Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - killmasta93

Pages: [1] 2
1
Directory and Authentication / Dynamic DNS not working? DHCP
« on: March 09, 2022, 05:35:21 am »
Hi i was wondering if someone else has had this issue before,
Currently zentyal clean install 6.2
I can reverse lookup the name of the computer which gives me the ip
but if i try to put the IP in the nslookup it says cannot find

i keep seeing this on the log

Code: [Select]
execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 512
Code: [Select]
root@apolo:~# nslookup
> computer0559
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: computer0559.domain.local
Address: 192.168.0.100
> 192.168.0.100
** server can't find 100.0.168.192.in-addr.arpa: NXDOMAIN



and also this

Code: [Select]
Mar  8 23:28:57 apolo named[1632]: samba_dlz: disallowing update of signer=computer0020\$\@domain.LOCAL name=computer0020.domain.local type=AAAA error=insufficient access rights
Mar  8 23:28:57 apolo named[1632]: client @0x7f3a8c0277e0 192.168.0.52#65394/key computer0020\$\@domain.LOCAL: updating zone 'domain.local/NONE': update failed: rejected by secure update (REFUSED)


I thought it was the appamor i even tried to disable it
Code: [Select]
ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/
apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd

and rebooted the server same issue

any ideas?

2
Installation and Upgrades / odd issue with bind? (solved)
« on: December 21, 2021, 05:25:50 am »
Hi i was wondering if someone else has had this issue before,
Recently the server was working fine but im getting to see this error
Code: [Select]
root@apolo:~# service bind9 status
● bind9.service - BIND Domain Name Server
   Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2021-12-20 23:13:55 -05; 8min ago
     Docs: man:named(8)
 Main PID: 2774 (named)
    Tasks: 4 (limit: 2279)
   CGroup: /system.slice/bind9.service
           └─2774 /usr/sbin/named -f -u bind -4

Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#46042 (www.google.com): query (cache) 'www.google.com/A/IN' denied
Dec 20 23:22:17 apolo named[2774]: client @0x7f29ad10e650 192.168.60.2#33027 (www.google.com): query (cache) 'www.google.com/AAAA/IN' denied

its when i try to connect to VPN which i use openvpn pfsense, whcih it does not let me navigate, but whats odd it was working fine before

3
Directory and Authentication / Netlogon? Scripts
« on: December 09, 2021, 01:10:15 am »
Hi
I was wondering if zentyal is compatible with netlogon script
Currently i have a windows server 2012r2 and were using netlogon which is a script, this is part of the script

Code: [Select]
@echo off

rem desconecte las unidades de red
net use f: /delete
net use g: /delete
net use h: /delete
net use i: /delete
net use j: /delete
net use k: /delete
net use l: /delete
net use m: /delete
net use n: /delete
net use o: /delete
net use p: /delete
net use q: /delete
net use r: /delete
net use s: /delete
net use t: /delete
net use u: /delete
net use v: /delete
net use x: /delete
net use y: /delete

if not exist g:\ net use G: "\\192.168.3.81\unidadg"

if "%1" == "administrador"         goto grupo_tecnologia


:grupo_tecnologia
net use f: "\\192.168.3.81\Manifiestos"
net use H: "\\192.168.3.81\TI"


:fin
cls
exit


when i try to access the zentyal server though the shares dont see the netlogon folder

Thank you

4
Directory and Authentication / Issue with Bind?
« on: October 29, 2021, 11:19:25 pm »
Hi
I was wondering if someone else has had this issue before,
Currently i have DNS forwarder to my firewall and on the firewall i create a dns host overide to resolve erp.mydomain.com to 192.168.0.160.
then on zentyal i restart bind9 and starts working fine, but around few hours it starts resolving by the WAN ip instead of the LAN IP so i have to restart bind9 every time

any ideas how to make it stick?

Thank you

5
Directory and Authentication / Quick question about GPO on ubuntu
« on: May 26, 2021, 09:22:31 pm »
Hi,
i was wondering if its possible connecting a normal ubuntu desktop to the domain and apply GPO passwords policy? or does it only apply for windows?

Thank you

6
Directory and Authentication / bitlocker question
« on: May 11, 2021, 12:55:18 am »
Hi
I was wondering if bitlocker recovery keys can be saved though GPO?
I was looking but could not find

Thank you

7
Installation and Upgrades / DHCP server options?
« on: February 02, 2021, 11:59:14 pm »
Hi i was wondering if someone else knows how to add option 252 for the DHCP options? I used to be able to do this on the DHCP server options on windows server but not sure how its does on zentyal

Thank you

8
Directory and Authentication / local admin GPO greyedout?
« on: December 23, 2020, 03:39:28 am »
Hi,
I was wondering if someone else has had this issue, with zentyal 6.2 not sure if its zentyal or the windows, i tried creating local admin though GPO but the password is greyed out which is very odd

Thank you

https://imgur.com/6l5wC8K.png

9
Directory and Authentication / issue not resolving?
« on: December 22, 2020, 07:47:46 pm »
Hi currently running zentyal 6.2 what i noticed is that cannot seem to resolve by IP but by name it works
currently tick the box  Dynamic DNS Options but not sure what i missed?


Code: [Select]
C:\Users\administrador.xx>nslookup
Servidor predeterminado:  apolo.xx.local
Address:  192.168.100.200

> pc-23
Servidor:  apolo.xxx.local
Address:  192.168.100.200

Nombre:  pc-23.xx.local
Address:  192.168.100.59

> 192.168.100.59
Servidor:  apolo.xx.local
Address:  192.168.100.200

*** apolo.xx.local no encuentra 192.168.100.59: Non-existent domain

just checked the logs and found this

Code: [Select]
Dec 22 13:51:34 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
and whats even odd is that i check the service of DHCP which shows on but on the WebGui shows stopped

Code: [Select]
root@apolo:~# service isc-dhcp-server status
● isc-dhcp-server.service - ISC DHCP IPv4 server
   Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-12-22 13:50:16 -05; 3min 26s ago
     Docs: man:dhcpd(8)
 Main PID: 17404 (dhcpd)
    Tasks: 1 (limit: 4620)
   CGroup: /system.slice/isc-dhcp-server.service
           └─17404 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf

Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.48 to f8:1f:32:c6:19:b4 via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: Commit: IP: 192.168.100.49 DHCID: c0:cb:38:15:96:79 Name: PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[0] = /usr/share/zentyal-dhcp/dhcp-dyndns.sh
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[1] = add
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[2] = 192.168.100.49
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[3] = c0:cb:38:15:96:79
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[4] = PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPREQUEST for 192.168.100.49 from c0:cb:38:15:96:79 (PC-07) via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.49 to c0:cb:38:15:96:79 (PC-07) via eth0

https://imgur.com/QtTnZuL.png

10
Directory and Authentication / Samba issue with scan printer
« on: November 21, 2020, 06:12:20 am »
Hi
I was wondering if someone else has had this issue before.  Currently running Aficio MP 4002 and on windows i can scan to a samba share it works unfortunately  smbv1, i tried enabling on the samba share doing the following on the nano /etc/samba/smb.conf

and adding this under global then restart

service samba-ad-dc restart


client min protocol = NT1
server min protocol = NT1


But not sure what else i missed?

Thank you

11
Directory and Authentication / GPO script logon not working?
« on: September 30, 2020, 06:45:55 pm »
Hi,
Currently trying to install a startup script though GPO, before trying on zentyal i did with a window server 2012r2 and it worked. So i think it might be a bug on zentyal.
on the GPO i added the startup script to the location of the script. All the users have permission to have access of the folder. I checked on event viewer and got the
1130 Group policy error

https://imgur.com/r2BRPre.png

https://imgur.com/gOc0eAw.png

any ideas?
Thank you

12
Directory and Authentication / A record Issue not replicating?
« on: September 20, 2020, 05:57:17 pm »
Hi
Currently installed a new VM which automatically got the DHCP from zentyal which it automatic create the dynamic DNS record on zentyal.
The issue is that i changed the IP of the VM and needed to add A record and PTR record which i did on the WEBgui.
But i keep seeing the old IP
i checked in nano /var/lib/bind/db.0.168.192
which only shows PTR info

https://imgur.com/0hr8iPa.png

https://imgur.com/2vtmnrG.png

Thank you

13
Directory and Authentication / Password expired DNS-user? (solved)
« on: September 20, 2020, 02:49:01 am »
Hi
 I needed to create on A record on the web interface and restart the DNS but getting this issue

Code: [Select]
Command output: .
Exit value: 1
2020/09/19 20:17:33 ERROR> Service.pm:971 EBox::Module::Service::restartService - root command kinit -k -t /var/lib/samba/private/dns.keytab dns-apolo failed.
2020/09/19 20:17:33 ERROR> RestartService.pm:61 EBox::SysInfo::CGI::RestartService::_process - Restart of DNS from dashboard failed: root command kinit -k -t /var/lib/samba/private/dns.keytab dns-apolo failed.
Error output: Password has expired
 dns-apolo@MYDOMAIN.LOCAL's Password:

So my question is on the user DNS-APOLO can i reset the password? or how do i by pass this error without screwing it up?

Thank you

edit: solved by running this

Code: [Select]
sudo samba-tool user setexpiry dns-apolo --noexpiry

14
Directory and Authentication / SPN? (solved)
« on: September 20, 2020, 01:45:33 am »
Hi
I was wondering if someone could shed some light on the issue im having.
Currently trying to create  SPN user to my linux MSSQL which i have to do though powershell, So i have a windows server which is connected to the domain of zentyal
But i tried running this powershell command, the zentyal server is 192.168.0.200

Code: [Select]
New-ADUser -Server 192.168.0.200 mssql -AccountPassword (Read-Host -AsSecureStri
ng "Enter Password") -PasswordNeverExpires $true -Enabled $true

but i get an error saying could not establish to server

But whats concerning i would need to run this on the powershell also, so how would i make the windows server to be able to import the active directory services? or maybe this can be done on zentyal?

Code: [Select]
ktpass /princ MSSQLSvc/hercules.mydomain.local:1433@mydomain.local      /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql   /out mssql.keytab                   -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/hercules.mydomain.local:1433@mydomain.local     /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql   /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/192.168.3.155:1433@mydomain.local                      /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql   /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ MSSQLSvc/192.168.3.155:1433@mydomain.local                    /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql  /in mssql.keytab /out mssql.keytab -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ mssql@mydomain.local       /ptype KRB5_NT_PRINCIPAL /crypto aes256-sha1 /mapuser mydomain\mssql   /in  mssql.keytab /out mssql.keytab  -setpass -setupn /kvno 4 /pass mypassword
ktpass /princ mssql@mydomain.local        /ptype KRB5_NT_PRINCIPAL /crypto rc4-hmac-nt /mapuser mydomain\mssql   /in  mssql.keytab /out mssql.keytab  -setpass -setupn /kvno 4 /pass mypassword

Thank you

EDIT: first create the MSSQL user by the AD instead though Powershell
then run the commands on powershell with no issue to create the mssql.keytab

15
Installation and Upgrades / email alert?
« on: February 27, 2020, 03:15:10 am »
Hi,
I was wondering if someone else is having this issue before? currently running 6.1 and constantly getting email alert with this
Code: [Select]
/etc/cron.hourly/90zentyal-manage-logs:
/etc/cron.hourly/90zentyal-manage-logs: line 3: /usr/share/zentyal/manage-logs: No such file or directory
run-parts: /etc/cron.hourly/90zentyal-manage-logs exited with return code 127

Thank you

Pages: [1] 2