Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - ATT1

Pages: [1] 2 3 ... 7
If one of you guys have created that policy with the RSAT tools, do they produce a file and if so, can you share that file?
And tell me how to tell Zentyal to use this ? I am using the free community edition....

I want to add one domain-wide GPO rule on a Zentyal7 samba/AD server to prevent any updates for Thunderbird on all local Windows clients, since the update usually breaks a lot of perfectly working stuff.

What is the easiest way, preferably from the command line in Linux, to do this ?
Currently, I only know that the following registry value is doing this, but for each client only, not domain-wide :

Code: [Select]

... and I don't want to run to each client computer and add this registry value by hand, when some domain-wide rule could do it.

I recently installed Zentyal 7 on a local server.
I have the following problem : Domain users can log in on a Windows-Client (usually, Win7 or Win10 Pro), but whatever they create in their profile is never properly saved. For example, one user can create a tiny folder on his desktop, but when he logs out and logs in again, the created folder simply vanishes. Sometimes, users are always logged in with a temporary profile and thus also lose everything they do on their profile, like, for example, Thunderbird settings, stuff on the Desktop, etc.etc.
In one case, a  Windows user logs in into the domain, but is automatically immidately logged off again. This even happens to him if the whole Windows-10-pro-client is freshly installed , so it cannot be because of some old registry settings, .bak registry settings, etc. etc.

Do you have any kind advice of how to deal with this and how to fix these bugs?

Same problem here.

I have the same question but I don't have installed "wbinfo" in old Zentyal 4.1
"apt-cache search wbinfo" does not find anything.
Where to find wbinfo, now ?

In Zentyal I have an option to give ALL samba users the option to SSH to the server and get a shell login.
But I don't want to give all users this option, but only some users, and restrict other users.
How do I do this ?

Oh. My. God.
I think adding all users again, including all their groups and all their "fetch external email" is easier.....  :-(

I have the need to freshly install a new Zentyal 6 on some machine and then to add all the existing users from an existing old Zentyal 4.1 installation, which exists on the old machine.
Somehow I would not want to manually add all users again.
Is there a script or something like that, which will add all users, including all their previous passwords and groups, to a new Zentyal 6 installation from an existing Zentyal 4.1 installation ?

I need more interfaces for my samba configuration file "smb.conf", like so:

Code: [Select]

However, when I edit this in /etc/samba/smb.conf, my changes are lost when the next reboot happens.
What to do to make my changes more permanent ?

I just found it myself.

In /etc/samba/smb.conf you need the option :

bind interfaces only=no   !!!!

Then it works.

So you first do "service samba-ad-dc stop" , edit the file, start the service again, and presto it worked..........

I can 100% confirm the same bug on Zentyal-6, latest development version : The firewall does not forward some ports to the VPN-IP ( for example).
NMAP shows different results for "localhost" and for "VPN-IP".
These ports are filtered when using the VPN-IP:
88, 135, 139, 389, 445, 464, 636, 953.... WHY ????   :-[ :-[ :-[ :-[

I want to get \\vpn-server\shares to work for any windows client having any VPN-IP !!   :'( :'( :'(

Edit: Addendum: Even when I totally switched off the firewall, the strange behaviour remained that some ports are not open when nmap'-checking the VPN-IP ( of the Zentyal server. An Nmap-check of the local eth0-ip adress of the Zentyal server ( reveals that all necessary ports are open...............
I have read all sort of VPN- and samba docs/forums/hints but I am still not getting this issue fixed.  Any help greatly appreciated.

I installed a Zentyal 4.1 long time ago and it still works and no I _don't_ want to upgrade under any circumstances; however I have to fix a tiny problem.
When being in the internal 192.168.x.x network I can reach the Zentyal shares fine using \\server01\shares on Windows-7 clients.
HOWEVER, the same machine has a VPN-ip-adress, and trying to reach that from a VPN-connected Windows-Client won't work.

I assume it is the firewall, because:

Starting Nmap 6.40 ( ) at 2019-01-28 15:25 CET
Nmap scan report for localhost (
Host is up (0.0000040s latency).
Other addresses for localhost (not scanned):
rDNS record for localhost.localdomain
Not shown: 975 closed ports
22/tcp    open  ssh
25/tcp    open  smtp
53/tcp    open  domain
80/tcp    open  http
88/tcp    open  kerberos-sec
110/tcp   open  pop3
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
143/tcp   open  imap
389/tcp   open  ldap
443/tcp   open  https
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
465/tcp   open  smtps
587/tcp   open  submission
636/tcp   open  ldapssl
993/tcp   open  imaps
995/tcp   open  pop3s
1024/tcp  open  kdm
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
3306/tcp  open  mysql
5000/tcp  open  upnp
8443/tcp  open  https-alt
20000/tcp open  dnp

Nmap done: 1 IP address (1 host up) scanned in 1.68 seconds
root@srv01:~# nmap

Starting Nmap 6.40 ( ) at 2019-01-28 15:26 CET
Nmap scan report for
Host is up (0.000023s latency).
Not shown: 987 closed ports
22/tcp    open  ssh
25/tcp    open  smtp
53/tcp    open  domain
80/tcp    open  http
110/tcp   open  pop3
143/tcp   open  imap
443/tcp   open  https
465/tcp   open  smtps
587/tcp   open  submission
993/tcp   open  imaps
995/tcp   open  pop3s
8443/tcp  open  https-alt
20000/tcp open  dnp

Nmap done: 1 IP address (1 host up) scanned in 2.48 seconds

So you can see that the firewall won't allow (?) port 135 and port 139 on the VPN-IP.

How can I fix that? Any advice appreciated.

I just want to know if Zentyal 6 has the option "fetch external mail" for each user. Is this still there?

If you can answer me, you save my time of making a test-installation. :D

Email and Groupware / Re: External Mail
« on: November 17, 2017, 10:06:16 am »
We have the same situation:  Every user is "" but the local Zentyal user is "username@company.lan".
Every user account fetches external mail from "".
We use the following Thunderbird mail client settings to work properly:
For fetching mail: Mail is fetched from  with user "username@company.lan" and local lan password for user.
For sending mail: Mail is SENT by (dot com!!) with user "username@company.COM" (dot com!! not lan!) and remote password (different password!!!)
I hope that helps. It works for us, for years now.

I am running Zentyal 4.1 and 4.2, 64bit, and I wonder if a little tricky configuration is possible.
So far, I have installed Zentyal. But now the requirement arose that the Zentyal server is reachable via VPN.
So I admit I did a very ugly VPN-hack, I added a boot-script that automatically connects to an outside VPN-server on starting.
Thus, the Zentyal gets a IP (static) and thus is reachable via client-to-client communication for all VPN-users in the 10.9.0.x area.
That is fine for Mail, Webserver, etc.etc. but not-so-fine for Samba: Trying to reach the shares via \\\shares results in waiting a while, then a network error "0x80004005".
I checked the /etc/samba/smb.conf and I added tun0 to the interfaces:
 interfaces = lo,eth0,eth1,tun0

However, it still won't let me connect from a Windows client to the Samba share at \\\shares

Any help is greatly appreciated.

Pages: [1] 2 3 ... 7