Messages

1

Installation and Upgrades / Problems with AD-Sync

« on: September 14, 2012, 12:24:20 pm »

Hi all, the problem I have is as follows:

I have a 2.2 migrated zentyal from a 2.0. Users are enabled on a Windows 2003 server. By Ad-Sync I own the same users in the Windows Active Directory and Zentyal. So far everything is going right. If I create a user in Active Directory, is also created in Zentyal. The problem is with the passwords. The program that captures passwords 'ebox-pwdsync-hook.exe' that we have installed with the installer 'zentyal-adsync-2.0.1.exe' generates files correctly containing username/password pair in \windows\NTDS\ebox-adsync directory. Then 'ebox-pwdsync-service.exe' sends it to the zentyal server correctly.

That's where the problem is created because in /var/log/zentyal.log generates a message like this:

2012/09/13 12:28:54 DEBUG> UsersAndGroups.pm: 1341 EBox :: UsersAndGroups :: modifyUserLocal - nonexistent username: usuariocreado

But 'usuariocreado' user exists in zentyal.

What might look to fix this?

thanks

2

Spanish / Problemas con AD-Sync

« on: September 13, 2012, 03:04:32 pm »

Hola a todos, el problema que tengo es el siguiente:

Tengo un zentyal 2.2 migrado desde un 2.0. Los usuarios se activan en un windows 2003 server. Mediante Ad-Sync dispongo de los mismos usuarios en el Directorio activo de Windows que en Zentyal. Hasta ahí toda va correcto. Si yo creo un usuario en el directorio activo, se crea tambien en Zentyal. El problema es con los contraseñas. El programa que captura las contraseñas 'ebox-pwdsync-hook.exe' que los hemos instalado con el instalador 'zentyal-adsync-2.0.1.exe' genera correctamente los ficheros que contienen usuario/contraseña en el directorio \windows\ntds\ebox-adsync que luego el servicio  'ebox-pwdsync-service.exe' lo manda correctamente al servidor zentyal.

Ahí es donde se crea el problema ya que en /var/log/zentyal.log se genera un mensage como este:

2012/09/13 12:28:54 DEBUG> UsersAndGroups.pm:1341 EBox::UsersAndGroups::modifyUserLocal - nombre de usuario no existente: usuariocreado

Cuando 'usuariocreado' si existe como usuario en zentyal.

¿ Que podría mirar para poder solucionar este problema ?

Gracias

3

Installation and Upgrades / Re: Change slapd service ulimit value

« on: December 13, 2011, 02:44:22 pm »

I don't know, but I will investigate.
Many thanks

4

Installation and Upgrades / Re: Change slapd service ulimit value

« on: December 13, 2011, 12:47:46 pm »

At this moment I set ldap idletimeout in 30 seconds and the problem doesn't happen. But when I logout from Ubuntu session an error message appears and I need to restart computer. If I don't set ldap idletimeout, the session, logouts correctly. For this reason I want to increase ulimit.
 I don't know why Ubuntu needs to mantain this ldap session. I need to investigate this.

Thanks to reply.

5

Installation and Upgrades / Change slapd service ulimit value

« on: December 13, 2011, 10:34:34 am »

Hello, I need to change the ulimit value before slapd is started, because by default is set to 1024 max open files, and this cause 'too many open files' error when I connect from more of 20 ubuntu desktops to zentyal server.

If I change /etc/init.d/slaldp with ulimit -n 4096 (p.ex) the max open files for this process is set to 4096, but zentyal don't uses this init script to start this service. Where I need to change to make this ?

Many thanks

6

Installation and Upgrades / Re: Slapd service don't start after 2.0 to 2.2 migration

« on: December 10, 2011, 12:22:32 am »

here my solution:

I create a new machine with Zentyal 2.0
I restore 2.0 configuration backup in this new machine
I upgrade this new machine to 2.2
I create a backup of this new machine
In original server I reinstall Users with this command: sudo /usr/share/zentyal-users/reinstall
I restore the 2.2 configuration backup in this machine

And the users appears again in the server.

7

Installation and Upgrades / Re: Slapd service don't start after 2.0 to 2.2 migration

« on: December 09, 2011, 07:05:23 pm »

Where is the file I need to change ?

Thanks

8

Installation and Upgrades / Re: Slapd service don't start after 2.0 to 2.2 migration

« on: December 09, 2011, 01:28:42 pm »

I change /var/lib/ldap permission and the slapd restart but zentyal don't connect to the service

9

Installation and Upgrades / Slapd service don't start after 2.0 to 2.2 migration

« on: December 09, 2011, 12:19:17 pm »

Hello, I have a problem. I have a Zertyal server with 1500 users (I change max users in 2.0). I make a backup of zentyal configuration with zentyal frontend.
I migrate from 2.0 to 2.2 and slapd service don't start. First the error was /etc/ldap/slapd.d dir permissions. I correct this but now the error is this:

Dec  9 12:12:18 server slapd[4511]: hdb_db_open: database "dc=server,dc=domain,dc=local": alock package is unstable.

Any solution ? Is posible to reinstall ldap and restore backup configuration ?

Many thanks

10

Installation and Upgrades / Re: Subdirectories permissions of a shared folder

« on: October 05, 2011, 12:23:35 pm »

After many tests, I've discovered what is the problem. In the logon of Ubuntu workstations we had included the option of pam_mount, that automatically mount the shared folders with the UID and GID of the authenticated user, and manages the samba shared folder as if that user was the owner of the folder permissions losing server permissions settings.
We've changed the pam_mount configuration file /etc/security / pam_mount.conf.xml like this:

Code: [Select]

<cifsmount>mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "user =%(USER),%(OPTIONS)"</cifsmount>

And in that way the server permissions are OK.

I don't understand how samba manages ACL permissions , because after doing too many tests, the server permission system isn't respected. I don't know if ACL is don't fully implemented in Samba or is our configuration error.

For now I leave the traditional system of Linux.

Thanks anyway and sorry for my poor english

11

Spanish / Re: Permisos de subdirectorios de una carpeta compartida

« on: October 05, 2011, 12:03:12 pm »

Despues de muchas pruebas, ya he descubierto a que se debía el problema. En el logon de las estaciones de trabajo de Ubuntu teniamos incluida la opcion de pam_mount que montaba automaticamente las carpetas compartidas con el uid y gid del usuario autentificado, y samba gestiona la carpeta compartida como si ese usuario fuese el dueño de la carpeta obviando los permisos adjudicados en el servidor.
Hemos cambiado la instruccion de montaje de pam_mount del fichero de configuración /etc/security/pam_mount.conf.xml de esta forma:

Code: [Select]

<cifsmount>mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "user=%(USER),%(OPTIONS)"</cifsmount>

Y de esa forma respeta los permisos que estan adjudicados en el servidor.

La gestión que hace Samba de los permisos ACL que estan establecidos en el servidor, todavia no lo entiendo, ya que despues de hacer tambien muchas pruebas, veo que no respeta esos permisos. No se si es algo que este haciendo mal o que todavia no este completamente implementado en Samba este tipo de permisos.

Por ahora me vale el sistema tradicional de permisos de Linux.

Gracias de todas formas

12

Installation and Upgrades / Subdirectories permissions of a shared folder

« on: September 28, 2011, 08:59:18 am »

Hello, we come from an installation of Windows Server that we had a shared folder. Under that folder we have subfolders with their corresponding user and group permissions, so that the user accessed the shared folder but according to the permits granted, access subfolders or not.

We made ​​the switch to Zentyal and we have structured the same way. But I can't define this permission system.

I've watched plenty of documentation and I've done a thousand tests with the command: chmod, chgrp, chown affecting Linux file permissions, and with the command setfacl to modify the ACL permissions of the folders.

Is posibble to operate in Linux by this way?
How samba manage permissions?
Would someone explain or show some link that explains all of this?

I've looked at Zentyal and I haven't found anything.

thank very much

13

Spanish / Permisos de subdirectorios de una carpeta compartida

« on: September 27, 2011, 02:25:20 pm »

Hola, nosotros venimos de una instalacion de Windows Server en la que teniamos una carpeta compartida y debajo de esa carpeta habia subcarpetas con sus correspondientes permisos de usuario y grupo, de forma que el usuario accedia a la carpeta compartida pero segun los permisos, accedia o no a las subcarpetas.

Hemos hecho el cambio a Zentyal y lo hemos estructurado de la misma forma. Pero no consigo delimitar que usuarios y grupos pueden acceder a una carpeta o no.

He mirado infinidad de documentacion y he hecho mil pruebas con los comandos: chmod, chgrp, chown que afectan a los permisos de los ficheros Linux y con  el comando setfacl que modifica los permisos ACL de las carpetas.

¿ Permite Linux operar de esta forma ?
¿ Como gestiona samba el tema de los permisos ?
¿ Me podria alguien explicar o dirigir a algun enlace en el que explique todo este tema ?

He mirado en zentyal y no he conseguido encontrar nada que me valga.

Muchas gracias

14

Installation and Upgrades / Too many time to login in the session

« on: September 19, 2011, 04:05:21 pm »

Hello, we have a school with zentyal 2.0 server and ubuntu 11.4 clients connected to this server. Sometime, one or two times at day, we have problems with the time to the client is logged to session. They took minutes.

Any suggestion ?

15

Installation and Upgrades / Re: Add user to group programatically

« on: August 05, 2011, 04:18:52 pm »

Many thanks.