Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - JLLEWELYN

Pages: 1 [2] 3 4 5
16
Directory and Authentication / [SOLVED] File Sharing does not work
« on: March 28, 2019, 10:34:42 pm »
hello, on my domain controller, create a folder for wallpapers. add security policies so that groups only reading and other groups with higher permissions can read and write.

it does not give me permission to read or write.

/etc/samba/smb.conf
Code: [Select]
administrator@servidor:~$ cat /etc/samba/smb.conf
[global]
    workgroup = savidoca
    realm = SAVIDOCA.COM
    netbios name = servidor
    server string = Zentyal Server
    server role = dc
    server role check:inhibit = yes
    server services = -dns
    server signing = auto
    dsdb:schema update allowed = yes
    ldap server require strong auth = no
    drs:max object sync = 1200

    idmap_ldb:use rfc2307 = yes

    winbind enum users = yes
    winbind enum groups = yes
    template shell = /bin/bash
    template homedir = /home/%U

    rpc server dynamic port range = 49152-65535

    interfaces = lo,eth2
    bind interfaces only = yes

    map to guest = Bad User

    log level = 3
    log file = /var/log/samba/samba.log
    max log size = 100000



    include = /etc/samba/shares.conf




[netlogon]
    path = /var/lib/samba/sysvol/savidoca.com/scripts
    browseable = no
    read only = yes

[sysvol]
    path = /var/lib/samba/sysvol
    read only = no

/etc/samba/shares.conf
Code: [Select]
administrator@servidor:~$ cat /etc/samba/shares.conf
[homes]
    comment = Directorios de usuario
    path = /home/%S
    read only = no
    browseable = no
    create mask = 0611
    directory mask = 0711
    vfs objects = acl_xattr full_audit
    full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename

# Shares

[wallpapers]
    comment = fondos de pantalla
    path = /home/samba/shares/wallpapers
    browseable = yes
    force create mode = 0660
    force directory mode = 0660
    valid users = @"cybers", @"vendedores", @"gerentes", @"tech"
    read list = @"cybers", @"vendedores"
    write list = @"gerentes", @"tech"
    admin users =
    vfs objects = acl_xattr full_audit
    full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename


/home/samba/shares/wallpapers
Code: [Select]
administrator@servidor:~$ ls -la /home/samba/shares
total 16
drwxrwx---+ 3 root          SAVIDOCA\domain users 4096 mar 25 11:15 .
drwxrwx---+ 4 root          SAVIDOCA\domain users 4096 mar  2 12:51 ..
drwxrwx---+ 2 administrator adm                   4096 mar 25 11:15 wallpapers
administrator@servidor:~$ ls -la /home/samba/shares/wallpapers
total 12
drwxrwx---+ 2 administrator adm                   4096 mar 25 11:15 .
drwxrwx---+ 3 root          SAVIDOCA\domain users 4096 mar 25 11:15 ..

Code: [Select]
administrator@servidor:~$ getfacl /home/samba/shares/wallpapers
getfacl: Removing leading '/' from absolute path names
# file: home/samba/shares/wallpapers
# owner: administrator
# group: adm
user::rwx
user:administrator:rwx
group::rwx
group:adm:rwx
group:SAVIDOCA\134domain\040admins:rwx
mask::rwx
other::---
default:user::rwx
default:user:administrator:rwx
default:group::rwx
default:group:adm:rwx
default:group:SAVIDOCA\134domain\040admins:rwx
default:mask::rwx
default:other::---

will it be some permission of the folder?

17
Directory and Authentication / [Help] Domain controller, ports exposed to the Internet?
« on: March 18, 2019, 08:49:17 pm »
Greetings to Zentyal team.
I find the following doubt.
I have Zentyal Server 6.0 with the modules: domain controller, dns, network, dhcp, firewall, IPS, authority certificate, ftp, ntp and registry.

But the domain controller is not a gateway, I use another UTM solution as a firewall for my network.

my domain controller is "* .com" and I wanted to know what port should be exposed to the Internet?

Code: [Select]
tcp        0      0 192.168.1.2:135         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.1.1:135           0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.0.1:135           0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.0.1:139           0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 127.0.1.1:139           0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 192.168.1.2:139         0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 192.168.1.2:464         0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 127.0.1.1:464           0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 127.0.0.1:464           0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 172.16.251.1:53         0.0.0.0:*               LISTEN      2569/named
tcp        0      0 172.16.14.1:53          0.0.0.0:*               LISTEN      2569/named
tcp        0      0 192.168.1.2:53          0.0.0.0:*               LISTEN      2569/named
tcp        0      0 201.210.227.42:53       0.0.0.0:*               LISTEN      2569/named
tcp        0      0 127.0.1.1:53            0.0.0.0:*               LISTEN      2569/named
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      2569/named
tcp        0      0 192.168.1.2:88          0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 127.0.1.1:88            0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 127.0.0.1:88            0.0.0.0:*               LISTEN      3276/samba
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      2569/named
tcp        0      0 192.168.1.2:636         0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.1.1:636           0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.0.1:636           0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.0.1:445           0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 127.0.1.1:445           0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 192.168.1.2:445         0.0.0.0:*               LISTEN      3273/smbd
tcp        0      0 192.168.1.2:49152       0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.1.1:49152         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.0.1:49152         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 192.168.1.2:49153       0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.1.1:49153         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.0.1:49153         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 192.168.1.2:49154       0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.1.1:49154         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 127.0.0.1:49154         0.0.0.0:*               LISTEN      3269/samba
tcp        0      0 192.168.1.2:3268        0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.1.1:3268          0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.0.1:3268          0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 192.168.1.2:3269        0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 192.168.1.2:389         0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.1.1:3269          0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.1.1:389           0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.0.1:3269          0.0.0.0:*               LISTEN      3274/samba
tcp        0      0 127.0.0.1:389           0.0.0.0:*               LISTEN      3274/samba

18
Directory and Authentication / Re: Zentyal dns update or retsart issue
« on: January 31, 2019, 08:44:18 pm »
It is strange, it must be that the hostname is not correctly written. try this command to see what the result is.
Code: [Select]
sudo hostname

19
Spanish / Re: [Ayuda] Necesito Mudar el controlador de Dominio Zentyal 5.0 a otro Zentyal 6.0
« on: January 31, 2019, 08:37:36 pm »
Olvide transferir los SYSVOL, perdí las políticas de grupo.  :o

20
Spanish / Re: [Ayuda] Necesito Mudar el controlador de Dominio Zentyal 5.0 a otro Zentyal 6.0
« on: January 28, 2019, 01:37:42 am »
Bien, ya logre transferir el Controlador de dominio maestro viejo (Servidor Zentyal 5.0), al que estaba de escavo (DC2 Zentyal 6.0) y de nuevo Controlador de Dominio maestro "nuevo" (Servidor Zentyal 6.0), mediante la herramienta RSAT me ayude a convertirlo a maestro.

El problema ahora es como cambio la visualización de esta opción, por que si la cambio a Controlador de Dominio se borran los usuarios, grupos y directivas, a pesar que ya es maestro?



21
Spanish / Re: [Ayuda] Necesito Mudar el controlador de Dominio Zentyal 5.0 a otro Zentyal 6.0
« on: January 27, 2019, 11:28:57 pm »
Bueno hasta el momento lo que e investigado.
Tengo un Controlador de Dominio llamado "SERVIDOR" con Zentyal 5.0.
Un Controlador de Dominio adicional al que lo voy a cambiar a principal llamado "DC2" con Zentyal 6.0

Básicamente tengo que transferir los Roles y los Papeles al DC2.

Luego desde el mismo Controlador de Dominio adicional ejecutar el comando para ver quien tiene los roles.
Code: [Select]
sudo samba-tool fsmo show

Debe aparece 7 Roles, algo como esto:
Code: [Select]
SchemaMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
InfrastructureMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
RidAllocationMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
PdcEmulationMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
DomainNamingMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
DomainDnsZonesMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
ForestDnsZonesMasterRole owner: CN=NTDS Settings,CN=SERVIDOR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com

Para Transferir los Roles debemos ejecutar el siguiente comando:
Code: [Select]
sudo samba-tool fsmo transfer --role=all -U administrator

Verificamos que todos los roles se transfirieron correctamente:
Code: [Select]
sudo samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
InfrastructureMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
RidAllocationMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
PdcEmulationMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
DomainNamingMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
DomainDnsZonesMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com
ForestDnsZonesMasterRole owner: CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=savidoca,DC=com


Para Transferir los Papeles debemos ejecutar el siguiente comando:
Code: [Select]
sudo samba-tool fsmo seize --role=all -U administrator

Code: [Select]
Attempting transfer...
This DC already has the 'rid' FSMO role
Transfer successful, not seizing role
Attempting transfer...
This DC already has the 'pdc' FSMO role
Transfer successful, not seizing role
Attempting transfer...
This DC already has the 'naming' FSMO role
Transfer successful, not seizing role
Attempting transfer...
This DC already has the 'infrastructure' FSMO role
Transfer successful, not seizing role
Attempting transfer...
This DC already has the 'schema' FSMO role
Transfer successful, not seizing role
Attempting transfer...
This DC already has the 'domaindns' FSMO role
Transfer successful, not seizing role

Attempting transfer...
This DC already has the 'forestdns' FSMO role
Transfer successful, not seizing role



Ahora debemos demoler en antiguo controlador de dominio.
entramos desde la consola del antiguo controlador de dominio y escribimos el comando:
Code: [Select]
sudo samba-tool domain demote -U administrator

22
Directory and Authentication / Re: Zentyal dns update or retsart issue
« on: January 27, 2019, 10:33:49 pm »
Enter this command via console or via SSH:
Code: [Select]
sudo samba-tool group addmembers DnsAdmins dns-${hostname}

where ${hostname} you replace them with your current hostname. example: DC1

"dns-DC1"

23
Spanish / [Ayuda] Necesito Mudar el controlador de Dominio Zentyal 5.0 a otro Zentyal 6.0
« on: January 27, 2019, 09:29:18 pm »
Hola Buenas Tardes.
Necesito Mudar el Controlador de Dominio Directorio Activo de Zentyal 5.0 a otro Servidor Zentyal 6.0.

Alguien sabe como es el procedimiento?

24
Directory and Authentication / Re: Problems installing any graphical interface after installing AD-DC module.
« on: January 26, 2019, 10:04:22 pm »
Apparently nobody understands me, when I install gnome-desktop on ubuntu server, previously installed the zentyal package without the zentyal-samba module.
you can start session without problems in graphic environment.

After installing the zentyal-samba module, it is no longer possible to log in to the graphical environment.

all because the zentyal-samba module modifies the PAM Authentication files.

/etc/pam.d/common-account
When ubuntu-desktop is installed:
Code: [Select]
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
After installing zentyal-samba:
Code: [Select]
account [success=1 new_authtok_reqd=done default=ignore]    pam_unix.so
account requisite           pam_deny.so
account required            pam_permit.so
account sufficient          pam_localuser.so
Installing zentyal server from the ISO with graphic interface (zenbuntu-desktop):
Code: [Select]
account [success=1 new_authtok_reqd=done default=ignore]    pam_unix.so
account requisite           pam_deny.so
account required            pam_permit.so
account sufficient          pam_localuser.so

/etc/pam.d/common-auth
When ubuntu-desktop is installed:
Code: [Select]
auth [success=1 default=ignore] pam_unix.so nullok_secure
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_cap.so
After installing zentyal-samba:
Code: [Select]
auth    [success=1 default=ignore]  pam_unix.so nullok_secure
auth    requisite           pam_deny.so
auth    required            pam_permit.so
auth    optional            pam_cap.so
Installing zentyal server from the ISO with graphic interface (zenbuntu-desktop):
Code: [Select]
auth    [success=1 default=ignore]  pam_unix.so nullok_secure
auth    requisite           pam_deny.so
auth    required            pam_permit.so
auth    optional            pam_cap.so

/etc/pam.d/common-password
When ubuntu-desktop is installed:
Code: [Select]
password [success=1 default=ignore] pam_unix.so obscure sha512
password requisite pam_deny.so
password required pam_permit.so
password optional pam_gnome_keyring.so
After installing zentyal-samba:
Code: [Select]
password requisite                   pam_pwquality.so retry=3
password [success=2 default=ignore]  pam_unix.so obscure use_authtok try_first_pass sha512
password requisite                   pam_deny.so
password required                    pam_permit.so
Installing zentyal server from the ISO with graphic interface (zenbuntu-desktop):
Code: [Select]
password requisite                   pam_pwquality.so retry=3
password [success=2 default=ignore]  pam_unix.so obscure use_authtok try_first_pass sha512
password requisite                   pam_deny.so
password required                    pam_permit.so

/etc/pam.d/common-session
When ubuntu-desktop is installed:
Code: [Select]
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_systemd.so
After installing zentyal-samba:
Code: [Select]
session [default=1] pam_permit.so
session requisite   pam_deny.so
session required    pam_permit.so
session optional    pam_umask.so
session required    pam_unix.so
session required    pam_mkhomedir.so skel=/etc/skel/ umask=0077
Installing zentyal server from the ISO with graphic interface (zenbuntu-desktop):
Code: [Select]
session [default=1] pam_permit.so
session requisite   pam_deny.so
session required    pam_permit.so
session optional    pam_umask.so
session required    pam_unix.so
session required    pam_mkhomedir.so skel=/etc/skel/ umask=0077

/etc/pam.d/common-session-noninteractive
When ubuntu-desktop is installed:
Code: [Select]
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
After installing zentyal-samba:
Code: [Select]
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_winbind.so
Installing zentyal server from the ISO with graphic interface (zenbuntu-desktop):
Code: [Select]
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_winbind.so

the part that I do not understand because when I install zentyal server by packages, the graphic environment "zenbuntu-desktop" or "ubuntu-desktop" on ubuntu server does not allow login either.

But installing zentyal server from the iso with graphical interface, has no problems.

I want to try to manually correct this problem, modifying the template that is this file:
/usr/share/zentyal/stubs/samba/acc-zentyal.mas
but I have no idea how to do it.

25
Directory and Authentication / Problems installing any graphical interface after installing AD-DC module.
« on: January 21, 2019, 06:23:50 am »
Hello to the zentyal team and its users.
I have several months trying to find the solution to this problem, when installing the graphical interface of zenbuntu-desktop or the same one of ubuntu-desktop. When the screen is locked in a login cycle when I try to enter my desktop. When I log in, the screen turns black and soon after the login screen reappears.

I took the job of doing several tests until I found the problem, modified the following files.
After installing the module: Active Directory Domain Controller.
He modifies the files:
/etc/pam.d/common-account
/etc/pam.d/common-auth
/etc/pam.d/common-password
/etc/pam.d/common-session
/etc/pam.d/common-session-noninteractive


Code: [Select]
administrator@servidor:~$ diff /etc/pam.d/common-account.backup /etc/pam.d/common-account
16,19c16,20
< # here are the per-package modules (the "Primary" block)
< account       [success=1 new_authtok_reqd=done default=ignore]        pam_unix.so
< # here's the fallback if no module succeeds
< account       requisite                       pam_deny.so
---
> # pre_auth-client-config # # here are the per-package modules (the "Primary" block)
> # pre_auth-client-config # account    [success=2 new_authtok_reqd=done default=ignore]        pam_unix.so
> # pre_auth-client-config # account    [success=1 new_authtok_reqd=done default=ignore]        pam_winbind.so
> # pre_auth-client-config # # here's the fallback if no module succeeds
> # pre_auth-client-config # account    requisite                       pam_deny.so
23,25c24,30
< account       required                        pam_permit.so
< # and here are more per-package modules (the "Additional" block)
< # end of pam-auth-update config
---
> # pre_auth-client-config # account    required                        pam_permit.so
> # pre_auth-client-config # # and here are more per-package modules (the "Additional" block)
> # pre_auth-client-config # # end of pam-auth-update config
> account [success=1 new_authtok_reqd=done default=ignore]    pam_unix.so
> account requisite           pam_deny.so
> account required            pam_permit.so
> account sufficient          pam_localuser.so

Code: [Select]
administrator@servidor:~$ diff /etc/pam.d/common-auth.backup /etc/pam.d/common-auth
16,19c16,20
< # here are the per-package modules (the "Primary" block)
< auth  [success=1 default=ignore]      pam_unix.so nullok_secure
< # here's the fallback if no module succeeds
< auth  requisite                       pam_deny.so
---
> # pre_auth-client-config # # here are the per-package modules (the "Primary" block)
> # pre_auth-client-config # auth       [success=2 default=ignore]      pam_unix.so nullok_secure
> # pre_auth-client-config # auth       [success=1 default=ignore]      pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
> # pre_auth-client-config # # here's the fallback if no module succeeds
> # pre_auth-client-config # auth       requisite                       pam_deny.so
23,26c24,31
< auth  required                        pam_permit.so
< # and here are more per-package modules (the "Additional" block)
< auth  optional                        pam_cap.so
< # end of pam-auth-update config
---
> # pre_auth-client-config # auth       required                        pam_permit.so
> # pre_auth-client-config # # and here are more per-package modules (the "Additional" block)
> # pre_auth-client-config # auth       optional                        pam_cap.so
> # pre_auth-client-config # # end of pam-auth-update config
> auth    [success=1 default=ignore]  pam_unix.so nullok_secure
> auth    requisite           pam_deny.so
> auth    required            pam_permit.so
> auth    optional            pam_cap.so

Code: [Select]
administrator@servidor:~$ diff /etc/pam.d/common-password.backup /etc/pam.d/common-password
24,27c24,29
< # here are the per-package modules (the "Primary" block)
< password      [success=1 default=ignore]      pam_unix.so obscure sha512
< # here's the fallback if no module succeeds
< password      requisite                       pam_deny.so
---
> # pre_auth-client-config # # here are the per-package modules (the "Primary" block)
> # pre_auth-client-config # password   requisite                       pam_pwquality.so retry=3
> # pre_auth-client-config # password   [success=2 default=ignore]      pam_unix.so obscure use_authtok try_first_pass sha512
> # pre_auth-client-config # password   [success=1 default=ignore]      pam_winbind.so use_authtok try_first_pass
> # pre_auth-client-config # # here's the fallback if no module succeeds
> # pre_auth-client-config # password   requisite                       pam_deny.so
31,34c33,40
< password      required                        pam_permit.so
< # and here are more per-package modules (the "Additional" block)
< password      optional        pam_gnome_keyring.so
< # end of pam-auth-update config
---
> # pre_auth-client-config # password   required                        pam_permit.so
> # pre_auth-client-config # # and here are more per-package modules (the "Additional" block)
> # pre_auth-client-config # password   optional        pam_gnome_keyring.so
> # pre_auth-client-config # # end of pam-auth-update config
> password requisite                   pam_pwquality.so retry=3
> password [success=2 default=ignore]  pam_unix.so obscure use_authtok try_first_pass sha512
> password requisite                   pam_deny.so
> password required                    pam_permit.so

Code: [Select]
administrator@servidor:~$ diff /etc/pam.d/common-session.backup /etc/pam.d/common-session
15,18c15,18
< # here are the per-package modules (the "Primary" block)
< session       [default=1]                     pam_permit.so
< # here's the fallback if no module succeeds
< session       requisite                       pam_deny.so
---
> # pre_auth-client-config # # here are the per-package modules (the "Primary" block)
> # pre_auth-client-config # session    [default=1]                     pam_permit.so
> # pre_auth-client-config # # here's the fallback if no module succeeds
> # pre_auth-client-config # session    requisite                       pam_deny.so
22c22
< session       required                        pam_permit.so
---
> # pre_auth-client-config # session    required                        pam_permit.so
27,31c27,38
< session optional                      pam_umask.so
< # and here are more per-package modules (the "Additional" block)
< session       required        pam_unix.so
< session       optional        pam_systemd.so
< # end of pam-auth-update config
---
> # pre_auth-client-config # session optional                   pam_umask.so
> # pre_auth-client-config # # and here are more per-package modules (the "Additional" block)
> # pre_auth-client-config # session    required        pam_unix.so
> # pre_auth-client-config # session    optional                        pam_winbind.so
> # pre_auth-client-config # session    optional        pam_systemd.so
> # pre_auth-client-config # # end of pam-auth-update config
> session [default=1] pam_permit.so
> session requisite   pam_deny.so
> session required    pam_permit.so
> session optional    pam_umask.so
> session required    pam_unix.so
> session required    pam_mkhomedir.so skel=/etc/skel/ umask=0077

Code: [Select]
administrator@servidor:~$ diff /etc/pam.d/common-session-noninteractive.backup /etc/pam.d/common-session-noninteractive
29a30
> session       optional                        pam_winbind.so

26
Spanish / Re: Migrar de un servidor Zentyal a otro sin perder Datos
« on: December 22, 2018, 06:06:48 pm »
Hola yo quiero hacer lo mismo, pero en mi caso hice la instalación de Zentyal Server 6.0 en limpio, pero al instalar la interfaz gráfica del escritorio, no funciona, el login no carga correctamente y no se puede iniciar sesión.

27
Spanish / Re: [AYUDA] HTTP Redirect
« on: December 22, 2018, 06:02:54 pm »
El problema es que cuando reinicias Zentyal, se borrar la configuración manual.

Yo solucione el problema con otro equipo y un firewall UTM comercial.

muchas gracias.

28
Spanish / Re: [Desarrollo] Bash Script Samba-AD-DC Bind9_DLZ Backend
« on: September 22, 2018, 10:36:46 pm »
woao, mas de 200 a visto mi tema y nadie opina nada...  :'(

29
Spanish / [Solucion] Apagones, error initramfs
« on: September 08, 2018, 11:31:16 pm »
Hola, esto me paso ayer, con los constantes apagones. ya que la batería del ups de mi servidor se venció.
Pues al arrancar el sistema operativo de ubuntu bajo zentyal, quedo en el error (initramfs)

Para repararlo se hace el siguiente comando:
sfck /dev/mapper/<hostname>--<LVMgroup-root> -y

como mi disco esta particionado LVM
Mi hostname es: SERVIDOR
Mi grupo LVM es vg_servidor
Mi volumen LVM es donde esta el sistema operativo: root

Code: [Select]
sfck /dev/mapper/SERVIDOR--vg_servidor-root -y
reboot

Espero que sea de ayuda para los que están comenzando.

30
Spanish / Re: Sobre GPO plantillas
« on: September 08, 2018, 11:22:15 pm »
hola, es mas o menos tedioso.

Primero tienes que tomar un equipo con Windows 10 v1803 Abril 2018 o el de Agosto que esta por salir, este equipo te va a servir para agregar las políticas que quieres implementar en la empresa, lo conectas al dominio creado, e inicias sesión con la cuenta del dominio "administrator".
Una ves abierta la sesión, debes agregar el idioma Ingles, reiniciar el equipo, ya que la herramienta RSAT de Windows Server 2016 solo funciona en Ingles.
Descarga e Instala RSAT de Windows Server 2016 y se van aplicar varias actualizaciones y reiniciar el equipo.
Luego agregas las plantillas en el mismo equipo asi sea de office, adobe, google, etc.. y se van a sincronizar en zentyal en el directorio de políticas.

Pages: 1 [2] 3 4 5