This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Directory and Authentication / How to downgrade Samba
« on: October 08, 2023, 07:39:52 pm »
Hello, way back when Samba issue happened with win 10/11 I did the recommended workaround to install Samba 4.16, while that worked great for a while, the august updates to win 10/11 broke it again. I know Zentyal 8 should fix that but would very much like to downgrade to Samba 4.15 that is current for Zentyal packages, as that DOES work with win 10/11 but every time I try aptitude to downgrade Samba it ends up erroring out. Can someone PLEASE advise how to downgrade Samba successfully so that I can stop being plagued by this and having to uninstall updates constantly on users PCs
2
Directory and Authentication / Re: [SOLVED] 0xc000018d STATUS_TRUSTED_RELATIONSHIP_FAILURE
« on: August 22, 2023, 09:44:07 pm »
If I were to install your patch, the official updates continue once it reached or exceeded the version of your patch? This bug is affecting me as well
3
Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: January 02, 2023, 09:52:14 pm »
@Zentyal Can you please provide instruction to roll back Samba before the modifications? Since using the modification, I can no longer access DNS or the Users module in Zentyal Web portal. Just tells me "Sorry, element not found"
4
Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: December 27, 2022, 04:27:57 pm »
I commented out the repositories that I added for the initial workaround, once Samba level catches up to that level, it will resume keeping up to date? anything else I should do other than comment out the repositories?
5
Directory and Authentication / Unauthenticated LDAP Bind
« on: December 27, 2022, 03:33:33 pm »
Hello,
Reaching out here as I have not been able to find the answer, our pentesting picked out our Zentyal server for allowing unathenticated LDAP bind and exposing information about domain which could be leveraged.....
How can I disable unauthenticated LDAP Bind in Zentyal?
Reaching out here as I have not been able to find the answer, our pentesting picked out our Zentyal server for allowing unathenticated LDAP bind and exposing information about domain which could be leveraged.....
How can I disable unauthenticated LDAP Bind in Zentyal?
6
Directory and Authentication / Re: GPO Migration, access denied
« on: December 05, 2019, 07:07:35 pm »
I was finally able to get this resolved, I used the above to copy the SYSVOL directory and policies to the replacement controller. However had come up with some errors on the restore ACL. I then used the GETFACL on the original controller to make a backup of the permissions to a file, copied to new one and restored the permissions with the file. Then after that I had to use "samba-tool ntacl sysvolreset" after that, I was FINALLY able to do a gpupdate /force on the windows pc and GPOs are synching again
7
Directory and Authentication / Re: GPO Migration, access denied
« on: October 31, 2019, 08:13:46 pm »
Also when I untarred it, it gave me a "C}/User/Preferences/Files: Warning: Cannot acl_from_text" for every item
8
Directory and Authentication / Re: GPO Migration, access denied
« on: October 31, 2019, 07:52:28 pm »
the only location I could find the sysvol was /var/lib/zentyal/tmp/samba.backup/
Is that the correct location? and is that the location I should restore to on the correct Zentyal machine?
Is that the correct location? and is that the location I should restore to on the correct Zentyal machine?
9
Directory and Authentication / Re: GPO Migration, access denied
« on: October 22, 2019, 08:11:51 pm »
Hello,
Yes I installed the new DC as an additional DC. Once I did that I did use the script provided to migrate the FSMO roles. I followed their two youtube videos on additional controller and transferring FSMO roles. I thought about using the rsync sysvol replication to get them over, but the issue now is, the old DC has been offline for so long, when I bring it up, workstations start authenticating against it and the credentials are all expired for everyone. So when I try things, I can only have the old one up for a few minutes before having to bring it back down. Also, I was looking and the domaindns and forestdns roles are still being held by the old controller, I can't get them to transfer either. Thought about seizing them but haven't tried. I did try resetting the SYSVOL permissions but that came back with an error too, so i restored to the snapshot from right before I did.
Yes I installed the new DC as an additional DC. Once I did that I did use the script provided to migrate the FSMO roles. I followed their two youtube videos on additional controller and transferring FSMO roles. I thought about using the rsync sysvol replication to get them over, but the issue now is, the old DC has been offline for so long, when I bring it up, workstations start authenticating against it and the credentials are all expired for everyone. So when I try things, I can only have the old one up for a few minutes before having to bring it back down. Also, I was looking and the domaindns and forestdns roles are still being held by the old controller, I can't get them to transfer either. Thought about seizing them but haven't tried. I did try resetting the SYSVOL permissions but that came back with an error too, so i restored to the snapshot from right before I did.
10
Directory and Authentication / [SOLVED] GPO Migration, access denied
« on: October 21, 2019, 05:29:47 pm »
Hello,
I created a new Zentyal server and went throught the process to make it the primary zentyal server. I transferred the FSMO roles as well. When I try to restore the backup of the GPOs in the GPO Console, it is telling me access denied on the new server. Please help!!
I created a new Zentyal server and went throught the process to make it the primary zentyal server. I transferred the FSMO roles as well. When I try to restore the backup of the GPOs in the GPO Console, it is telling me access denied on the new server. Please help!!
11
Installation and Upgrades / Re: Repeatable networking problem after apt update on 6.0
« on: July 26, 2019, 02:59:38 pm »
Never mind on my issue, it was coincidence in regards to the updates being run. I had been trying to stop all internal zone-transfers for PCI compliance and after updates that day I had also tried to block them with a firewall rule and instead blocked internet access to the ip address of my dc LOL
12
Installation and Upgrades / Re: Repeatable networking problem after apt update on 6.0
« on: July 25, 2019, 06:52:30 pm »
Did you have any luck with this issue? I have also lost internet access from the zentyal machine and can no longer perform updates as it can't reach the ubuntu servers. It seems to be dns related, as from the command line I can ping 8.8.8.8, however when attempting to ping using domain names, it fails. I did a fresh install on another VM, and internet was working just fine. Ran the updates and boom same thing......
13
Installation and Upgrades / Re: Upgrade stuck! Any suggestions?
« on: April 06, 2018, 07:34:57 pm »
OK so maybe there still is an issue, when making any changes to DNS and saving or when restarting the DNS service this is being generated in the log.
18/04/06 13:25:21 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: dns
2018/04/06 13:25:24 INFO> DNS.pm:91 EBox::DNS::appArmorProfiles - Setting DNS apparmor profile
2018/04/06 13:25:27 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command kinit -k -t /var/lib/samba/private/dns.keytab dns-pdc failed.
Error output: Password has expired
dns-pdc@MYDOMAIN's Password:
How do i Fix this, as my admin password works fine??
18/04/06 13:25:21 INFO> Base.pm:231 EBox::Module::Base::save - Restarting service for module: dns
2018/04/06 13:25:24 INFO> DNS.pm:91 EBox::DNS::appArmorProfiles - Setting DNS apparmor profile
2018/04/06 13:25:27 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command kinit -k -t /var/lib/samba/private/dns.keytab dns-pdc failed.
Error output: Password has expired
dns-pdc@MYDOMAIN's Password:
How do i Fix this, as my admin password works fine??
14
Installation and Upgrades / Re: Upgrade stuck! Any suggestions?
« on: April 06, 2018, 06:50:07 pm »
Well, couldn't stand the suspense and figured worst case I can restore the VM from the snapshot......rebooted and all seems ok.
15
Installation and Upgrades / Upgrade stuck! Any suggestions?
« on: April 06, 2018, 06:10:57 pm »
It was in the middle of upgrading from 5.0 to 5.1 and seems stuck on setting up the dns.conf line. Afraid to restart it and not have it come back up.....what should i do?
Pages: [1] 2