Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Gilberto Ferreira

Pages: [1] 2 3 ... 35
1
Hi
It turns out that the DHCP was misconfigured since it sent the wrong DNS server, the gateway one not the main samba server.
After changing it, now everything is working fine.

Thanks.

2
Just to clarify a bit, I am send some images.

Domain settings in the srv01 - zentyal 4



Users and computers in the srv01 - zentyal 4



Domain settings in the srv02 - zentyal 8



Users and computers in the srv02 - zentyal 8


3
Hi there.
I have two samba servers, let's say srv01 and srv02. For that matter, both are Zentyal Server 4 and 8, respectively.
In the srv01 there is samba version 4.1, which is in the network 182.168.200.0/24, and which is by the way also the gateway to both network.
In the srv02 there is samba version 4.15, which is in the DMZ network 10.10.100.0/24
The first is an additional controller for the second.
Everything is working fine, except for machine sync.
Let me explain:
- Between these two samba servers, I have a Windows 2022 server. I was able to put Windows 2022 in the samba domain without any problems, which was a bit of surprise to me, since I always used to install SMB1v and SMB2v, first and then add the Windows server into the samba domain.
- I can log in into the Windows 2022 server using the domain account created in the server with samba 4.15
- In fact users created in both samba servers appear on both servers.
- With pdbedit --list I can see the following:
srv01:
pdbedit --list
...
...
SRV01$:4294967295:SRV01$
SRV02$:4294967295:
WINSRV01$:4294967295:
srv02:
pdbedit --list
...
...
SRV01$:3000020:SRV01$
SRV02$:3000022:

As you can see, the windows 2022 server was added in the srv01, which has samba 4.1.17 and does not appear in srv02, which has samba 4.15.13.
Based on that, I wonder if this is something to do with these different versions, before I seek some help with the Zentyal guys.
And I wonder if there is any way to force a sync between the two samba servers, in regard to the samba machines account.

Thanks in advance.

---
Gilbert

4
Installation and Upgrades / Re: saving webadmin module stuck on 100%
« on: March 13, 2023, 03:49:38 pm »
Well, I could make it work following https://github.com/zentyal/zentyal/issues/2100#issuecomment-1241931846

Installed with network cable out.
Logged in on the web admin, skipped installation of modules.

Plugged in cable.
In Zentyal, installed module Network

From terminal:
sudo apt update && apt upgrade

reboot

Now everything works

This works to me!
Thanks a lot!

5
Portuguese / Re: Problema com Openvpn site2site
« on: October 27, 2021, 09:18:33 pm »
RESOLVIDO! Bastou mudar minha lan de 172.16 e 172.18 para 192.168.100 e 192.168.200 e agora tudo está funcionando

6
SOLVED!

Just change my lan from 172.16 and 172.18 to 192.168.100 and 192.168.200 and now everything is work

7
Portuguese / Problema com Openvpn site2site
« on: October 27, 2021, 09:04:14 pm »
Olá pessoal

Estou tentando criar uma VPN usando 2 Zentyal server, virtualizado no VirttualBox.
No VBox criei duas redes de hospedeiro:

vboxnet0 - 192.168.56.0/24
vboxnet1 - 192.168.57.0/24

zentyal1
vboxnet0 - 192.168.152.0/24 - IP do zentyal 192.168.152.100 (Externa WAN)
inetnet1 - 172.16.0.0/24 - IP Zentyal LAN 172.16.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1

zentyal2
vboxnet0 - 192.168.157.0/24 - IP do zentyal 192.168.157.100 (Externa WAN)
inetnet1 - 172.18.0./24 - IP Zentyal LAN 172.18.0.10 (é o gateway da vm windows 7 que fica atrás do zentyal1

Eu consigo fechar o tunnel corretamente mas não pinga do zentyal1 para o zentyal2 na faixa do IP 172.16 ou 172.18.0
Nem nas vms windows 7 atrás desses zentyal eu consigo pingar um ao outro.

Estou deixando o padrão da rede da VPN que é 192.168.0.X em ambos os lados.
Se eu mudo esse padrão para 192.168.10.0 no zentyal1 e 192.168.20.0 no zentyal2 aí consigo pingar um ao outro e dos 2 servidores zentyal eu consigo pingar nas vms com Windows 7.
Mas não consigo acesso nenhum entre os Windows 7 atrás desses servidores.

Como estou usando meu laptop eu tive que colocar algumas regras de iptables pra permitir o nat entre meu IP fisico e as vms do Zentyal pra elas navegarem na internet

+ iptables -F
+ iptables -t nat -F
+ iptables -A INPUT -i lo -j ACCEPT
+ iptables -A INPUT -i vboxnet0 -j ACCEPT
+ iptables -A INPUT -i vboxnet1 -j ACCEPT
+ iptables -A OUTPUT -o lo -j ACCEPT
+ iptables -A OUTPUT -o vboxnet0 -j ACCEPT
+ iptables -A OUTPUT -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet0 -o vboxnet1 -j ACCEPT
+ iptables -A FORWARD -i vboxnet1 -o vboxnet0 -j ACCEPT
+ iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
+ iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT
+ iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
+ iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

8
Anybody??

9
Installation and Upgrades / Openvpn site2site in Virtualbox (LABHOME)
« on: October 21, 2021, 07:19:57 pm »
Hi there

I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.

I also have create two host network, like:

vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0

Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT

# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE

#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1

After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.

Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN

I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2

Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2

But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.

What I missing??
I appreciated for any help!

Thank you.




10
Hi there

I had a problem here, when install Sogo.
After installed all modules, I notice a message indicate that was need to run dpkg --configure -a in Linux console.
So I opned a ssh session and ran the above command.
But I get a lot o errors such as:
sudo  dpkg --configure -a
[sudo] password for administrador:
Configurando sogo:amd64 (5.0.1.20201214-1) ...
======= Important SOGo post-installation note =======

SOGo database schemas are _not_ automatically upgraded by
the packaging system.

Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.

More details can be found in the Upgrading section:
https://sogo.nu/files/docs/SOGoInstallationGuide.html#_upgrading

apache2_invoke: Enable configuration SOGo
apache2_reload: Your configuration is broken. Not reloading Apache 2
apache2_reload: AH00526: Syntax error on line 47 of /etc/apache2/conf-enabled/SOGo.conf:
apache2_reload: Invalid command 'ProxyRequests', perhaps misspelled or defined by a module not included in the server configuration
Job for sogo.service failed because the control process exited with error code.
See "systemctl status sogo.service" and "journalctl -xe" for details.
invoke-rc.d: initscript sogo, action "start" failed.
● sogo.service - LSB: SOGo server
     Loaded: loaded (/etc/init.d/sogo; generated)
     Active: failed (Result: exit-code) since Mon 2021-08-09 13:41:49 -03; 27ms ago
       Docs: man:systemd-sysv-generator(8)
    Process: 69909 ExecStart=/etc/init.d/sogo start (code=exited, status=1/FAILURE)

ago 09 13:41:48 srv01 systemd[1]: Starting LSB: SOGo server...
ago 09 13:41:49 srv01 sogo[69909]:  * Starting SOGo sogo
ago 09 13:41:49 srv01 sogo[69989]: /usr/sbin/sogod: Uncaught exception NSInvalidArgumentException, reason: Tried to add nil to array
ago 09 13:41:49 srv01 sogo[69990]: chown: cannot access '/var/run/sogo/sogo.pid': No such file or directory
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Control process exited, code=exited, status=1/FAILURE
ago 09 13:41:49 srv01 systemd[1]: sogo.service: Failed with result 'exit-code'.
ago 09 13:41:49 srv01 systemd[1]: Failed to start LSB: SOGo server.
dpkg: erro ao processar o pacote sogo:amd64 (--configure):
 o subprocesso instalado, do pacote sogo:amd64, o script post-installation retornou erro do status de saída 1
dpkg: problemas com dependências impedem a configuração de zentyal-sogo:
 zentyal-sogo depende de sogo (>= 5.0.1); porém:
  Pacote sogo:amd64 não está configurado ainda.

dpkg: erro ao processar o pacote zentyal-sogo (--configure):
 problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de zentyal-groupware:
 zentyal-groupware depende de zentyal-sogo; porém:
  Pacote zentyal-sogo não está configurado ainda.

dpkg: erro ao processar o pacote zentyal-groupware (--configure):
 problemas de dependência - deixando desconfigurado
dpkg: problemas com dependências impedem a configuração de sogo-activesync:
 sogo-activesync depende de sogo (= 5.0.1.20201214-1); porém:
  Pacote sogo:amd64 não está configurado ainda.

dpkg: erro ao processar o pacote sogo-activesync (--configure):
 problemas de dependência - deixando desconfigurado
A processar 'triggers' para libc-bin (2.31-0ubuntu9.2) ...
Erros foram encontrados durante o processamento de:
 sogo:amd64
 zentyal-sogo
 zentyal-groupware
 sogo-activesync

And Yes! My Linux box is in PT-BR.

But after some strogle I figure out that need to trigger two steps:

Step 1 - touch /var/run/sogo/sogo.pid

After this I was to apply apt -f install but Apache2 configuration was in error.

Step 2 - in order to finish the installation I was indeed need to activate the proxy Apache module using:

a2enmod proxy

Then, after this apache2conf configtest ran smootlhy.

Just wanna report this problem.


Thanks.



11
Portuguese / Re: Fazer máquina interna sair por outro IP externo.
« on: April 05, 2021, 04:31:04 pm »
Amigo geralmente esse direcionamento faço nas regras dos gateways, onde determino a saída de um determinado objeto ou IP da rede interna pelo gateway escolhido, se os dois roteadores ou modens da operadora estão na mesma faixa, muda eles pra uma faixa diferente.

É mas no caso eu tenho IPS publicos que estão todos na mesma faixa de rede, máscara e gateway.
Inclusive o Zentyal nem deixou eu criar uma 4 placa de rede com outro IP na mesma mascara. Achei estranho já que o IPFire aceitou.
Obrigado pela sua resposta.

12
Hello guys.

I need to create an iptables rule that causes an internal host to outgoing via a different public IP.
Let's say you have 2 public IPs:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee

The end ddd is standard.
The end eee would be the secondary.

It turns out that Zentyal, at least in version 6.2, does not let me insert a second network interface using the same network.
For example, eth0 has the ip aaa.bbb.ccc.ddd, eth1 and eth2 have internal IP's and eth3 would have the aaa.bbb.ccc.eee IP which would be the secondary one.
But when I try to insert the IP into eth3 he says that there is already an IP of that network configured in eth0!
So what I did was set up a virtual interface hanging on eth0 with the ip aaa.bbb.ccc.eee, type eth0: 1.
Then I tried to create an SNAT rule but it doesn't work. When I go to the internal host it still takes the default external IP aaa.bbb.ccc.ddd.

I installed an IPFIRE (www.ipfire.org) which is very simple and in it I managed to do it smoothly.
BTW, ​​it was from this IPFIRE that I took the rule of iptables.
I tried like this:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP / 32 -j SNAT --to-source aaa.bbb.ccc.eee

But without success!

Thanks to anyone who can help me.

13
Portuguese / Fazer máquina interna sair por outro IP externo.
« on: April 02, 2021, 04:01:32 pm »
Olá amigos

Eu preciso criar uma regra de iptables que faça com que um host interno sai por um IP publico diferente.
Digamos que tenha 2 IPs publicos:
aaa.bbb.ccc.ddd
aaa.bbb.ccc.eee

O final ddd é padrão.
O final eee seria o secundário.

Acontece que o Zentyal, pelo menos na versão 6.2 não me deixa inserir uma segunda interface de rede usando a mesma rede.
Por exemplo, a eth0 tem o ip aaa.bbb.ccc.ddd, a eth1 e eth2 tem IP's internos e a eth3 teria o IP aaa.bbb.ccc.eee que seria o secundário.
Mas quando tento inserir o IP na eth3 ele diz que ja existe um IP dessa rede configurado na eth0!
Aí o que fiz foi configurar uma interface virtual pendurada no eth0 com o ip aaa.bbb.ccc.eee, tipo eth0:1.
Aí eu tentei criar uma regra SNAT mas não funciona. Quando vou no host interno ele ainda pega o IP externo padrão aaa.bbb.ccc.ddd.

Eu instalei um IPFIRE (www.ipfire.org) que é bem simples e nele eu consegui fazer isso tranquilo.
Alias foi dele que eu tirei a regra do iptables.
Tentei assim:
iptables -N NAT_SOURCE
iptables -t nat POSTROUTING -j NAT_SOURCE
ptables -t nat -A NAT_SOURCE -s IP/32 -j SNAT --to-source aaa.bbb.ccc.eee

Mas sem sucesso!

Obrigado a quem puder me ajudar.



14
Hi there friends...

I have zentyal 4 works fine, but sometimes I see this message is syslog

Nov 13 08:29:20 servidor kernel: [46271.777040] init: zentyal.set-uid-gid-numbers main process (5337) killed by TERM signal
Nov 13 08:31:26 servidor kernel: [46397.332330] init: zentyal.squid3-external main process (11425) killed by KILL signal
Nov 13 10:22:34 servidor kernel: [53058.929901] init: isc-dhcp-server main process (6625) killed by TERM signal
Nov 13 10:22:53 servidor kernel: [53078.020586] init: zentyal.squid3-external main process (1191) killed by KILL signal
Nov 13 10:24:16 servidor kernel: [53160.763082] init: isc-dhcp-server main process (17178) killed by TERM signal
Nov 13 10:34:37 servidor kernel: [53781.188780] init: isc-dhcp-server main process (19818) killed by TERM signal
Nov 13 10:34:56 servidor kernel: [53800.450145] init: zentyal.squid3-external main process (18356) killed by KILL signal
Nov 13 10:39:24 servidor kernel: [54067.794495] init: isc-dhcp-server main process (21955) killed by TERM signal
Nov 13 10:46:18 servidor kernel: [54481.453223] init: zentyal.squid3-external main process (23132) killed by KILL signal
Nov 13 10:46:22 servidor kernel: [54485.832787] init: ebox.loggerd main process (28496) killed by TERM signal
Nov 13 12:05:32 servidor kernel: [59231.181414] init: zentyal.squid3-external main process (29111) killed by KILL signal
Nov 13 12:05:35 servidor kernel: [59233.623781] init: ebox.loggerd main process (29215) killed by TERM signal
Nov 13 13:43:28 servidor kernel: [65100.929273] init: ebox.loggerd main process (22277) killed by TERM signal
Nov 13 13:55:25 servidor kernel: [65818.057803] init: zentyal.squid3-external main process (22142) killed by KILL signal
Nov 13 13:55:28 servidor kernel: [65820.470901] init: ebox.loggerd main process (320) killed by TERM signal

And I thing this errors make squid restart (at least the process) and kill internet access for a moment, than back online again...

Any body get this error too???

Thanks

15
Installation and Upgrades / Re: Zentyal 4 HA
« on: November 07, 2019, 12:59:37 pm »
I managed to solved this issue, creating the script bellow:

#!/bin/bash


statusip=$(crm_mon -1 | grep IPHALOCAL | grep servidor2)

status="$?"

echo $status

if [[ $status -eq 1 ]]
then
 echo "That's great :-)"
elif [[ $status -eq 0 ]]
then
 echo "(exit status=$status)"
/etc/init.d/samba force-reload
fi

And add to crontab, to run every minute...


Pages: [1] 2 3 ... 35