and after 45 minutes I had a successfull running machine and people could browse the internet through this machine. All was fine and working until I tried to make it a BDC.
I got;
The following modules failed while saving their changes, their state is unknown: samba The following modules failed while saving their changes, their state is unknown: samba at Trace begun at /usr/share/perl5/EBox/GlobalImpl.pm line 735 EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x3d62678)', 'progress', 'EBox::ProgressIndicator=HASH(0x29f8168)') called at /usr/share/perl5/EBox/Global.pm line 95 EBox::Global::AUTOLOAD('EBox::Global=HASH(0x3d664b0)', 'progress', 'EBox::ProgressIndicator=HASH(0x29f8168)') called at /usr/share/zentyal/global-action line 32 eval {...} at /usr/share/zentyal/global-action line 30
Within my pdc I saw the machine being created as domain controller and also within my domain dns a dns-account was created. (see attached zentyal.log)
The attached log was created after I did a sudo apt-get remove zentyal-samba and reinstall.
Before this final try, I already reinstalled 3 times today, everytime with the same result.
Although IBM and microsoft certified, I am unable to understand why things are failing.
I bet, if I try 3.3 all will go just fine, as before, so???
Who can hint me on how to determine and repait this?
Thanks
Ron
8
Installation and Upgrades / solved: domain account userid missing?
« on: March 02, 2014, 01:38:26 pm »
Hi, I have an Asus P6TWS with 24 gig of memory, 2xsas 147 GIG RAID1 and 6 x 1TB Sata RAID5, running Server 2008 R2 with Hyper-v.
After using it for 4 years it's time to replaced it, also because it is using 200 watt 24x7.
I now have a Zotac ID42 which only uses 38 watt, including a WD 3TB USB3 disk.
I worked for 21 years for ca.com, so my userid naming is still from that time.
Naming convention was/is first three characters from lastname, 2 characters from first name and a two position sequence number. So my userid is nubro01.
I started with Installing Zentyal 3.3 and used of course nubro01 as system account for the first install.
After I successfully joined my PDC with Zentyal 3.3, I noticed that all my users where present, except nubro01!
Ok, a reinstall and I used nubro00 as system account, that made no difference, still nubro01 was not replicated.
Then I made the beginners mistake to create nubro01 on the zentyal 3.3 server, resulting in a new nubro01 being created within the whole domain and with a NEW SID, of course!!!
Before I found that out, all my userprofiles where recreated with the new SID on all machines that I logged in to.
Restoring the virtual disk of my PDC and removing all windows registery profile referenes for the new SID, seemed to be the only solution that worked to repair everything to the starting position.
I now tried Zentyal 3.4 feb25 build and I am still stuck with the same problem.
Any account that I create on my pdc is replicated to my zentyal bdc, any change to any userid is replicated, except that nubro01 account, it will not replicate, despited the fact that I changed/removed it from all OU's that might conflict. nubro01 is exactly the same, member wise, as for instance bakce01, which is replicated and also a member of domain admin and users.
I hope this sound familiar to someone and that you can give me a hint on resolving this, with the correct shell commands to investigate and resolv and so that I keep my original SID and without a reinstall. ;-)
Regards
Ron
After using it for 4 years it's time to replaced it, also because it is using 200 watt 24x7.
I now have a Zotac ID42 which only uses 38 watt, including a WD 3TB USB3 disk.
I worked for 21 years for ca.com, so my userid naming is still from that time.
Naming convention was/is first three characters from lastname, 2 characters from first name and a two position sequence number. So my userid is nubro01.
I started with Installing Zentyal 3.3 and used of course nubro01 as system account for the first install.
After I successfully joined my PDC with Zentyal 3.3, I noticed that all my users where present, except nubro01!
Ok, a reinstall and I used nubro00 as system account, that made no difference, still nubro01 was not replicated.
Then I made the beginners mistake to create nubro01 on the zentyal 3.3 server, resulting in a new nubro01 being created within the whole domain and with a NEW SID, of course!!!
Before I found that out, all my userprofiles where recreated with the new SID on all machines that I logged in to.
Restoring the virtual disk of my PDC and removing all windows registery profile referenes for the new SID, seemed to be the only solution that worked to repair everything to the starting position.
I now tried Zentyal 3.4 feb25 build and I am still stuck with the same problem.
Any account that I create on my pdc is replicated to my zentyal bdc, any change to any userid is replicated, except that nubro01 account, it will not replicate, despited the fact that I changed/removed it from all OU's that might conflict. nubro01 is exactly the same, member wise, as for instance bakce01, which is replicated and also a member of domain admin and users.
I hope this sound familiar to someone and that you can give me a hint on resolving this, with the correct shell commands to investigate and resolv and so that I keep my original SID and without a reinstall. ;-)
Regards
Ron
9
Installation and Upgrades / Zentyal 3.4 wrong domain name
« on: February 24, 2014, 01:27:36 pm »
Hi,
My original Zentyal 3.3 installed very well, but when testing my speed with http://speedtest.net I noticed that from my 150\10 Mbps speed I only got 90/10 Mbps. Long story short I decided to try 3.4.
I have a Zotac ID42 with 12 GIG of memory, 1 x Samsung SSD 240 gig and a WD 3TB mybook on USB3.
Install went fine, but when I try to add this new install to my existing windows 2008 R2 domain, I see that suddenly my zentyal domain is that of my eth1 connection, which is my provider! The name of the provider is ARNHEM.CHELLO.NL
My intranet is on eth0 and when I try to add this box as additional domain controller, it complains that is should be the same as ARNHEM. Any suggestions on how to fix this and how to correct the REALM? 3.3 had no problems with this. What conf file can I manually change?
By the way, 3.4 doesn't come up with the mount options, so I was unable to add noatime, for the ssd at install time and I had to do it manually later on.
Regards
Ron
My original Zentyal 3.3 installed very well, but when testing my speed with http://speedtest.net I noticed that from my 150\10 Mbps speed I only got 90/10 Mbps. Long story short I decided to try 3.4.
I have a Zotac ID42 with 12 GIG of memory, 1 x Samsung SSD 240 gig and a WD 3TB mybook on USB3.
Install went fine, but when I try to add this new install to my existing windows 2008 R2 domain, I see that suddenly my zentyal domain is that of my eth1 connection, which is my provider! The name of the provider is ARNHEM.CHELLO.NL
My intranet is on eth0 and when I try to add this box as additional domain controller, it complains that is should be the same as ARNHEM. Any suggestions on how to fix this and how to correct the REALM? 3.3 had no problems with this. What conf file can I manually change?
By the way, 3.4 doesn't come up with the mount options, so I was unable to add noatime, for the ssd at install time and I had to do it manually later on.
Regards
Ron
Pages: [1]