Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Directory and Authentication / Re: one domain wide GPO to prevent thunderbird updates for all users
« on: January 29, 2022, 08:57:06 pm »
Hi,
If one of you guys have created that policy with the RSAT tools, do they produce a file and if so, can you share that file?
And tell me how to tell Zentyal to use this ? I am using the free community edition....
If one of you guys have created that policy with the RSAT tools, do they produce a file and if so, can you share that file?
And tell me how to tell Zentyal to use this ? I am using the free community edition....
2
Directory and Authentication / one domain wide GPO to prevent thunderbird updates for all users
« on: January 14, 2022, 10:03:50 am »
Hello,
I want to add one domain-wide GPO rule on a Zentyal7 samba/AD server to prevent any updates for Thunderbird on all local Windows clients, since the update usually breaks a lot of perfectly working stuff.
What is the easiest way, preferably from the command line in Linux, to do this ?
Currently, I only know that the following registry value is doing this, but for each client only, not domain-wide :
... and I don't want to run to each client computer and add this registry value by hand, when some domain-wide rule could do it.
I want to add one domain-wide GPO rule on a Zentyal7 samba/AD server to prevent any updates for Thunderbird on all local Windows clients, since the update usually breaks a lot of perfectly working stuff.
What is the easiest way, preferably from the command line in Linux, to do this ?
Currently, I only know that the following registry value is doing this, but for each client only, not domain-wide :
Code: [Select]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Thunderbird]
"DisableAppUpdate"=dword:00000001
... and I don't want to run to each client computer and add this registry value by hand, when some domain-wide rule could do it.
3
Directory and Authentication / Zentyal 7: Domain users always lose their "Desktop" etc. data; temp profile
« on: September 01, 2021, 02:52:18 pm »
Hello,
I recently installed Zentyal 7 on a local server.
I have the following problem : Domain users can log in on a Windows-Client (usually, Win7 or Win10 Pro), but whatever they create in their profile is never properly saved. For example, one user can create a tiny folder on his desktop, but when he logs out and logs in again, the created folder simply vanishes. Sometimes, users are always logged in with a temporary profile and thus also lose everything they do on their profile, like, for example, Thunderbird settings, stuff on the Desktop, etc.etc.
In one case, a Windows user logs in into the domain, but is automatically immidately logged off again. This even happens to him if the whole Windows-10-pro-client is freshly installed , so it cannot be because of some old registry settings, .bak registry settings, etc. etc.
Do you have any kind advice of how to deal with this and how to fix these bugs?
I recently installed Zentyal 7 on a local server.
I have the following problem : Domain users can log in on a Windows-Client (usually, Win7 or Win10 Pro), but whatever they create in their profile is never properly saved. For example, one user can create a tiny folder on his desktop, but when he logs out and logs in again, the created folder simply vanishes. Sometimes, users are always logged in with a temporary profile and thus also lose everything they do on their profile, like, for example, Thunderbird settings, stuff on the Desktop, etc.etc.
In one case, a Windows user logs in into the domain, but is automatically immidately logged off again. This even happens to him if the whole Windows-10-pro-client is freshly installed , so it cannot be because of some old registry settings, .bak registry settings, etc. etc.
Do you have any kind advice of how to deal with this and how to fix these bugs?
4
Email and Groupware / Re: Zentyal 6.1 fetchmail didn't retrieve messages from mail hosting provider
« on: February 18, 2020, 04:06:50 pm »
Same problem here.
5
Directory and Authentication / Re: Users with UID 1*** no longer visible in Zentyal 6.1
« on: February 18, 2020, 04:04:33 pm »
I have the same question but I don't have installed "wbinfo" in old Zentyal 4.1
"apt-cache search wbinfo" does not find anything.
Where to find wbinfo, now ?
"apt-cache search wbinfo" does not find anything.
Where to find wbinfo, now ?
6
Directory and Authentication / only SOME users should SSH to the Zentyal server
« on: February 18, 2020, 03:56:13 pm »
Hello,
In Zentyal I have an option to give ALL samba users the option to SSH to the server and get a shell login.
But I don't want to give all users this option, but only some users, and restrict other users.
How do I do this ?
In Zentyal I have an option to give ALL samba users the option to SSH to the server and get a shell login.
But I don't want to give all users this option, but only some users, and restrict other users.
How do I do this ?
7
Directory and Authentication / Re: clone old zentyal 4.1 users incl. password to new zentyal 6?
« on: October 01, 2019, 02:26:53 am »
Oh. My. God.
I think adding all users again, including all their groups and all their "fetch external email" is easier..... :-(
I think adding all users again, including all their groups and all their "fetch external email" is easier..... :-(
8
Directory and Authentication / clone old zentyal 4.1 users incl. password to new zentyal 6?
« on: September 22, 2019, 06:21:55 pm »
Hello,
I have the need to freshly install a new Zentyal 6 on some machine and then to add all the existing users from an existing old Zentyal 4.1 installation, which exists on the old machine.
Somehow I would not want to manually add all users again.
Is there a script or something like that, which will add all users, including all their previous passwords and groups, to a new Zentyal 6 installation from an existing Zentyal 4.1 installation ?
I have the need to freshly install a new Zentyal 6 on some machine and then to add all the existing users from an existing old Zentyal 4.1 installation, which exists on the old machine.
Somehow I would not want to manually add all users again.
Is there a script or something like that, which will add all users, including all their previous passwords and groups, to a new Zentyal 6 installation from an existing Zentyal 4.1 installation ?
9
Directory and Authentication / need more samba interfaces, my own smb.conf is lost after reboot, what to do?
« on: June 03, 2019, 12:24:50 am »
Hello,
I need more interfaces for my samba configuration file "smb.conf", like so:
However, when I edit this in /etc/samba/smb.conf, my changes are lost when the next reboot happens.
What to do to make my changes more permanent ?
I need more interfaces for my samba configuration file "smb.conf", like so:
Code: [Select]
interfaces=lo,eth0,tun0
bind_interfaces_only=NO
However, when I edit this in /etc/samba/smb.conf, my changes are lost when the next reboot happens.
What to do to make my changes more permanent ?
10
Directory and Authentication / Re: Possible little firewall problem over shares in VPN \\10.9.0.1\shares
« on: January 31, 2019, 06:46:32 pm »
I just found it myself.
In /etc/samba/smb.conf you need the option :
bind interfaces only=no !!!!
Then it works.
So you first do "service samba-ad-dc stop" , edit the file, start the service again, and presto it worked..........
In /etc/samba/smb.conf you need the option :
bind interfaces only=no !!!!
Then it works.
So you first do "service samba-ad-dc stop" , edit the file, start the service again, and presto it worked..........
11
Directory and Authentication / Re: Possible little firewall problem over shares in VPN \\10.9.0.1\shares
« on: January 31, 2019, 12:41:47 pm »
I can 100% confirm the same bug on Zentyal-6, latest development version : The firewall does not forward some ports to the VPN-IP (10.9.0.1 for example).
NMAP shows different results for "localhost" and for "VPN-IP".
These ports are filtered when using the VPN-IP:
88, 135, 139, 389, 445, 464, 636, 953.... WHY
? 
I want to get \\vpn-server\shares to work for any windows client having any VPN-IP !!
Edit: Addendum: Even when I totally switched off the firewall, the strange behaviour remained that some ports are not open when nmap'-checking the VPN-IP (10.9.0.101) of the Zentyal server. An Nmap-check of the local eth0-ip adress of the Zentyal server (192.168.0.100) reveals that all necessary ports are open...............
I have read all sort of VPN- and samba docs/forums/hints but I am still not getting this issue fixed. Any help greatly appreciated.
NMAP shows different results for "localhost" and for "VPN-IP".
These ports are filtered when using the VPN-IP:
88, 135, 139, 389, 445, 464, 636, 953.... WHY
? I want to get \\vpn-server\shares to work for any windows client having any VPN-IP !!
Edit: Addendum: Even when I totally switched off the firewall, the strange behaviour remained that some ports are not open when nmap'-checking the VPN-IP (10.9.0.101) of the Zentyal server. An Nmap-check of the local eth0-ip adress of the Zentyal server (192.168.0.100) reveals that all necessary ports are open...............
I have read all sort of VPN- and samba docs/forums/hints but I am still not getting this issue fixed. Any help greatly appreciated.
12
Directory and Authentication / Possible little firewall problem over shares in VPN \\10.9.0.1\shares
« on: January 28, 2019, 03:34:46 pm »
Hello,
I installed a Zentyal 4.1 long time ago and it still works and no I _don't_ want to upgrade under any circumstances; however I have to fix a tiny problem.
When being in the internal 192.168.x.x network I can reach the Zentyal shares fine using \\server01\shares on Windows-7 clients.
HOWEVER, the same machine has a 10.8.0.100 VPN-ip-adress, and trying to reach that from a VPN-connected Windows-Client won't work.
I assume it is the firewall, because:
Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-28 15:25 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000040s latency).
Other addresses for localhost (not scanned): 127.0.0.1
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 975 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
143/tcp open imap
389/tcp open ldap
443/tcp open https
445/tcp open microsoft-ds
464/tcp open kpasswd5
465/tcp open smtps
587/tcp open submission
636/tcp open ldapssl
993/tcp open imaps
995/tcp open pop3s
1024/tcp open kdm
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3306/tcp open mysql
5000/tcp open upnp
8443/tcp open https-alt
20000/tcp open dnp
Nmap done: 1 IP address (1 host up) scanned in 1.68 seconds
root@srv01:~# nmap 10.9.0.101
Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-28 15:26 CET
Nmap scan report for 10.9.0.101
Host is up (0.000023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
8443/tcp open https-alt
20000/tcp open dnp
Nmap done: 1 IP address (1 host up) scanned in 2.48 seconds
So you can see that the firewall won't allow (?) port 135 and port 139 on the VPN-IP.
How can I fix that? Any advice appreciated.
I installed a Zentyal 4.1 long time ago and it still works and no I _don't_ want to upgrade under any circumstances; however I have to fix a tiny problem.
When being in the internal 192.168.x.x network I can reach the Zentyal shares fine using \\server01\shares on Windows-7 clients.
HOWEVER, the same machine has a 10.8.0.100 VPN-ip-adress, and trying to reach that from a VPN-connected Windows-Client won't work.
I assume it is the firewall, because:
Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-28 15:25 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000040s latency).
Other addresses for localhost (not scanned): 127.0.0.1
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 975 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
143/tcp open imap
389/tcp open ldap
443/tcp open https
445/tcp open microsoft-ds
464/tcp open kpasswd5
465/tcp open smtps
587/tcp open submission
636/tcp open ldapssl
993/tcp open imaps
995/tcp open pop3s
1024/tcp open kdm
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3306/tcp open mysql
5000/tcp open upnp
8443/tcp open https-alt
20000/tcp open dnp
Nmap done: 1 IP address (1 host up) scanned in 1.68 seconds
root@srv01:~# nmap 10.9.0.101
Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-28 15:26 CET
Nmap scan report for 10.9.0.101
Host is up (0.000023s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
8443/tcp open https-alt
20000/tcp open dnp
Nmap done: 1 IP address (1 host up) scanned in 2.48 seconds
So you can see that the firewall won't allow (?) port 135 and port 139 on the VPN-IP.
How can I fix that? Any advice appreciated.
13
Email and Groupware / Zentyal 6: Does it have a "fetch external mail" option?
« on: November 10, 2018, 06:40:35 pm »
Hello,
I just want to know if Zentyal 6 has the option "fetch external mail" for each user. Is this still there?
If you can answer me, you save my time of making a test-installation.
I just want to know if Zentyal 6 has the option "fetch external mail" for each user. Is this still there?
If you can answer me, you save my time of making a test-installation.
14
Email and Groupware / Re: External Mail
« on: November 17, 2017, 10:06:16 am »
We have the same situation: Every user is "username@company.com" but the local Zentyal user is "username@company.lan".
Every user account fetches external mail from "username@company.com".
We use the following Thunderbird mail client settings to work properly:
For fetching mail: Mail is fetched from zentyal-server.company.lan with user "username@company.lan" and local lan password for user.
For sending mail: Mail is SENT by mail.company.COM (dot com!!) with user "username@company.COM" (dot com!! not lan!) and remote password (different password!!!)
I hope that helps. It works for us, for years now.
Every user account fetches external mail from "username@company.com".
We use the following Thunderbird mail client settings to work properly:
For fetching mail: Mail is fetched from zentyal-server.company.lan with user "username@company.lan" and local lan password for user.
For sending mail: Mail is SENT by mail.company.COM (dot com!!) with user "username@company.COM" (dot com!! not lan!) and remote password (different password!!!)
I hope that helps. It works for us, for years now.
15
Directory and Authentication / Samba working on VPN-ip 10.9.0.x : Is this possible? Current: Error 0x80004005
« on: May 02, 2017, 05:24:11 pm »
Hello,
I am running Zentyal 4.1 and 4.2, 64bit, and I wonder if a little tricky configuration is possible.
So far, I have installed Zentyal. But now the requirement arose that the Zentyal server is reachable via VPN.
So I admit I did a very ugly VPN-hack, I added a boot-script that automatically connects to an outside VPN-server on starting.
Thus, the Zentyal gets a 10.9.0.101 IP (static) and thus is reachable via client-to-client communication for all VPN-users in the 10.9.0.x area.
That is fine for Mail, Webserver, etc.etc. but not-so-fine for Samba: Trying to reach the shares via \\10.9.0.101\shares results in waiting a while, then a network error "0x80004005".
I checked the /etc/samba/smb.conf and I added tun0 to the interfaces:
interfaces = lo,eth0,eth1,tun0
However, it still won't let me connect from a Windows client to the Samba share at \\10.9.0.101\shares
Any help is greatly appreciated.
I am running Zentyal 4.1 and 4.2, 64bit, and I wonder if a little tricky configuration is possible.
So far, I have installed Zentyal. But now the requirement arose that the Zentyal server is reachable via VPN.
So I admit I did a very ugly VPN-hack, I added a boot-script that automatically connects to an outside VPN-server on starting.
Thus, the Zentyal gets a 10.9.0.101 IP (static) and thus is reachable via client-to-client communication for all VPN-users in the 10.9.0.x area.
That is fine for Mail, Webserver, etc.etc. but not-so-fine for Samba: Trying to reach the shares via \\10.9.0.101\shares results in waiting a while, then a network error "0x80004005".
I checked the /etc/samba/smb.conf and I added tun0 to the interfaces:
interfaces = lo,eth0,eth1,tun0
However, it still won't let me connect from a Windows client to the Samba share at \\10.9.0.101\shares
Any help is greatly appreciated.