Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - doncamilo

Pages: 1 2 [3] 4 5 ... 32
31
Directory and Authentication / Re: up-to-date Samba on Zentyal?
« on: December 09, 2020, 09:51:53 am »
 :)

Don't do it! You'll break the package's consistency. Wait for the 7.0 version. Zentyal 7.0 will run Ubuntu Focal, so, Samba 4.11.

Cheers!

32
 :)

Did you join the Zentyal server to a domain managed by Ms. Windows Server? The Windows Server schema should have being authomatically applyed to samba.

Your samba server doesn't include in his schema the Microsoft class "CN=Remote-Storage-Service-Point,...". https://docs.microsoft.com/en-us/windows/win32/adschema/c-remotestorageservicepoint 

Read this samba official document https://wiki.samba.org/index.php/Samba_AD_schema_extensions carefully and make a complete backup of your domain controllers before proceeding. Actually do it in a test lab before proceeding on production server.

Bear in mind that you have to use the Zentyal templates to customize the smb.conf file. Read the Zentyal official documentation https://doc.zentyal.org/en/appendix-c.html#stubs.

You should make a little google research in order to check the existance of other sysadmins applying this samba4 scheme extension.

Count on me if you need some more help :)

Cheers!


33
Installation and Upgrades / Re: Gmail connection DROP
« on: November 27, 2020, 10:32:12 am »
 :)

Use the iptables-save command to know the rules that iptables is applying:

Code: [Select]
sudo iptables-save
Zentyal introduces some hidden rules, study carefully the output of this command. I recommend you learn the use of the HPING3 program. It's invaluable in order to check firewalls.

Cheers!

34
Installation and Upgrades / Re: Zentyal: how to configure SSH
« on: November 27, 2020, 10:01:16 am »
 :)

Use ssh-copy-id to transfer de needed key to your Zentyal user.

Code: [Select]
ssh-copy-id zendmin@192.168.1.40
The .ssh and the authorized_keys will be authomatically created.

Cheers!

35
 :)

Regarding your question, I think that there's no easy way of updating the Webadmin > Domain panel :P https://doc.zentyal.org/en/directory.html#total-migration

Cheers!

36
Directory and Authentication / Re: Samba issue with scan printer
« on: November 25, 2020, 10:18:34 am »
 :)

Did you check the firmware of the printer? It should exist an update to support non deprecated protocols. NT1 will weak the security of your domain.

Regarding your question, paste here the logs.

Cheers!

37
Installation and Upgrades / Re: Zentyal: how to configure SSH
« on: November 25, 2020, 10:04:45 am »
 :)

The authorized keys are stored by default in ~/.ssh/authorized_keys for each of the users.

Cheers!




38
 :)

Thank you!

This issue is really annoying  :P

Cheers!

39
 :)

The PDC is refusing to create the new ADC DNS records.
Did you check the logs of the Windows Server? Please, paste here the events regarding this issue.

Cheers!

40
Directory and Authentication / Re: GPO script logon not working?
« on: November 25, 2020, 09:41:26 am »
 :)

Try adding  "Authenticated users" and "Domain computers" with "read" permission in the GPO Delegation tab.

Cheers!

41
Directory and Authentication / Re: GPO script logon not working?
« on: November 23, 2020, 11:52:14 am »
 :)

Microsoft has removed this feature from GPO. Read this https://www.grouppolicy.biz/2014/05/group-policy-preferences-password-behaviour-change-ms14-025/  ???

My Windows clients have this patch applied, so, they don't apply this GPO. Actually, I can't either edit the password fields in the gpedit.

Let me know if you want that I make some trials by removing the patch.

Cheers!

42
 :)

You should try to do it by hand https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory Zentyal will read the samba database when rebooting after joining to the domain.

Cheers!

43
:)

1 Backup!

1.1 Backup!

1.2  Read https://wiki.samba.org/index.php/Transferring_and_Seizing_FSMO_Roles
(Zentyal provides the /usr/share/zentyal-samba/ad-migrate that manages this operation)

Bear in mind that the Webadmin Domain panel will be outdated Don't change anything here! https://doc.zentyal.org/en/directory.html#total-migration

2 Your initial problem was probably fixable by creating a new dns.keytab with this command:

Code: [Select]
samba-tool domain exportkeytab dns.keytab --principal=dns-$(hostname)

(I've never seen before the setexpiry command crashing a kerberos principal. Could you paste here the logs?)

In order to fix your issue read this: https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable In spite of your previous experience, temporarily changing the DNS Back End, should fix your issue (I have done it in a VM right now and it fixed the dns-$(hostname) which password I changed manually just before) Try it in a VM before to proceed in production!

You can check the fix this way:

Code: [Select]
samba_dnsupdate --verbose --all-names
Cheers!






44
 :P

Each one of the Zentyal versión is bounded to one Ubuntu LTS version. Your system is probably broken because Zentyal uses the ubuntu packages provided by the Ubuntu host version and Zentyal 6.2 isn't prepared to run on Focal but on Bionics.

The next Zentyal version, which should be quickly released,  will run on Ubuntu Focal, but it doesn't change your situation. Your system is broken.

I'm sorry but, IMHO, you have to make a fresh install of your Zentyal 6.2.

Cheers!

45
Directory and Authentication / Re: folder rights assignment error
« on: November 20, 2020, 03:39:53 pm »
 :)

Try to create groups of users instead of defining permissions one by one, and use these groups to configure the acl's in the file-sharing module..
When you'll save the changes Zentyal will regenerate the acl's of the folders.

Cheers!

Pages: 1 2 [3] 4 5 ... 32