Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Directory and Authentication / Dynamic DNS not working? DHCP
« on: March 09, 2022, 05:35:21 am »
Hi i was wondering if someone else has had this issue before,
Currently zentyal clean install 6.2
I can reverse lookup the name of the computer which gives me the ip
but if i try to put the IP in the nslookup it says cannot find
i keep seeing this on the log
and also this
I thought it was the appamor i even tried to disable it
and rebooted the server same issue
any ideas?
Currently zentyal clean install 6.2
I can reverse lookup the name of the computer which gives me the ip
but if i try to put the IP in the nslookup it says cannot find
i keep seeing this on the log
Code: [Select]
execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 512Code: [Select]
root@apolo:~# nslookup
> computer0559
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: computer0559.domain.local
Address: 192.168.0.100
> 192.168.0.100
** server can't find 100.0.168.192.in-addr.arpa: NXDOMAINand also this
Code: [Select]
Mar 8 23:28:57 apolo named[1632]: samba_dlz: disallowing update of signer=computer0020\$\@domain.LOCAL name=computer0020.domain.local type=AAAA error=insufficient access rights
Mar 8 23:28:57 apolo named[1632]: client @0x7f3a8c0277e0 192.168.0.52#65394/key computer0020\$\@domain.LOCAL: updating zone 'domain.local/NONE': update failed: rejected by secure update (REFUSED)I thought it was the appamor i even tried to disable it
Code: [Select]
ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/
apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd
and rebooted the server same issue
any ideas?
2
Installation and Upgrades / odd issue with bind? (solved)
« on: December 21, 2021, 05:25:50 am »
Hi i was wondering if someone else has had this issue before,
Recently the server was working fine but im getting to see this error
its when i try to connect to VPN which i use openvpn pfsense, whcih it does not let me navigate, but whats odd it was working fine before
Recently the server was working fine but im getting to see this error
Code: [Select]
root@apolo:~# service bind9 status
● bind9.service - BIND Domain Name Server
Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-12-20 23:13:55 -05; 8min ago
Docs: man:named(8)
Main PID: 2774 (named)
Tasks: 4 (limit: 2279)
CGroup: /system.slice/bind9.service
└─2774 /usr/sbin/named -f -u bind -4
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
its when i try to connect to VPN which i use openvpn pfsense, whcih it does not let me navigate, but whats odd it was working fine before
3
Directory and Authentication / Netlogon? Scripts
« on: December 09, 2021, 01:10:15 am »
Hi
I was wondering if zentyal is compatible with netlogon script
Currently i have a windows server 2012r2 and were using netlogon which is a script, this is part of the script
when i try to access the zentyal server though the shares dont see the netlogon folder
Thank you
I was wondering if zentyal is compatible with netlogon script
Currently i have a windows server 2012r2 and were using netlogon which is a script, this is part of the script
Code: [Select]
@echo off
rem desconecte las unidades de red
net use f: /delete
net use g: /delete
net use h: /delete
net use i: /delete
net use j: /delete
net use k: /delete
net use l: /delete
net use m: /delete
net use n: /delete
net use o: /delete
net use p: /delete
net use q: /delete
net use r: /delete
net use s: /delete
net use t: /delete
net use u: /delete
net use v: /delete
net use x: /delete
net use y: /delete
if not exist g:\ net use G: "\\192.168.3.81\unidadg"
if "%1" == "administrador" goto grupo_tecnologia
:grupo_tecnologia
net use f: "\\192.168.3.81\Manifiestos"
net use H: "\\192.168.3.81\TI"
:fin
cls
exit
when i try to access the zentyal server though the shares dont see the netlogon folder
Thank you
4
Directory and Authentication / Issue with Bind?
« on: October 29, 2021, 11:19:25 pm »
Hi
I was wondering if someone else has had this issue before,
Currently i have DNS forwarder to my firewall and on the firewall i create a dns host overide to resolve erp.mydomain.com to 192.168.0.160.
then on zentyal i restart bind9 and starts working fine, but around few hours it starts resolving by the WAN ip instead of the LAN IP so i have to restart bind9 every time
any ideas how to make it stick?
Thank you
I was wondering if someone else has had this issue before,
Currently i have DNS forwarder to my firewall and on the firewall i create a dns host overide to resolve erp.mydomain.com to 192.168.0.160.
then on zentyal i restart bind9 and starts working fine, but around few hours it starts resolving by the WAN ip instead of the LAN IP so i have to restart bind9 every time
any ideas how to make it stick?
Thank you
5
Directory and Authentication / Quick question about GPO on ubuntu
« on: May 26, 2021, 09:22:31 pm »
Hi,
i was wondering if its possible connecting a normal ubuntu desktop to the domain and apply GPO passwords policy? or does it only apply for windows?
Thank you
i was wondering if its possible connecting a normal ubuntu desktop to the domain and apply GPO passwords policy? or does it only apply for windows?
Thank you
6
Directory and Authentication / bitlocker question
« on: May 11, 2021, 12:55:18 am »
Hi
I was wondering if bitlocker recovery keys can be saved though GPO?
I was looking but could not find
Thank you
I was wondering if bitlocker recovery keys can be saved though GPO?
I was looking but could not find
Thank you
7
Installation and Upgrades / DHCP server options?
« on: February 02, 2021, 11:59:14 pm »
Hi i was wondering if someone else knows how to add option 252 for the DHCP options? I used to be able to do this on the DHCP server options on windows server but not sure how its does on zentyal
Thank you
Thank you
8
Directory and Authentication / local admin GPO greyedout?
« on: December 23, 2020, 03:39:28 am »
Hi,
I was wondering if someone else has had this issue, with zentyal 6.2 not sure if its zentyal or the windows, i tried creating local admin though GPO but the password is greyed out which is very odd
Thank you
https://imgur.com/6l5wC8K.png
I was wondering if someone else has had this issue, with zentyal 6.2 not sure if its zentyal or the windows, i tried creating local admin though GPO but the password is greyed out which is very odd
Thank you
https://imgur.com/6l5wC8K.png
9
Directory and Authentication / issue not resolving?
« on: December 22, 2020, 07:47:46 pm »
Hi currently running zentyal 6.2 what i noticed is that cannot seem to resolve by IP but by name it works
currently tick the box Dynamic DNS Options but not sure what i missed?
just checked the logs and found this
and whats even odd is that i check the service of DHCP which shows on but on the WebGui shows stopped
https://imgur.com/QtTnZuL.png
currently tick the box Dynamic DNS Options but not sure what i missed?
Code: [Select]
C:\Users\administrador.xx>nslookup
Servidor predeterminado: apolo.xx.local
Address: 192.168.100.200
> pc-23
Servidor: apolo.xxx.local
Address: 192.168.100.200
Nombre: pc-23.xx.local
Address: 192.168.100.59
> 192.168.100.59
Servidor: apolo.xx.local
Address: 192.168.100.200
*** apolo.xx.local no encuentra 192.168.100.59: Non-existent domainjust checked the logs and found this
Code: [Select]
Dec 22 13:51:34 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512and whats even odd is that i check the service of DHCP which shows on but on the WebGui shows stopped
Code: [Select]
root@apolo:~# service isc-dhcp-server status
● isc-dhcp-server.service - ISC DHCP IPv4 server
Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-12-22 13:50:16 -05; 3min 26s ago
Docs: man:dhcpd(8)
Main PID: 17404 (dhcpd)
Tasks: 1 (limit: 4620)
CGroup: /system.slice/isc-dhcp-server.service
└─17404 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.48 to f8:1f:32:c6:19:b4 via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: Commit: IP: 192.168.100.49 DHCID: c0:cb:38:15:96:79 Name: PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[0] = /usr/share/zentyal-dhcp/dhcp-dyndns.sh
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[1] = add
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[2] = 192.168.100.49
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[3] = c0:cb:38:15:96:79
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[4] = PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPREQUEST for 192.168.100.49 from c0:cb:38:15:96:79 (PC-07) via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.49 to c0:cb:38:15:96:79 (PC-07) via eth0
https://imgur.com/QtTnZuL.png
10
Directory and Authentication / Samba issue with scan printer
« on: November 21, 2020, 06:12:20 am »
Hi
I was wondering if someone else has had this issue before. Currently running Aficio MP 4002 and on windows i can scan to a samba share it works unfortunately smbv1, i tried enabling on the samba share doing the following on the nano /etc/samba/smb.conf
and adding this under global then restart
service samba-ad-dc restart
client min protocol = NT1
server min protocol = NT1
But not sure what else i missed?
Thank you
I was wondering if someone else has had this issue before. Currently running Aficio MP 4002 and on windows i can scan to a samba share it works unfortunately smbv1, i tried enabling on the samba share doing the following on the nano /etc/samba/smb.conf
and adding this under global then restart
service samba-ad-dc restart
client min protocol = NT1
server min protocol = NT1
But not sure what else i missed?
Thank you
11
Directory and Authentication / GPO script logon not working?
« on: September 30, 2020, 06:45:55 pm »
Hi,
Currently trying to install a startup script though GPO, before trying on zentyal i did with a window server 2012r2 and it worked. So i think it might be a bug on zentyal.
on the GPO i added the startup script to the location of the script. All the users have permission to have access of the folder. I checked on event viewer and got the
1130 Group policy error
https://imgur.com/r2BRPre.png
https://imgur.com/gOc0eAw.png
any ideas?
Thank you
Currently trying to install a startup script though GPO, before trying on zentyal i did with a window server 2012r2 and it worked. So i think it might be a bug on zentyal.
on the GPO i added the startup script to the location of the script. All the users have permission to have access of the folder. I checked on event viewer and got the
1130 Group policy error
https://imgur.com/r2BRPre.png
https://imgur.com/gOc0eAw.png
any ideas?
Thank you
12
Directory and Authentication / A record Issue not replicating?
« on: September 20, 2020, 05:57:17 pm »
Hi
Currently installed a new VM which automatically got the DHCP from zentyal which it automatic create the dynamic DNS record on zentyal.
The issue is that i changed the IP of the VM and needed to add A record and PTR record which i did on the WEBgui.
But i keep seeing the old IP
i checked in nano /var/lib/bind/db.0.168.192
which only shows PTR info
https://imgur.com/0hr8iPa.png
https://imgur.com/2vtmnrG.png
Thank you
Currently installed a new VM which automatically got the DHCP from zentyal which it automatic create the dynamic DNS record on zentyal.
The issue is that i changed the IP of the VM and needed to add A record and PTR record which i did on the WEBgui.
But i keep seeing the old IP
i checked in nano /var/lib/bind/db.0.168.192
which only shows PTR info
https://imgur.com/0hr8iPa.png
https://imgur.com/2vtmnrG.png
Thank you
13
Directory and Authentication / Password expired DNS-user? (solved)
« on: September 20, 2020, 02:49:01 am »
Hi
I needed to create on A record on the web interface and restart the DNS but getting this issue
So my question is on the user DNS-APOLO can i reset the password? or how do i by pass this error without screwing it up?
Thank you
edit: solved by running this
I needed to create on A record on the web interface and restart the DNS but getting this issue
Code: [Select]
Command output: .
Exit value: 1
2020/09/19 20:17:33 ERROR> Service.pm:971 EBox::Module::Service::restartService - root command kinit -k -t /var/lib/samba/private/dns.keytab dns-apolo failed.
2020/09/19 20:17:33 ERROR> RestartService.pm:61 EBox::SysInfo::CGI::RestartService::_process - Restart of DNS from dashboard failed: root command kinit -k -t /var/lib/samba/private/dns.keytab dns-apolo failed.
Error output: Password has expired
dns-apolo@MYDOMAIN.LOCAL's Password:So my question is on the user DNS-APOLO can i reset the password? or how do i by pass this error without screwing it up?
Thank you
edit: solved by running this
Code: [Select]
sudo samba-tool user setexpiry dns-apolo --noexpiry
14
Directory and Authentication / SPN? (solved)
« on: September 20, 2020, 01:45:33 am »
Hi
I was wondering if someone could shed some light on the issue im having.
Currently trying to create SPN user to my linux MSSQL which i have to do though powershell, So i have a windows server which is connected to the domain of zentyal
But i tried running this powershell command, the zentyal server is 192.168.0.200
but i get an error saying could not establish to server
But whats concerning i would need to run this on the powershell also, so how would i make the windows server to be able to import the active directory services? or maybe this can be done on zentyal?
Thank you
EDIT: first create the MSSQL user by the AD instead though Powershell
then run the commands on powershell with no issue to create the mssql.keytab
I was wondering if someone could shed some light on the issue im having.
Currently trying to create SPN user to my linux MSSQL which i have to do though powershell, So i have a windows server which is connected to the domain of zentyal
But i tried running this powershell command, the zentyal server is 192.168.0.200
Code: [Select]
New-ADUser -Server 192.168.0.200 mssql -AccountPassword (Read-Host -AsSecureStri
ng "Enter Password") -PasswordNeverExpires $true -Enabled $truebut i get an error saying could not establish to server
But whats concerning i would need to run this on the powershell also, so how would i make the windows server to be able to import the active directory services? or maybe this can be done on zentyal?
Code: [Select]
ktpass /princ MSSQLSvc/hercules.mydomain.local:1433@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/hercules.mydomain.local:1433@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/192.168.3.155:1433@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/192.168.3.155:1433@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ mssql@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ mssql@mydomain.local /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
Thank you
EDIT: first create the MSSQL user by the AD instead though Powershell
then run the commands on powershell with no issue to create the mssql.keytab
15
Installation and Upgrades / email alert?
« on: February 27, 2020, 03:15:10 am »
Hi,
I was wondering if someone else is having this issue before? currently running 6.1 and constantly getting email alert with this
Thank you
I was wondering if someone else is having this issue before? currently running 6.1 and constantly getting email alert with this
Code: [Select]
/etc/cron.hourly/90zentyal-manage-logs:
/etc/cron.hourly/90zentyal-manage-logs: line 3: /usr/share/zentyal/manage-logs: No such file or directory
run-parts: /etc/cron.hourly/90zentyal-manage-logs exited with return code 127Thank you
Pages: [1] 2