This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Other modules / Re: Zentyal 5 VPN configuration
« on: November 29, 2018, 02:50:19 am »
I've not tried connecting an internal domain through a gateway server, but I have successfully used OpenVPN connections on the server box successfully (Router Gateway <-> Zentyal).. so my suggestions may/may not be helpful
Generating certs etc from your description look good though from the error you're getting it looks like something went screwy when the certificates were generated and OpenVPN doesn't trust them.. but from my reading of your setup it looks like there might be a forwarding issue from your Gateway server to the Domain server. Can you connect to the VPN when you're on the Domain LAN ? (N.B. you'll need to change the ip address to the local IP when generating the download bundle). If so you might need to forward 1194 from the Gateway to the Domain. FYI My working config doesn't have the TUN Interface ticked, or redirect gateway.
I know you chose a windows bundle, but are you testing with a linux host ? If so, this may be helpful; https://blog.2ndquadrant.com/cant-connect-openvpn-linux-verify_error-tls_error/ try starting openvpn with;
sudo OPENSSL_ENABLE_MD5_VERIFY=1 openvpn client.ovpn
If not, I'd suggest re-generating the certs and trying the config again. Might also be worth posting the connection attempt log from /var/log/openvpn/VPN-Server.log so we can see what's happening server side.
Generating certs etc from your description look good though from the error you're getting it looks like something went screwy when the certificates were generated and OpenVPN doesn't trust them.. but from my reading of your setup it looks like there might be a forwarding issue from your Gateway server to the Domain server. Can you connect to the VPN when you're on the Domain LAN ? (N.B. you'll need to change the ip address to the local IP when generating the download bundle). If so you might need to forward 1194 from the Gateway to the Domain. FYI My working config doesn't have the TUN Interface ticked, or redirect gateway.
I know you chose a windows bundle, but are you testing with a linux host ? If so, this may be helpful; https://blog.2ndquadrant.com/cant-connect-openvpn-linux-verify_error-tls_error/ try starting openvpn with;
sudo OPENSSL_ENABLE_MD5_VERIFY=1 openvpn client.ovpn
If not, I'd suggest re-generating the certs and trying the config again. Might also be worth posting the connection attempt log from /var/log/openvpn/VPN-Server.log so we can see what's happening server side.
2
Installation and Upgrades / Re: Block port
« on: November 28, 2018, 09:30:47 pm »
RTFM, there's a nice page on configuring the zentyal firewall here;
https://wiki.zentyal.org/wiki/En/4.1/Firewall#firewall-configuration-with-zentyal
If you still don't understand, please tell us what on what interface and whether you want to block incoming or outgoing traffic.
https://wiki.zentyal.org/wiki/En/4.1/Firewall#firewall-configuration-with-zentyal
If you still don't understand, please tell us what on what interface and whether you want to block incoming or outgoing traffic.
3
Installation and Upgrades / Re: New Install, can't change wrong DNS server
« on: August 14, 2017, 02:44:34 pm »
Sorry Phlod, you've already done what I would have suggested. As you say, it must be stored somewhere other than the filesystem i.e. a database. I was hoping someone else would chime in with some other pertinent advice, but seems not. Sorry to not have been more use mate, seems like you'll have to scratch it and start again.
4
Installation and Upgrades / Re: New Install, can't change wrong DNS server
« on: August 11, 2017, 12:02:48 am »
Ok, last ditch attempt before you scratch it.. Can you grep for the IP or did you do that already?
sudo -i
cd /etc/
grep -R "75.75.75.75" *
sudo -i
cd /etc/
grep -R "75.75.75.75" *
5
Installation and Upgrades / Re: New Install, can't change wrong DNS server
« on: August 09, 2017, 02:03:51 pm »
Firstly, In Network > DNS > (Domain Name Server Resolver), enter 127.0.0.1 as the 'search domain'. This is what my resolv.conf is set to. Hopefully that will change your from 75.75.75.75 to doing it's own lookups.
Secondly; Add some DNS forwarders, Forwarders are DNS servers that get used when the name resolution can't be solved by the server itself. On mine I have these set to 1, the router's IP address (if you're using that for DHCP etc) and then some public DNS servers. I have mine set to 8.8.8.8, 8.8.4.4 (i.e. google public DNS servers) and 208.67.222.222, 208.67.220.220 (i.e. OpenDNS public DNS servers).
By the sounds of it the domain itself has been autoconfigured correctly. Let us know how you get on. Cheers!
Secondly; Add some DNS forwarders, Forwarders are DNS servers that get used when the name resolution can't be solved by the server itself. On mine I have these set to 1, the router's IP address (if you're using that for DHCP etc) and then some public DNS servers. I have mine set to 8.8.8.8, 8.8.4.4 (i.e. google public DNS servers) and 208.67.222.222, 208.67.220.220 (i.e. OpenDNS public DNS servers).
By the sounds of it the domain itself has been autoconfigured correctly. Let us know how you get on. Cheers!
6
Installation and Upgrades / Re: New Install, can't change wrong DNS server
« on: August 08, 2017, 12:49:52 am »
In the Zentyal Dash, Choose 'DNS' from the left-hand menu. Check 'Forwarders' and 'Domains' for your setting of 75.75.75.75 and change it.. Or is there something I'm missing ?
7
Installation and Upgrades / Re: Wrong Time
« on: January 26, 2017, 01:27:12 pm »
If you have just changed the time on the server you may just have to wait. NTP changes the time by speeding up or slowing down its clock until it reaches the correct time. Otherwise, any date and time stamped events could repeat, be recorded twice or not happen at all.
If the time doesn't change, report back and I will try to help.
If the time doesn't change, report back and I will try to help.
8
Email and Groupware / Re: openchange and mail don't start anymore
« on: November 18, 2016, 08:49:55 pm »
Passwords are set to expire by default in this version of Zentyal. Check this post for how to change the time to expire... https://forum.zentyal.org/index.php/topic,24613.msg93942.html#msg93942
9
Installation and Upgrades / Re: Possible to Remove the GUI ?
« on: August 15, 2016, 03:54:31 pm »
You could try changing the boot options in grub so that it boots to a text-only interface, that should fix your problem;
edit /etc/default/grub
Then when you reboot, the GUI shouldn't start up. If you need the GUI, type
edit /etc/default/grub
Code: [Select]
sudo nano /etc/default/grub
change the line Code: [Select]
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
toCode: [Select]
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash text"
Code: [Select]
sudo update-grub
reboot.Then when you reboot, the GUI shouldn't start up. If you need the GUI, type
Code: [Select]
startx
to initiate an X Desktop session. If that doesn't work, try Code: [Select]
sudo service gdm start
10
Other modules / Re: WEB server disappeared
« on: May 24, 2016, 09:10:21 pm »
Hi,
Zentyal dropped support for the webserver module and it's nolonger included in Zentyal 4+. You can install apache2 separately but won't be managed through the management pages I'm afraid. Zentyal now uses nginx instead of apache to serve the management pages.
According to this guide, Zentyal 2.3 is available on Ubuntu 16.04 Universe repository and webserver module is available from the Zentyal team PPA. You could try starting there
Zentyal dropped support for the webserver module and it's nolonger included in Zentyal 4+. You can install apache2 separately but won't be managed through the management pages I'm afraid. Zentyal now uses nginx instead of apache to serve the management pages.
According to this guide, Zentyal 2.3 is available on Ubuntu 16.04 Universe repository and webserver module is available from the Zentyal team PPA. You could try starting there
11
Installation and Upgrades / Re: Bug: Zentyal unable to act as a Primary Domain Controller for Windows
« on: March 26, 2016, 06:59:25 pm »
Sorry it's taken a day or so, we've got a newborn in the house and I've been pretty busy! I've done as I said and have installed Zentyal 3.4 and Windows XP (SP1 in this instance) as virtual machines on my server. The network adapters are set as bridged adapters and so behave like native machines on the network.
I set up Zentyal with fairly minimal set of packages and currently have the following modules installed;
Network, Firewall, Antivirus, DNS, Events, Logs, Monitoring, NTP, VPN, Users and Computers, Web server, File sharing and domain services, User corner. I've not installed any updates, this is a vanilla copy of Zentyal 3.4. DHCP is installed, but not enabled.
I took the default zentyal domain name (Realm: ZENTYAL-DOMAIN.LAN, NetBIOS domain name: ZENTYAL-DOMAIN, Enable roaming profiles: ticked), and created a user (Users and Computers > manage) and added this user to the domain admins group. I then installed a VM with XP as a stand alone machine (i.e. workgroup, not domain) and set a static IP with the DNS entry pointed to the Zentyal VM IP, gateway set to my router IP. Both VMs were then restarted.
Once the Zentyal VM was back up & all services started, on the XP VM I went into 'system properties > computer name' and joined the domain using the full domain name in lower case 'zentyal-domain.lan' and XP took the credentials of the user I'd created. It joined the domain and after a reboot, mapped the network drive for the user at logon as expected. I removed this user from domain admins and they are still able to logon to the domain.
Can I suggest you try again, accepting the defaults and see how you get on ? If you're still stuck, backup your configuration (System > Import/Export Configuration) and attach your backup file to a post. I can then try restoring your backup and see if I can find anything wrong with it. Also generate a report file so I can compare this to my working setup.
Good luck.
P.s. if your web interface won't come up when its plugged in, I suspect your gateway has a problem or the settings for it are incorrect.
I set up Zentyal with fairly minimal set of packages and currently have the following modules installed;
Network, Firewall, Antivirus, DNS, Events, Logs, Monitoring, NTP, VPN, Users and Computers, Web server, File sharing and domain services, User corner. I've not installed any updates, this is a vanilla copy of Zentyal 3.4. DHCP is installed, but not enabled.
I took the default zentyal domain name (Realm: ZENTYAL-DOMAIN.LAN, NetBIOS domain name: ZENTYAL-DOMAIN, Enable roaming profiles: ticked), and created a user (Users and Computers > manage) and added this user to the domain admins group. I then installed a VM with XP as a stand alone machine (i.e. workgroup, not domain) and set a static IP with the DNS entry pointed to the Zentyal VM IP, gateway set to my router IP. Both VMs were then restarted.
Once the Zentyal VM was back up & all services started, on the XP VM I went into 'system properties > computer name' and joined the domain using the full domain name in lower case 'zentyal-domain.lan' and XP took the credentials of the user I'd created. It joined the domain and after a reboot, mapped the network drive for the user at logon as expected. I removed this user from domain admins and they are still able to logon to the domain.
Can I suggest you try again, accepting the defaults and see how you get on ? If you're still stuck, backup your configuration (System > Import/Export Configuration) and attach your backup file to a post. I can then try restoring your backup and see if I can find anything wrong with it. Also generate a report file so I can compare this to my working setup.
Good luck.
P.s. if your web interface won't come up when its plugged in, I suspect your gateway has a problem or the settings for it are incorrect.
12
Installation and Upgrades / Re: Bug: Zentyal unable to act as a Primary Domain Controller for Windows
« on: March 25, 2016, 02:03:44 am »
In Zentyal the config files are auto-generated every time a service is restarted. Editing the configs directly is a waste of time, as you have found your changes will simply be overwritten. If you need to change something manually, it needs to happen via stub templates and/or hooks. Please see this; https://wiki.zentyal.org/wiki/En/3.5/Development_and_advanced_configuration However what you're trying to achieve should work 'out of the box', there is no need to resort to the command line or editing configs. Please look at the official documentation for guidance setting up your domain server. https://wiki.zentyal.org/wiki/En/3.5/Users,_Computers_and_File_Sharing#Configuring_a_Domain_Server_with_Zentyal
Yes I agree at first the 'Zentyal way' of managing everything is frustrating when you're used to rolling your own services, but it does have its advantages.
Yes I agree at first the 'Zentyal way' of managing everything is frustrating when you're used to rolling your own services, but it does have its advantages.
13
Installation and Upgrades / Re: Bug: Zentyal unable to act as a Primary Domain Controller for Windows
« on: March 24, 2016, 05:26:39 pm »
Ok, good to hear you're making some progress. EOL = End of life. It took me a long while to let go of XP, but unless you have a special need (i.e. drivers or non-compatible software) IMHO it's not worth running an insecure OS. But hey, 1. we can argue whether a fully patched windows machine is ever secure and 2. that's not my decision.
I don't recognise the screenshot you posted. It looks like the services page (Network > Services > then 'Configuration' of a service) but priority, weight and target are not shown here. I've no experience of Zentyal 3.x myself, so that could be the reason. I went from 2.x and then did a clean install of 4.0 and migrated the data etc. However, turning off the firewall doesn't affect samba in a non-domain setup and it's strange to me that it does for you. Did you look at the firewall logs (Logs > firewall > full report) and see whether you can see anything useful there ?
Quick question, is DHCP turned off on your router ? If not, it will be setting it's own DNS servers instead of zentyal to do lookups. Either turn it off & let zentyal do it, or set the ethernet config on your test machine manually. Also, zentyal does everything through the admin pages, so you shouldn't need to provision via the command line.
I'm setting up a domain in VMs with Zentyal 3.4 (that's the closest version I have to hand) and XP SP3, and will report back if I find anything of use.
I don't recognise the screenshot you posted. It looks like the services page (Network > Services > then 'Configuration' of a service) but priority, weight and target are not shown here. I've no experience of Zentyal 3.x myself, so that could be the reason. I went from 2.x and then did a clean install of 4.0 and migrated the data etc. However, turning off the firewall doesn't affect samba in a non-domain setup and it's strange to me that it does for you. Did you look at the firewall logs (Logs > firewall > full report) and see whether you can see anything useful there ?
Quick question, is DHCP turned off on your router ? If not, it will be setting it's own DNS servers instead of zentyal to do lookups. Either turn it off & let zentyal do it, or set the ethernet config on your test machine manually. Also, zentyal does everything through the admin pages, so you shouldn't need to provision via the command line.
I'm setting up a domain in VMs with Zentyal 3.4 (that's the closest version I have to hand) and XP SP3, and will report back if I find anything of use.
14
Email and Groupware / Re: [SOLVED] Incoming email blacklisting
« on: March 23, 2016, 08:22:13 pm »
That's pretty handy. Thanks for reporting back with your solution.
15
Installation and Upgrades / Re: how to set the clock?
« on: March 23, 2016, 07:35:40 pm »Whoever would have thought setting a clock would make zentyal blow it's stack like this.
Anyone that understands NTP is essential would think that.
Code: [Select]
sudo service ntp stop
sudo ntpd -gq
sudo service ntp start
The -gq tells the ntp daemon to correct the time regardless of the offset (g) and exit immediately (q).