Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - JLLEWELYN

Pages: [1] 2 3 ... 5
1
Spanish / Re: Los permisos en las carpetas compartidas no funcionan
« on: November 29, 2020, 09:19:44 pm »
yo tengo una publicación que te puede servir para mejorar las carpetas compartidas.

https://forum.zentyal.org/index.php/topic,33218.msg110266.html#msg110266

2
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: September 04, 2020, 05:15:13 pm »
Hello, can you tell me what you changed or how the server restarted, I have the same problem and can't get any further. Thank you very much in advance.

Greeting Mathias
https://youtu.be/L0I7i_lE5zA

3
Installation and Upgrades / error updating zentyal-core
« on: August 04, 2020, 02:44:58 am »
Tengo este error en zentyal-core al actualizar los paquetes.
Code: [Select]
administrator@servidor:~$ sudo apt upgrade
Leyendo lista de paquetes... Hecho
Creando árbol de dependencias
Leyendo la información de estado... Hecho
Calculando la actualización... Hecho
Los paquetes indicados a continuación se instalaron de forma automática y ya no son necesarios.
  libllvm9 linux-headers-4.15.0-111 linux-headers-4.15.0-111-generic
  linux-image-4.15.0-111-generic linux-modules-4.15.0-111-generic
  linux-modules-extra-4.15.0-111-generic
Utilice «sudo apt autoremove» para eliminarlos.
Se instalarán los siguientes paquetes NUEVOS:
  linux-headers-4.15.0-112 linux-headers-4.15.0-112-generic
  linux-image-4.15.0-112-generic linux-modules-4.15.0-112-generic
  linux-modules-extra-4.15.0-112-generic
Se actualizarán los siguientes paquetes:
  firefox grub-common grub-pc grub-pc-bin grub2-common libllvm10 libmysqlclient20
  librsvg2-2 librsvg2-common libseccomp2 linux-generic linux-headers-generic
  linux-image-generic linux-libc-dev mysql-server python3-apt python3-distupgrade
  ubuntu-release-upgrader-core zentyal-dhcp zentyal-dns zentyal-software
21 actualizados, 5 nuevos se instalarán, 0 para eliminar y 0 no actualizados.
16 no instalados del todo o eliminados.
Se necesita descargar 0 B/142 MB de archivos.
Se utilizarán 334 MB de espacio de disco adicional después de esta operación.
¿Desea continuar? [S/n] s
Preconfigurando paquetes ...
Configurando zentyal-core (6.1.6) ...
Connection DB Error: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
dpkg: error al procesar el paquete zentyal-core (--configure):
 installed zentyal-core package post-installation script subprocess returned error exit status 2
Se encontraron errores al procesar:
 zentyal-core
E: Sub-process /usr/bin/dpkg returned an error code (1)
administrator@servidor:~$ sudo zentyal-core --configure
sudo: zentyal-core: command not found

4
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: August 04, 2020, 02:37:06 am »
Thank you very much, you already solved the problem.  Regards.

5
Installation and Upgrades / Re: Zentyal update failed, not boot.
« on: July 21, 2020, 03:22:14 am »
No, the problem was, I did not update the system 3 months ago.  When updating the operating system, when rebooting, I am left with kernel panic error.

6
Installation and Upgrades / Zentyal update failed, not boot.
« on: July 20, 2020, 05:55:32 pm »
Zentyal update failed, not boot.  please I need help.

https://photos.app.goo.gl/KgyNyBDZq9854URX6

7
Spanish / Re: Error horario
« on: October 24, 2019, 02:25:06 am »
Tienes los servidores ntp externos incorrectos.
Este es el correcto:
https://www.pool.ntp.org/zone/ar

8
Hello, can someone help me interpret, how to add these rules to the zentyal firewall from the web GUI?

Code: [Select]
iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
iptables -A FORWARD -i eth2 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth2 -j ACCEPT

9
hello, greetings to the zentyal team.
I have zentyal 6.0 with an ethernet adapter and a TP-LINK wireless adapter model TL-WDN4800.
My zentyal server only works as an active domain controller directory.

From the ethernet adapter called as interface eth2 with the IP address 192.168.1.2 mask 255.255.255.0
get internet through this adapter through the 192.168.1.1 gateway which is a commercial UTM firewall.

The wireless adapter called as interface wlan0 with the IP address 192.168.137.1 mask 255.255.255.0.

/etc/network/interfaces
Code: [Select]
administrator@servidor:~$ cat /etc/network/interfaces
allow-hotplug lo eth2 wlan0

iface lo inet loopback

iface eth2 inet static
      address 192.168.1.2
      netmask 255.255.255.0
      broadcast 192.168.1.255
      offload-gro off
      offload-gso off
      offload-tso off

iface wlan0 inet static
      address 192.168.137.1
      netmask 255.255.255.0
      broadcast 192.168.137.255
      offload-gro off
      offload-gso off
      offload-tso off

The DHCP server delivers IP addresses to the 192.168.137.1 interface with a range of 192.168.137.100 to 192.168.137.254 with DNS 8.8.8.8 and 8.8.4.4.
/etc/dhcp/dhcpd.conf
Code: [Select]
shared-network wlan0 {

    subnet 192.168.137.0 netmask 255.255.255.0 {

        option routers 192.168.137.1;
        option domain-name-servers 8.8.8.8, 8.8.4.4;
        option ntp-servers 192.168.137.1;
        default-lease-time 1800;
        max-lease-time 7200;


        pool {



            next-server 192.168.137.1;

            range 192.168.137.100 192.168.137.254;
        }
    }

    group {
        option routers 192.168.137.1;
        option domain-name-servers 8.8.8.8, 8.8.4.4;
        option ntp-servers 192.168.137.1;
        default-lease-time 1800;
        max-lease-time 7200;


    }

}

/etc/default/hostapd
Code: [Select]
administrator@servidor:~$ cat /etc/default/hostapd
# Defaults for hostapd initscript
#
# See /usr/share/doc/hostapd/README.Debian for information about alternative
# methods of managing hostapd.
#
# Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
# file and hostapd will be started during system boot. An example configuration
# file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
#
DAEMON_CONF="/etc/hostapd/hostapd.conf"

# Additional daemon options to be appended to hostapd command:-
#       -d   show more debug messages (-dd for even more)
#       -K   include key data in debug messages
#       -t   include timestamps in some debug messages
#
# Note that -B (daemon mode) and -P (pidfile) options are automatically
# configured by the init.d script and must not be added to DAEMON_OPTS.
#
#DAEMON_OPTS=""

we configure
/etc/hostapd/hostapd.conf
Code: [Select]
# Plantilla de configuracion hostapd para router Wi-Fi 2.4 GHz generico modo abierto para Venezuela
# /etc/hostapd/hostapd.conf
# Adaptador PCI-E TP-LINK TL-WDN4800 N900

#
# Opciones Generales hostapd
#
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
interface=wlan0
#bridge=br0
driver=nl80211
#driver_params=
ssid=Internet Libre

#
# Ajustes regulatorios para Venezuela
#
ieee80211d=1
country_code=VE
# Entorno para Interiores: 0x49 Exteriores: 0x4f Todos los entornos: 0x20
#country3=0x49
#local_pwr_constraint=3
#spectrum_mgmt_required=1

#
# Opciones de Seguridad
#
ignore_broadcast_ssid=0
disassoc_low_ack=1
wpa=0
macaddr_acl=0
deny_mac_file=/etc/hostapd/hostapd.deny

#
# Ajustes de bandas IEEE 802.11 (b/g)
#
hw_mode=g

#
# Ajustes de banda IEEE 802.11n (n)
#
ieee80211n=1
require_ht=1
ht_capab=[LDPC][HT40-][HT40+][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-3839][DSSS_CCK-40][MAX-A-MPDU-LEN-EXP3]

#
# Ajustes IEEE 802.11u-2011
#
#interworking=1
#access_network_type=3
#internet = 1
#venue_group=2
#venue_type=0

#
# QoS
#
wmm_enabled=1
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0

#
# Ajustes Avanzados
#
channel=0
#acs_num_scans=5
#acs_chan_bias=1:0.8 6:0.8 11:0.8
#chanlist=1 6 11-13
beacon_int=100
dtim_period=2
max_num_sta=255
rts_threshold=-1
fragm_threshold=-1
#supported_rates=10 20 55 110 60 90 120 180 240 360 480 540
#basic_rates=10 20
#basic_rates=10 20 55 110
#basic_rates=60 120 240
#beacon_rate=10
#preamble=1

#
# Registro
#
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2

Start test
Code: [Select]
sudo hostapd -dd /etc/hostapd/hostapd.conf
Ctrl+C (exit)

we create the service...
Code: [Select]
sudo systemctl unmask hostapd
sudo systemctl enable hostapd
sudo systemctl start hostapd
sudo systemctl status hostapd
● hostapd.service - Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
   Loaded: loaded (/lib/systemd/system/hostapd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-04-27 15:19:56 -04; 21min ago
  Process: 18270 ExecStart=/usr/sbin/hostapd -P /run/hostapd.pid -B $DAEMON_OPTS ${DAEMON_CONF} (code=exited, status=0/SUCCESS)
 Main PID: 18271 (hostapd)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/hostapd.service
           └─18271 /usr/sbin/hostapd -P /run/hostapd.pid -B /etc/hostapd/hostapd.conf

abr 27 15:19:56 servidor systemd[1]: Starting Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator...
abr 27 15:19:56 servidor hostapd[18270]: Configuration file: /etc/hostapd/hostapd.conf
abr 27 15:19:56 servidor hostapd[18270]: wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
abr 27 15:19:56 servidor hostapd[18270]: ACS: Automatic channel selection started, this may take a bit
abr 27 15:19:56 servidor hostapd[18270]: wlan0: interface state COUNTRY_UPDATE->ACS
abr 27 15:19:56 servidor hostapd[18270]: wlan0: ACS-STARTED
abr 27 15:19:56 servidor systemd[1]: Started Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator.
I have hostapd installed and I already made my test configuration, which mobile devices connect but does not have internet.

According to the guide I am reading, I must edit the configuration file: /etc/sysctl.conf
change: net.ipv4.ip_forward = 1
save.
add the configuration to the firewall.
sudo iptables -t nat -A POSTROUTING -s 192.168.137.0/24 -o eth2 -j MASQUERADE

The problem is that this configuration is temporary, because zentyal when restarting does not save the change.
How can I enable Internet connection to wireless devices permanently?

10
Installation and Upgrades / [Help] remove hard drive that fails.
« on: April 19, 2019, 05:12:43 pm »
Greetings to the zentyal team.
I have a problem with a hard drive that installs my zentyal server. The hard drive is as storage for the HOME partition, which I have many music files and programs for PDQ Deploy software installations, to share on the network. Last week I installed 2 new hard drives to extend the volume, but I did not notice that one of them is the one that is failing, it is also a different model.

Code: [Select]
administrator@servidor:~$ sudo lsscsi
[sudo] password for administrator:
[0:0:0:0]    disk    ATA      WDC WD5000AAKX-0 1H15  /dev/sda
[1:0:0:0]    disk    ATA      ST3750640NS      3CNR  /dev/sdb
[4:0:0:0]    disk    ATA      ST3750525AS      JC45  /dev/sdc
[5:0:0:0]    disk    ATA      ST3750640NS      3CNR  /dev/sdd
[6:0:0:0]    disk    Generic  STORAGE DEVICE   9833  /dev/sde
The problem is ST3750525AS with the extension /dev/sdc

I need to remove without damaging the system, I made an attempt to remove it abruptly and zentyal does not start.

Code: [Select]
administrator@servidor:~$ sudo lsblk -fm
NAME                       FSTYPE      LABEL  UUID                                   MOUNTPOINT   SIZE OWNER GROUP MODE
sda                                                                                             465,8G root  disk  brw-rw----
├─sda1                     ext2        BOOT   694c0d39-ca9e-47f6-8cc9-c3ae7d107986   /boot        1,9G root  disk  brw-rw----
├─sda2                     swap               a7585f9d-98c4-4aee-b970-14f95e0ee81a   [SWAP]         8G root  disk  brw-rw----
├─sda3                                                                                              1K root  disk  brw-rw----
└─sda5                     LVM2_member        a7FzEB-amue-MqwT-i571-qR1P-m85V-CyZ6cn            455,9G root  disk  brw-rw----
  ├─servidor_vg-root_vl    ext4        ROOT   565b1925-bb20-4a88-a765-56043b2828ee   /          176,5G root  disk  brw-rw----
  └─servidor_vg-srv_vl     ext4        SRV    17922afb-d5a6-467a-bc74-39853afff2a0   /srv       279,4G root  disk  brw-rw----
sdb                                                                                             698,7G root  disk  brw-rw----
└─sdb1                     LVM2_member        Erzj3X-1nuW-nDwi-SKEN-KYcC-VfEW-CtYc82            698,7G root  disk  brw-rw----
  └─servidor_vg-storage_vl ext4        HOME   803e8428-0ff1-45f5-bcc4-d0e9906797ec   /home          2T root  disk  brw-rw----
sdc                                                                                             698,7G root  disk  brw-rw----
└─sdc1                     LVM2_member        A2dleM-MmRA-FWOn-30iD-wHdf-g2u5-308tsn            698,7G root  disk  brw-rw----
  ├─servidor_vg-backup_vl  ext4        BACKUP 2a5b3339-b60b-4b8a-b8c5-1bc3e05eff86   /bak        46,7G root  disk  brw-rw----
  └─servidor_vg-storage_vl ext4        HOME   803e8428-0ff1-45f5-bcc4-d0e9906797ec   /home          2T root  disk  brw-rw----
sdd                                                                                             698,7G root  disk  brw-rw----
└─sdd1                     LVM2_member        2iY9uh-n3iA-Peg6-5u3L-oq5h-hS1d-RHwswE            698,7G root  disk  brw-rw----
  └─servidor_vg-storage_vl ext4        HOME   803e8428-0ff1-45f5-bcc4-d0e9906797ec   /home          2T root  disk  brw-rw----

Code: [Select]
administrator@servidor:~$ sudo lvdisplay
  --- Logical volume ---
  LV Path                /dev/servidor_vg/root_vl
  LV Name                root_vl
  VG Name                servidor_vg
  LV UUID                giYw25-XP8J-YXAn-wckO-D8ur-2WTh-eP0gNT
  LV Write Access        read/write
  LV Creation host, time servidor, 2019-03-01 17:37:21 -0400
  LV Status              available
  # open                 1
  LV Size                <176,49 GiB
  Current LE             45181
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:0

  --- Logical volume ---
  LV Path                /dev/servidor_vg/srv_vl
  LV Name                srv_vl
  VG Name                servidor_vg
  LV UUID                9BYX7s-CZRg-xYEg-FXmG-6pDa-uI9A-BI1GoF
  LV Write Access        read/write
  LV Creation host, time servidor, 2019-03-01 17:37:35 -0400
  LV Status              available
  # open                 1
  LV Size                <279,40 GiB
  Current LE             71526
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:1

  --- Logical volume ---
  LV Path                /dev/servidor_vg/backup_vl
  LV Name                backup_vl
  VG Name                servidor_vg
  LV UUID                kDHbDG-LZsx-qd78-a4QI-YHeW-ywJ1-fSP2aC
  LV Write Access        read/write
  LV Creation host, time servidor, 2019-03-01 17:39:25 -0400
  LV Status              available
  # open                 1
  LV Size                46,70 GiB
  Current LE             11956
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:2

  --- Logical volume ---
  LV Path                /dev/servidor_vg/storage_vl
  LV Name                storage_vl
  VG Name                servidor_vg
  LV UUID                Cjufl9-zSem-eSqA-m8Bk-RNHN-9r5R-L08pW2
  LV Write Access        read/write
  LV Creation host, time servidor, 2019-03-01 17:39:35 -0400
  LV Status              available
  # open                 1
  LV Size                2,00 TiB
  Current LE             524594
  Segments               3
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:3

Code: [Select]
administrator@servidor:~$ sudo vgdisplay
  --- Volume group ---
  VG Name               servidor_vg
  System ID
  Format                lvm2
  Metadata Areas        4
  Metadata Sequence No  9
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                4
  Open LV               4
  Max PV                0
  Cur PV                4
  Act PV                4
  VG Size               2,49 TiB
  PE Size               4,00 MiB
  Total PE              653257
  Alloc PE / Size       653257 / 2,49 TiB
  Free  PE / Size       0 / 0
  VG UUID               vBHTK9-fBf3-2N8d-k3qu-5rFL-9HZr-AiGkQ2

11
Directory and Authentication / Re: Missing 'defult\domain users' group
« on: April 10, 2019, 06:12:17 pm »
Test:
Code: [Select]
administrator@servidor:~$ su root
Password:
root@servidor:/home/administrator# mkdir -p /home/samba/profiles
root@servidor:/home/administrator# chgrp -R "Domain Users" /home/samba/profiles
root@servidor:/home/administrator# chmod 1750 /home/samba/profiles
root@servidor:/home/administrator#reboot

12
Directory and Authentication / Re: Missing 'defult\domain users' group
« on: April 10, 2019, 05:58:35 pm »
I think there is a problem with the shared folder permissions of the mobile profiles.
that is the same problem when you try to create a shared folder within zentyal, it does not give access to traverse the directory in spite of giving permissions to the groups of reading and writing.

Roaming Windows User Profiles

13
Directory and Authentication / Re: netbios name
« on: April 10, 2019, 05:42:21 pm »
example:

 hostname: servidor
netbios name: servidor

Code: [Select]
administrator@servidor:~$ hostname
servidor
administrator@servidor:~$ domainname
(none)
administrator@servidor:~$ dnsdomainname
savidoca.com
administrator@servidor:~$ nisdomainname
nisdomainname: Local domain name not set
administrator@servidor:~$ ypdomainname
ypdomainname: Local domain name not set
administrator@servidor:~$ hostname --fqdn
servidor.savidoca.com
administrator@servidor:~$

Code: [Select]
administrator@servidor:~$ cat /etc/samba/smb.conf
[global]
    workgroup = savidoca
    realm = SAVIDOCA.COM
    netbios name = servidor
    server string = Zentyal Server
    server role = dc
    server role check:inhibit = yes
    server services = -dns
    server signing = auto
    dsdb:schema update allowed = yes
    ldap server require strong auth = no
    drs:max object sync = 1200

    idmap_ldb:use rfc2307 = yes

    winbind enum users = yes
    winbind enum groups = yes
    vfs objects = acl_xattr
    map acl inherit = yes
    store dos attributes = yes
    template shell = /bin/bash
    template homedir = /home/%U

    min protocol = SMB2

    rpc server dynamic port range = 49152-65535

    interfaces = lo,eth2
    bind interfaces only = yes

    map to guest = Bad User

    log level = 3
    log file = /var/log/samba/samba.log
    max log size = 100000



    include = /etc/samba/shares.conf




[netlogon]
    path = /var/lib/samba/sysvol/savidoca.com/scripts
    browseable = no
    read only = yes

[sysvol]
    path = /var/lib/samba/sysvol
    read only = no


review this information

14
Directory and Authentication / Re: File Sharing does not work
« on: March 30, 2019, 07:35:58 pm »
Solve creating a custom directory on the route: /home/administrator/shares/wallpapers

Code: [Select]
su root
password:
#mkdir -p /home/administrator/shares/wallpapers
#chmod -R 775 /home/administrator/shares/wallpapers
#chown root:"Domain Admins" /home/administrator/shares/wallpapers

then in zentyal add the directory path to be shared with the permissions of the read and write groups.

It should be noted that zentyal lacks some options that are important for file sharing and security options to work correctly. What I did was copy the configuration template located at: /usr/share/zentyal/stubs/samba/smb.conf.mas and  /usr/share/zentyal/stubs/samba/shares.conf.mas

Code: [Select]
sudo mkdir /etc/zentyal/stubs
sudo mkdir /etc/zentyal/stubs/samba
sudo cp /usr/share/zentyal/stubs/samba/smb.conf.mas /etc/zentyal/stubs/samba/
sudo cp /usr/share/zentyal/stubs/samba/shares.conf.mas /etc/zentyal/stubs/samba/

modify the template in this way:
* Minimum SMB2 protocol established for protection against WannaCrypt. see article.
* Added the missing settings to share files, vfs objects = acl_xattr, map acl inherit = yes, store dos attributes = yes, see article.   
* customize the network adapters that I only want to work in my active directory, excluding eth0, eth1, wlan0, vmnet8 so that it does not interfere with the operation. this may be irrelevant.
/etc/zentyal/stubs/samba/smb.conf.mas
Code: [Select]
<%args>
    $workgroup
    $netbiosName
    $description
    $mode
    $realm
    $domain
    $roamingProfiles => 0
    $profilesPath
    $sysvolPath
    $ifaces => undef
    $shell

    $radius => 0
    $print => 0
    $shares => 0
</%args>
<%init>
use EBox::Gettext;
</%init>
[global]
    workgroup = <% $workgroup %>
    realm = <% $realm %>
    netbios name = <% $netbiosName %>
    server string = <% $description %>
    server role = <% $mode %>
    server role check:inhibit = yes
    server services = -dns
    server signing = auto
    dsdb:schema update allowed = yes
    ldap server require strong auth = no
    drs:max object sync = 1200

    idmap_ldb:use rfc2307 = yes

    winbind enum users = yes
    winbind enum groups = yes
    vfs objects = acl_xattr
    map acl inherit = yes
    store dos attributes = yes
    template shell = <% $shell %>
    template homedir = /home/%U

    min protocol = SMB2

    rpc server dynamic port range = 49152-65535

% if ($ifaces) {
    interfaces = lo,eth2
    bind interfaces only = yes
% }

    map to guest = Bad User

    log level = 3
    log file = /var/log/samba/samba.log
    max log size = 100000

% if ($radius) {
    lanman auth = yes
    ntlm auth = yes
% }

% if ($print) {
    include = /etc/samba/printers.conf
% }

% if ($shares) {
    include = /etc/samba/shares.conf
% }



% if ($mode eq 'dc') {
%   if ($roamingProfiles) {
[profiles]
    path = <% $profilesPath %>
    browseable = no
    read only = no
%   }

[netlogon]
    path = <% $sysvolPath %>/<% $domain %>/scripts
    browseable = no
    read only = yes

[sysvol]
    path = <% $sysvolPath %>
    read only = no
% }


* Added lost line to share files setting: read only = no, see article.
/etc/zentyal/stubs/samba/shares.conf.mas
Code: [Select]
<%args>
    @shares => ()
    $unmanagedAcls => 0
    $disableFullAudit => 0

    $recycle => 0
    $recycle_exceptions => {}
    $recycle_config => {}

    $prefix => 'Zentyal'
    $backup_path => '/tmp'
</%args>
<%init>
use EBox::Gettext;
</%init>
[homes]
    comment = <% __('Home Directories') %>
    path = /home/%S
    read only = no
    browseable = no
    create mask = 0611
    directory mask = 0711
% my $rb = ($recycle xor defined($recycle_exceptions->{'users'}));
% my $objects = 'acl_xattr';
% unless ($disableFullAudit) {
%   $objects .= ' full_audit';
% }
% if ($rb) {
%   $objects .= ' recycle';
% }
    vfs objects = <% $objects %>
    full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
% if ($rb) {
%   foreach my $key (keys %{$recycle_config}) {
%       next unless $key;
    recycle: <% $key %> = <% $recycle_config->{$key} %>
%   }
% }

# <% @shares ? "Shares\n" : "No shares configured" %>
% foreach my $share (@shares) {
[<% $share->{share} %>]
% if ($share->{comment}) {
    comment = <% $share->{comment} %>
% }
    path = <% $share->{path} %>
    browseable = yes
    read only = no
    force create mode = 0660
    force directory mode = 0660
% if ($share->{guest}) {
    guest ok = yes
    read only = no
% } elsif ($unmanagedAcls) {
    read only = no
% } else {
    valid users = <% $share->{validUsers} %>
    read list = <% $share->{readOnly} %>
    write list = <% $share->{readWrite} %>
    admin users = <% $share->{administrators} %>
% }
% my $rb = ($recycle xor defined($recycle_exceptions->{'share'}->{$share->{'share'}}));
% my $objects = 'acl_xattr';
% unless ($disableFullAudit) {
%   $objects .= ' full_audit';
% }
% if ($rb) {
%   $objects .= ' recycle';
% }
    vfs objects = <% $objects %>
% if ($unmanagedAcls) {
    acl_xattr:ignore system acls = yes
% }
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
% if ($rb) {
%   foreach my $key (keys %{$recycle_config}) {
%       next unless $key;
    recycle: <% $key %> = <% $recycle_config->{$key} %>
%   }
% }

% }

the result was this:

/etc/samba/smb.conf
Code: [Select]
[global]
    workgroup = savidoca
    realm = SAVIDOCA.COM
    netbios name = servidor
    server string = Zentyal Server
    server role = dc
    server role check:inhibit = yes
    server services = -dns
    server signing = auto
    dsdb:schema update allowed = yes
    ldap server require strong auth = no
    drs:max object sync = 1200

    idmap_ldb:use rfc2307 = yes

    winbind enum users = yes
    winbind enum groups = yes
    vfs objects = acl_xattr
    map acl inherit = yes
    store dos attributes = yes
    template shell = /bin/bash
    template homedir = /home/%U

    min protocol = SMB2

    rpc server dynamic port range = 49152-65535

    interfaces = lo,eth2
    bind interfaces only = yes

    map to guest = Bad User

    log level = 3
    log file = /var/log/samba/samba.log
    max log size = 100000



    include = /etc/samba/shares.conf




[netlogon]
    path = /var/lib/samba/sysvol/savidoca.com/scripts
    browseable = no
    read only = yes

[sysvol]
    path = /var/lib/samba/sysvol
    read only = no

/etc/samba/shares.conf
Code: [Select]
[homes]
    comment = Directorios de usuario
    path = /home/%S
    read only = no
    browseable = no
    create mask = 0611
    directory mask = 0711
    vfs objects = acl_xattr full_audit
    full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename

# Shares

[wallpapers]
    comment = fondo de pantalla
    path = /home/administrator/shares/wallpapers
    browseable = yes
    read only = no
    force create mode = 0660
    force directory mode = 0660
    valid users = @"vendedores", @"cybers", @"tech", @"gerentes"
    read list = @"vendedores", @"cybers"
    write list = @"tech", @"gerentes"
    admin users =
    vfs objects = acl_xattr full_audit
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename

15
para obtener la contraseña root de la base de datos:

Code: [Select]
cat /var/lib/zentyal/conf/zentyal-mysql.passwd

recuerda abrir el puerto 3306 en el cortafuegos.

y si necesitas agregar un nuevo usuario con privilegios limitados te sugiero este tema:
http://www.daniloaz.com/es/como-crear-un-usuario-en-mysql-mariadb-y-concederle-permisos-para-una-base-de-datos-desde-la-linea-de-comandos/

Pages: [1] 2 3 ... 5