Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - philmills

Pages: 1 [2] 3 4 ... 10
16
OK I think I have figured it out for myself, so here goes:

For Zentyal 2.2 - other versions may differ.
================================
The command for restarting a module via cli (terminal)

sudo /etc/init.d/zentyal modulename restart

The module names are as follows:
    * antivirus
    * asterisk
    * ca
    * dhcp
    * dns
    * ebackup
    * firewall
    * ftp
    * ids
    * jabber
    * l7-protocols
    * mail
    * mailfilter
    * monitor
    * network
    * ntp
    * objects
    * openvpn
    * printers
    * remoteservices
    * samba
    * services
    * software
    * squid
    * trafficshaping
    * users
    * usercorner
    * webserver
    * radius
    * webmail
    * zarafa

I would be grateful if this post could be moved to Tips and Tricks

17
I've been looking through all documentation, but I can't find what I'm looking for.
I need to manually restart the backup service in Zentyal 2.2.7, but I can't find the command.

Is there anywhere documented all of the module service names?
It would be really useful to have a list of them all along with the various cli commands that can be used.

If it doesn't already exist, please can we have it added to either the WIKI or the official documentation.

18
Installation and Upgrades / Re: Backup Tool reports an error
« on: May 15, 2012, 10:33:06 am »
I have the same issue - clean install Zentyal 2.2.7, everything updated.

The error message shows on my server when running the backup manually using the command
Code: [Select]
/usr/share/zentyal-ebackup/backup-tool --fullI haven't yet run a scheduled backup, but I'd guess that I'll see the same error in the logs.

Backup is configured in FTP mode with no encryption.

19
I guess I should have added that.... sorry
I added it now

20
Installation and Upgrades / Re: Virtual Machines - more than one bridge?
« on: February 16, 2012, 10:13:57 am »
I don't see any options for making vSwitch in Zentyal...

21
Installation and Upgrades / Virtual Machines - more than one bridge?
« on: February 16, 2012, 08:50:25 am »
I have setup a virtual machine in Zentyal, and have configured networking in bridged mode.
I'd like to add more virtual machines also bridged.
However, I don't seem to be able to add more than one bridge per eth port.

I haven't used KVM/QEMU before, but I have quite a lot of experience with Virtualbox, which has no limitations on the number of bridges which can be configured on each eth port.

Am I missing something in my understanding of bridges in Zentyal?

22
This tutorial assumes you have an internet connection with a fixed IP address.

If you have a zentyal server with FTP service running, but your zentyal server is behind a firewall (I use pfsense as my firewall), You will find that users connecting from WAN can authenticate, but cannot get directory listing, and therefore connection will fail.

To fix this, you need to do the following:
  • In your firewall NAT rules you need to add a port range for passive ftp connections.
    for example:
    external port range: 10500-10600
    protocol: TCP
    NAT IP: your zentyal servers LAN IP address
    Local port range: 10500-10600
  • edit /etc/vsftp.conf
    Below all existing entries, add the following (modify to suit your above config):
    #Ip address to report to client:
    pasv_address= your router's WAN IP address
    #
    #Define passive port range:
    pasv_min_port=10500
    pasv_max_port=10600
  • Save the changes and restart the FTP service from Zentyal's dashboard

You should also check that your FTP client is set to connect using PASV (passive) mode

23
None of those issues affect my environment, as we don't allow users to set their own passwords.
I use Apache Directory Studio to import/export accounts

24
@philmills: did you ever try to manage Samba using SWAT?
It will be almost as efficient as Zentyal, if not more, for what concerns the only feature you are looking for that PDC emulation, i.e. Samba...
You will even don't need access to CLI  :D
Yes I did - it felt like using Windows 3.11, I found it messy, clunky and not really "enterprise ready".  On the other hand I also tried Webmin, which is good, but takes much longer to get results than zentyal, and the backup features were not great. Zentyal, is very clean, logical, and intuitive.
Quote
And do not think that Microsoft is always unsafe while Linux is always safe. You will be surprised with the large number of Microsoft servers exposed to internet but still reasonably secure.
Maybe so, but is it good practice?

Regarding DHCP, I recall some issues trying to get VPN to work, and trying to get Jabber to work.  I have a bad memory though.
Agreed that LDAP restrictions can be frustrating especially when trying to allow other services to authenticate against your LDAP etc. Maybe some kind of LDAP extension module would be a worthwhile addition to Zentyal...

25
Could you please elaborate on this?
Even if this is the default implementation in case you set up Zentyal with multiple interfaces, you can easily change it (I mean firewall behaver) using admin interface. Why would this be bad in term of security?
I guess I'm actualy assuming that "most" people (like me) have discovered zentyal while looking for a viable alternative to windows servers, be they PDC, BDC, file server, web server etc. In that respect, How many people would use a windows server as a gateway? Not many I think.  That would give a single point of failure in any security breach. Not good. Hence my statement:
Quote
My zentyal server is PDC and therefore I don't want it to be a gateway for security reasons.

Quote
why would you deploy Zentyal if all what you need is Samba?  ???
Because its a breeze to manage, without needing a pony-tail, greasy hair, sandals, glasses or pale complexion through lack of contact with the outside world.

Pfsense is router software, its very powerful but its not designed to be a server.  I'm a full believer in allowing software to do what it does best. pfsense = router,  zentyal = domain server.  I also think its prudent to have a coherent gui based system for managing my servers, so I'm using Zentyal as a base system whenevr possible. This is especially important when it comes to Zentyal's integrated backup, cloud client services etc.  I can have the same management interface on each server, this makes backups and restores very simple. In a linux domain, thats not something I have found easy to acheive, but Zentyal does it beautifully.

I have however found a number of difficulties relating to using zentyal without it being a DHCP server. I can't remember them well enough to state right now, but 2 or 3 times I have hit hurdles.

26
IMO Zentyal's assumption that Zentyal will act as gateway, is bad security practice, and it seems to have a domino effect, which it looks like you're experiencing.
My zentyal server is PDC and therefore I don't want it to be a gateway for security reasons.
We have pfsense router/firewall which provides internet/nat/dhcp, so I didn't want my zentyal server providing those services, especially as pfsense rocks ;P

In this scenario I found that I was unable to join PCs to the domain without tweaking samba.
It might be that you need to do the same...

check this thread: http://forum.zentyal.org/index.php/topic,6333.0.html

Hope it helps

27
Update: 

for zentyal 2.2 do the following:
   
  • Edit /usr/share/ebox/stubs/samba/smb.conf.mas   set   wins support = No,  add   local master = Yes
  • save changes and restart samba from Zentyal dashboard

28
Installation and Upgrades / Virtual Machine - path for new hard disks
« on: September 27, 2011, 12:14:47 pm »
I'm trying to setup winxp in Zentyal 2.2 virtual machine.
I configured the CD/DVD, and configured a new hard disk, but it seems the hard disk was not created correctly. I suspect its a disk space issue.
My root path has limited diskspace, whereas i created a seperate /var partition with lots of space (since primary function is webserver).

Whats the default path to virtualised hard-disks, and how can I change it?


29
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: September 23, 2011, 08:22:33 am »
If the sambaSID is correct, I think it should be OK.
Why not test it in a separate network?  All you need is a LAN switch, and borrow a PC from the existing domain.
Definitely don't try to go live with it until you've tested fully, and when you're testing be sure to check that you can still add new PCs to the new domain, as this is something I've had a few problems with.

30
The script is designed for XP.
The share mapping should work in Win 7 and Vista, but the My Documents redirect probably doesn't.

Pages: 1 [2] 3 4 ... 10