Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - tamuin

Pages: [1] 2
1
Installation and Upgrades / Re: can't log in Webadmin
« on: February 06, 2022, 06:59:00 pm »
Same issue here, just upgraded from 6.2

Error inserting data: INSERT INTO audit_sessions ( `username`, `timestamp`, `ip`, `event`) VALUES ( ?, ?, ?, ?) Values: $VAR1 = [ 'zadmin', '2022-2-6 12:40:41', 168430183, 'fail' ]; at /usr/share/perl5/EBox/MyDBEngine.pm line 289

2
Directory and Authentication / Re: Samba logs
« on: February 14, 2020, 03:48:50 am »
I apologize for replying to my own post, but I have some additional information.  I am seeing the following in syslog:
Code: [Select]
Feb 13 00:07:55 stthomas systemd[1]: zentyal.loggerd.service: Main process exited, code=exited, status=9/n/a
Feb 13 00:07:55 stthomas systemd[1]: zentyal.loggerd.service: Failed with result 'exit-code'.
Feb 13 00:07:55 stthomas systemd[1]: zentyal.loggerd.service: Service hold-off time over, scheduling restart.
Feb 13 00:07:55 stthomas systemd[1]: zentyal.loggerd.service: Scheduled restart job, restart counter is at 2.
Feb 13 19:50:39 stthomas systemd[1]: zentyal.loggerd.service: Main process exited, code=exited, status=9/n/a
Feb 13 19:50:39 stthomas systemd[1]: zentyal.loggerd.service: Failed with result 'exit-code'.
Feb 13 19:50:39 stthomas systemd[1]: zentyal.loggerd.service: Service hold-off time over, scheduling restart.
Feb 13 19:50:39 stthomas systemd[1]: zentyal.loggerd.service: Scheduled restart job, restart counter is at 1.
Is there a conf file for 'loggerd'?  is anyone else having this issue?

3
Directory and Authentication / Re: Samba issue
« on: February 14, 2020, 02:58:45 am »
> I like the way you present your case. Thank you. I'm learning simply by reading your post.
Thanks!

I think I was experiencing two issues (maybe more).  First, I believe some connections were being dropped because of inactivity as described here:
https://support.microsoft.com/en-us/help/297684/mapped-drive-connection-to-network-share-may-be-lost

I believe I have addressed this issue by running the following command on each workstation:
Code: [Select]
net config server /autodisconnect:-1
Second, I believe that there is an oplocks issue with Abobe Creative Suite programs (especially InDesign).  I found that if I released all of the locks for the affected user(s) (i.e. kill the pid of the smbd process for the affected user, this can be found using smbstatus) that seemed to resolve the issue.

I have added kernel oplocks = yes to smb.conf (/usr/share/zentyal/stubs/samba/smb.conf.mas).  If the problem reappears I will turn off oplocks entirely, if that doesn't work I revert to trying random solutions I find on the internet. (tried this, but it seemed to cause issues for Autodesk users).

As I mentioned, I am running Zentyal on a VM under proxmox.  The shares are actually on the host machine (proxmox) and shared with the Zentyal VM using the 9P filesystem.  This seems to be a pretty slick method and the performance is quite good.  If anyone is interested in this some information can be found here:https://forum.proxmox.com/threads/virtfs-virtio-9p-plans-to-incorporate.35315/#post-184993

> I think this issue should be studied from the Windows Client side. Did you check the Microsoft event viewer of these clients?
Good suggestion, I should have done this, I got focused on the server side logs.  I will take a look.  I also should crank up the logging level on the server.

>Did you check the shares accessibility through the  IP instead of the UNC while the issue self manifests?
The affected workstations could not access the shares suing the mapped drive letter OR the UNC path OR the IP (we tried them all).

As an aside, I had a weird issue that I believe is unrelated to my other issues.  When things were working fine, I could get to the shares just fine by typing the UNC path into the windows file explorer address bar, but when I typed the IP address (\\10.10.10.1\SharedDirectoryName).  It would either take a long time to load the directory or give me an error saying that it was not available.  The firewall logs showed dropped packets from those clients on port 111, so I opened up port 111 on "Filtering rules from internal networks to Zentyal" and the issue went away.  Is this some new windows 'feature' or 'security measure' or do I possible have something setup wrong?


4
The 'General Information' widget on the Dashboard list the number of users.  Right now on my system it shows 1, which happens to be equal to the number of VPN users (me) but in reality there are another six people logged on right now.  These other active users show up when I run "smbstatus" or "net status sessions" from the command line.

5
Directory and Authentication / Samba issue
« on: February 07, 2020, 04:24:55 am »
I am having an issue where part way through the day several users lose their mapped network drives (and their ability to access shared folders using the UNC path).  Windows file explorer will just hang if you try to access a mapped drive and any program will hang if you go to file - open and try to navigate to a mapped drive.

When this happens I can not ping their machines from the server but usually they can still ping the server from their machine.

The users can still access the internet through a browser when this happens, and zentyal is acting as a gateway.

Logging off and back on again typically solves the problem; however, if several users experience the problem at the same time I have to reboot the server to restore access.

I have tried various method of mapping the drives, initially I had been mapping the drives with a group policy then switched to running a local a script file that runs when a user logs on to their workstation.  The script file essentially does this for several shared directories:
Code: [Select]
net use n: /delete
net use n: \\server\share

I suspect this is a samba issue, but I can not find any smoking gun in:
/var/log/syslog
/var/log/samba/*
/var/log/zentyal/*

I do see the following error messages at various times during the day in /var/log/samba/samba.old
Code: [Select]
samba.log.old:  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[5] status[NT_STATUS_INVALID_PARAMETER] || at ../source3/smbd/smb2_ioctl.c:309
samba.log.old:[2020/02/06 16:18:31.443160,  3] ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
samba.log.old:  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[9] status[STATUS_NO_MORE_FILES] || at ../source3/smbd/smb2_query_directory.c:155
samba.log.old:[2020/02/06 16:18:31.443599,  3] ../source3/smbd/smb2_server.c:3139(smbd_smb2_request_error_ex)
samba.log.old:  smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../source3/smbd/smb2_getinfo.c:154
but the time at which these errors occur does not correspond to the time at which the users have the issue.

I just started running running Zentyal 6.1 in a VM under proxmox and everything had been running well for a while (2 weeks) and then this issue cropped up.

One last bit of information, the issue often happens when the users are using Adobe Indesign.

Any thoughts are appreciated.

6
Directory and Authentication / Samba logs
« on: February 07, 2020, 03:36:54 am »
I believe I have a problem with samba (which I will put in another post).  I have been trying to take a look at the logs to figure out what is going on and it appears that the webui for logs in Zentyal is not working correctly (perhaps just on my machine).

If I go to the logs screen in the webui and take a look at the samba log for "any event" the last activity I see is this:
Code: [Select]
2020-02-06 15:53:11   10.10.10.233   LTRW\smulligan  Read file .

But if I take a look at syslog, this is what I see:
Code: [Select]
grep smulligan /var/log/syslog | tail
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|disconnect|ok|Archive
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|chdir|ok|chdir|/home/samba/shares/Shared
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|stat|ok|.
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|file_id_create|ok|31:3161c:0
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|stat|ok|/home/samba/shares/Shared
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|chdir|ok|chdir|/
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|stat|ok|.
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|file_id_create|ok|fd00:2:0
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|stat|ok|/
Feb  6 19:19:05 stthomas smbd_audit: LTRW\smulligan|10.10.10.233|disconnect|ok|Shared

As you can see there is a multi-hour gap.  During this gap there was quite a bit of samba activity but it is not showing up in the webui logs screen.  Any idea why?

Restarting logs through the dashboard widget kinda helps, now there is a new log entry:
Code: [Select]
2020-02-06 21:28:08   10.10.10.205   LTRW\ap   Read file   20191216_135831.jpg
But there still is a multi-hour gap.  Any idea of what is going on?  I have assumed that the logs screen is searching the syslog but perhaps it does something else, I could not find anything in the Zentyal documentation that provides any insite on how Zentyal stores its logs.

7
Has anyone tried this for Zentyal 6?

***update****

I used the update for 5.0 on 6.1 and it worked!

Please note, that the static addresses that is shows are the fixed ip addresses identified in the DHCP module, so if someone sets a static IP address on their laptop and connects it to your network you will not see it here unless it is one of the static IP addresses identified in the DHCP module.

8
how did you solve this?

9
Thanks for the prompt reply.

It turns out I had a entry in my dhcpd.leases file that was set to never expire, I manually deleted and restarted dhcp and the problem resolved itself.

10
I did this mod when I had 4.0 running.  I recently upgraded to 4.2 and now I can only see the fixed addresses, the dynamically assigned addresses don't show up anymore.

I have tried reverting back to the original, but that did not fix the problem.

I am guessing that I should have reverted back to the original before I upgraded.

Any ideas/suggestions?

 

11
Installation and Upgrades / Re: Traffic Shaping missing?
« on: February 18, 2016, 03:54:09 pm »
I use TC and the the following script.  My PBX sets the TOS for SIP and RTP packets and then I use a U32 filter to put them in the appropriate queues.

You could change the U32 filter to look for packets coming from a certain port (sport) or going to a specific port (dport).  I think you would change " u32 match ip tos 0xb8 0xff" to something like " u32 match ip sport 5060" (check the man pages for tc to see if this is correct). 

Additionally, you should change the bandwidth setting for the third queue to something that is appropriate for you (I have a 1Mbs outgoing connection).

If you search for "tc" and "voip" you will find similar scripts

Code: [Select]
#!/bin/bash
# this is intended to be low latency which is why prio, sfq and tbf are used
# set queues up for traffic on WAN (eth0)

# clear exitisting queue structure (this will cause a non-fatal error if no queues were previously set)
/sbin/tc qdisc del dev eth0 root

# put everything in the third queue by default
/sbin/tc qdisc add dev eth0 root handle 1: prio priomap 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2

# set up the queues, rate limit the third queue so that there is always some bandwidth for voip traffic
# note: the use of perturb with sfq seems to increase jitter
/sbin/tc qdisc add dev eth0 parent 1:1 handle 10: sfq
/sbin/tc qdisc add dev eth0 parent 1:2 handle 20: sfq
/sbin/tc qdisc add dev eth0 parent 1:3 handle 30: tbf rate 750kbit latency 30ms burst 10000

# Audio packets go to first queue, PBX sets TOS for RTP audio packets=ef, ef=0xb8
/sbin/tc filter add dev eth0 protocol ip parent 1: prio 1 u32 match ip tos 0xb8 0xff flowid 1:1

# SIP packets go to the second queue, PBX sets TOS for SIP pakets=cs3, cs3=0x60
/sbin/tc filter add dev eth0 protocol ip parent 1: prio 1 u32 match ip tos 0x60 0xff flowid 1:2


12
I would like to be able to see which VPN are active so I went to drag the widgets onto the dashboard.  Unfortunately only some of the VPNs show up under the widget list.  I have 6 vpn servers set up and the widgets for only 4 of them show up in the widget list.  Any ideas of what might be causing this?

13
Installation and Upgrades / Re: outlook 2010 push issues
« on: June 01, 2015, 04:47:46 pm »
https://tracker.zentyal.org/issues/2747


Please everyone post about this on the tracker, lets hope they change it!!

They just updated/closed this item on the tracker.  It looks like they will only be implementing this on the paid version.  They have a free trial to the paid version and I suspect that they are not all that interested in having people try out the community edition and moving to the paid version - there is no way to upgrade and they are not implementing a number of the bug fixes/features in the community edition.

14
Installation and Upgrades / Re: Is Zentyal ready for production?
« on: May 20, 2015, 04:50:38 pm »
The Exchange functions simply do not work.

What Exchange features do not work?  I tested it a number of months ago and it seemed to do most of the Exchange features (access other users' calendars, shared address books, etc.)

See the post in the link below about my experience.  My initial testing seemed to indicate that everything worked ok (there were some issues noted in the documentation but no deal breakers).  When I tried it with 5-6 users a lot of problems came up.
https://forum.zentyal.org/index.php/topic,23641.msg95420.html#msg95420

15
Installation and Upgrades / Re: known limitations
« on: May 13, 2015, 05:17:39 pm »
Thank you for your help. I have setup the groups and that part is working but now I get errors when it tries to sync. Not sure what could be going wrong. It says that the provider does not support it. Any ideas?

If the sync errors are for the global address list/book you do not need to worry about them.  Openchange does not fully support this yet.  There use to be a short list of of things that were not supported at this link, but it seems to be missing at the moment:

http://www.sogo.nu/english/nc/support/faq/select_category/9.html


Pages: [1] 2