Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
31
Installation and Upgrades / Re: HOW TO: Map samba shares as network drives for XP clients and redirect My Docs
« on: July 15, 2011, 11:06:30 am »
A little word of warning regarding re-mapping My Documents, and about Windows XP default behaviour in that respect.
When My Documents is re-mapped to a network share, the windows Offline Files feature is automatically turned on.
In theory this is a great feature which would keep your files and folders synchronised and accessible even if there's a problem with the network connection.
Unfortunately, in practice (fairly widely documented on the net) the same feature can cause windows to switch at random into offline mode, rendering your network inaccessible, even when the network is connected.
Restarting the PC or logging off doesn't clear it, and your login scripts will no longer be able to run at logon.
This "feature" has caused us a lot headaches and for our users annoyance. And the only fix has been to manually turn off the feature in GPC on each workstation.
When My Documents is re-mapped to a network share, the windows Offline Files feature is automatically turned on.
In theory this is a great feature which would keep your files and folders synchronised and accessible even if there's a problem with the network connection.
Unfortunately, in practice (fairly widely documented on the net) the same feature can cause windows to switch at random into offline mode, rendering your network inaccessible, even when the network is connected.
Restarting the PC or logging off doesn't clear it, and your login scripts will no longer be able to run at logon.
This "feature" has caused us a lot headaches and for our users annoyance. And the only fix has been to manually turn off the feature in GPC on each workstation.
32
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: June 08, 2011, 11:20:43 am »
I can't promise, but I will try.
Thing is that a detailed wiki requires me to go through the entire process, and that does take some time (something I don't have much of right now).
Thing is that a detailed wiki requires me to go through the entire process, and that does take some time (something I don't have much of right now).
33
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: June 07, 2011, 08:45:31 am »
I think (if i remember correctly) that you need to create those, or import them from your backup source along with permissions.
If you don't have a backup source, then after creating the folders you'll need to CHOWN them for each user, so that access to them is restricted to that user only.
If you don't have a backup source, then after creating the folders you'll need to CHOWN them for each user, so that access to them is restricted to that user only.
34
Installation and Upgrades / Re: Using Zentyal / eBox as an LDAP Client
« on: March 30, 2011, 12:11:29 pm »
I've had more success using Zentyal as the LDAP server, and have some other servers connectiing to it for authentication, including a Mediawiki server, a Freenas server, a server with webmin.
35
Installation and Upgrades / Re: Using Zentyal / eBox as an LDAP Client
« on: March 30, 2011, 11:03:11 am »
nope....
36
Installation and Upgrades / Re: A simple logon script for Windows clients logging into an eBox PDC
« on: March 22, 2011, 03:19:47 pm »
Sorry, got your email, but just crazy busy at the moment.
If I give you the script as it is, then you'll probably have a lot of trouble trying to understand it, but if you don't mind that I can send it. There are some annotations in there.
I used WPKG Express to do the WPKG stuff, as it makes centralised management of the PCs on the network a breeze. I reccommend installing it on a seperate server (can be virtualbox) though, as it might mess with Zentyal's config. The script then tells WPKG to connect to the server for the install instructions.
You'll also hit problems trying to do installs on a samba domain as standard users don't have admin rights. I worked around this by using CPAU, which effectively allows you to do "run as".
My login script does the following:
1. check if CPAU exists on the local PC, if not copy it to C:\Installs
2. check if WKPG is installed, if not install it (using CPAU)
3. detect OS - if OS is Vista or later, most of the WPKG installs just don't work due to UAC. XP is best.
4. run wpkg
5. do drive mappings
I'll take a look when I get the chance.
If I give you the script as it is, then you'll probably have a lot of trouble trying to understand it, but if you don't mind that I can send it. There are some annotations in there.
I used WPKG Express to do the WPKG stuff, as it makes centralised management of the PCs on the network a breeze. I reccommend installing it on a seperate server (can be virtualbox) though, as it might mess with Zentyal's config. The script then tells WPKG to connect to the server for the install instructions.
You'll also hit problems trying to do installs on a samba domain as standard users don't have admin rights. I worked around this by using CPAU, which effectively allows you to do "run as".
My login script does the following:
1. check if CPAU exists on the local PC, if not copy it to C:\Installs
2. check if WKPG is installed, if not install it (using CPAU)
3. detect OS - if OS is Vista or later, most of the WPKG installs just don't work due to UAC. XP is best.
4. run wpkg
5. do drive mappings
I'll take a look when I get the chance.
37
Installation and Upgrades / Re: Unable to add a Windows XP client to a Zentyal Slave PDC domain
« on: March 14, 2011, 04:54:07 pm »
PDC/BDC is a feature in Windows 2000 & 2003 server also (except if you're using SBS). Not sure about 2008, since I don't have any 2008 servers.
I have to say I don't know why you'd need your Windows server to be so "invisible".... it is a server after all.
But, there are other ways to acheive invisibility:
Some ideas:
I have to say I don't know why you'd need your Windows server to be so "invisible".... it is a server after all.
But, there are other ways to acheive invisibility:
Some ideas:
- Don't publish any shares on the windows server
- Use some very strict firewall rules on Windows server
- Setup all your printer shares via Zentyal and CUPS, not Windows
- Maybe its possible to configure Windows server to use Zentyal's netlogon share
- Finally, if you don't want it seen at all, don't use it as a domain controller - Let Zentyal be your PDC and LDAP server and tell Windows server to sync its user accounts from there. In essence, reverse what you're trying to do, make Zentyal the only PDC and this should give you the freedom to make your Windows 2008 server as hidden as you like, it may not even need to be a member of the same domain.
38
Installation and Upgrades / Re: Unable to add a Windows XP client to a Zentyal Slave PDC domain
« on: March 14, 2011, 01:07:13 pm »
Correct me if I'm wrong, but if Zentyal is truly a slave, then your windows server is the PDC. In which case the windows server should be processing logons, and domain memberships. If you have both Windows server and Zentyal set as PDC, then Windows XP will get confused trying to figure which server to authenticate against when joining the domain. You can only have one PDC on a domain.
39
Installation and Upgrades / Re: A simple logon script for Windows clients logging into an eBox PDC
« on: March 14, 2011, 08:51:55 am »
I got around the vbscript problem another way.
I have to begin by explaining that since upgrade to latest version of Zentyal, the vbscript group based drive mappings just didn't work. it maps drives ok which are "all users" drives, and it maps the users home drive, but I couldn't get it to map group drives. To date I have no solution other than to map the drives old school in the logon.bat file using "net use".
This leads me to the other workaround. I edited /usr/share/ebox/stubs/samba/smb.conf.mas, changing the logon script value:
$logon_script => 'logon.bat'
Where logon.bat is the name of my file, not zentyal's.
This leaves me free to keep all my other crazy logon script stuff intact, as I'm using also WPKG to install and upgrade software at logon, and a whole bunch of other stuff.
I have to begin by explaining that since upgrade to latest version of Zentyal, the vbscript group based drive mappings just didn't work. it maps drives ok which are "all users" drives, and it maps the users home drive, but I couldn't get it to map group drives. To date I have no solution other than to map the drives old school in the logon.bat file using "net use".
This leads me to the other workaround. I edited /usr/share/ebox/stubs/samba/smb.conf.mas, changing the logon script value:
$logon_script => 'logon.bat'
Where logon.bat is the name of my file, not zentyal's.
This leaves me free to keep all my other crazy logon script stuff intact, as I'm using also WPKG to install and upgrade software at logon, and a whole bunch of other stuff.
40
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: March 14, 2011, 08:33:39 am »
- linux users are created with the same uid
- password and gid/uid is migrated too
- when i imported I didn't pay any attention to this, and they imported fine without being duplicated. But if you're worried you can do a group by group export to LDIF from the old LDAP database, or export the entire Groups database and edit out the unwanted groups using Notepad++ or some similar text editor. The LDIF file is just plain text.
- password and gid/uid is migrated too
- when i imported I didn't pay any attention to this, and they imported fine without being duplicated. But if you're worried you can do a group by group export to LDIF from the old LDAP database, or export the entire Groups database and edit out the unwanted groups using Notepad++ or some similar text editor. The LDIF file is just plain text.
41
Installation and Upgrades / Re: Zentyal & Windows XP Network Printer Drivers Fix
« on: March 07, 2011, 06:22:53 pm »
Really awesome, this is the only well explained method I have seen anywhere.
top marks!
Only issue I have is that no matter what paper size I set at server, the user's paper size always defaults to Letter size... I want A4, but I can't make it stick.
top marks!
Only issue I have is that no matter what paper size I set at server, the user's paper size always defaults to Letter size... I want A4, but I can't make it stick.
42
Installation and Upgrades / Re: Migrate from Ebox (Samba 2) to Zentyal (Samba 3)
« on: March 07, 2011, 05:28:17 pm »
check this thread for another LDAP Migration method and some pitfalls to watch out for: http://forum.zentyal.org/index.php?topic=6313
43
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: March 07, 2011, 05:26:00 pm »
for zentyal 2 and above just enter the cn and dc exactly as they appear in LDAP under users and groups.
for older ebox versions enter cn=ebox,[dc's as they appear in LDAP settings in ebox]
Make sure to paste the LDAP password into notepad before pasting it into Directory Stiudio, as sometimes the copy/paste process adds a space at the end where there shouldn't be one, and you won't be able to connect.
Its also worth noting that with Ebox i was able to connect using StartTLS encryption, but with Zentyal i had to use "no encryption".
for older ebox versions enter cn=ebox,[dc's as they appear in LDAP settings in ebox]
Make sure to paste the LDAP password into notepad before pasting it into Directory Stiudio, as sometimes the copy/paste process adds a space at the end where there shouldn't be one, and you won't be able to connect.
Its also worth noting that with Ebox i was able to connect using StartTLS encryption, but with Zentyal i had to use "no encryption".
44
Installation and Upgrades / [Solved] Zentyal doesn't allow windows clients to join domain.
« on: March 04, 2011, 04:13:10 pm »
I'm posting a retrosepective problem along with a solution in the hope that it may help someone else in the future, since its taken me the best part of the day to troubleshoot.
Here's my setup:
Unable to join new Windows clients to domain.
Solution (not entirely sure which change solved it, maybe both):
Here's my setup:
- Ubuntu 10.04 server base with Zentyal 2.0.3 clean install from repo
- DHCP is provided by our Pfsense router
- Imported LDAP users, groups, computers from older Ebox version using Apache Directory Studio
- About 10 shares allocated to various groups
- Windows XP clients
Unable to join new Windows clients to domain.
Solution (not entirely sure which change solved it, maybe both):
- Edit /usr/share/ebox/stubs/samba/smb.conf.mas set wins support = No, add local master = Yes
- save changes and restart samba from Zentyal dashboard
45
Installation and Upgrades / Re: LDAP export and import -the easy way
« on: March 04, 2011, 03:46:47 pm »
A word of warning...
In Ebox 1.4 and earlier, the path to the users home folder was:
/home/samba/users/[username]
In Zentyal 2.0 the path changed to:
/home/[username]
This path needs to be edited in your imported LDAP user records in order for your users to be able to access their Home shares (default H:\ )
In Ebox 1.4 and earlier, the path to the users home folder was:
/home/samba/users/[username]
In Zentyal 2.0 the path changed to:
/home/[username]
This path needs to be edited in your imported LDAP user records in order for your users to be able to access their Home shares (default H:\ )