Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: rootkit infected
« on: January 18, 2012, 12:20:29 pm »
How can I fix all logs files? Because a lot of services are not working without their files logs
Other problem, I can not change users passwords or create new users
root@zentyal2:/etc# useradd user1
useradd: cannot open /etc/passwd
root@zentyal23:/etc# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
Other problem, I can not change users passwords or create new users
root@zentyal2:/etc# useradd user1
useradd: cannot open /etc/passwd
root@zentyal23:/etc# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
2
Installation and Upgrades / rootkit infected
« on: January 18, 2012, 12:14:46 pm »
I think I have been infected with a rootkit. I lost all zentyal logs and other directories of logs.
I have checked with chkrootkit but it has not found anything.
Any other idea?
I have checked with chkrootkit but it has not found anything.
Any other idea?
3
Installation and Upgrades / Re: Firewall module error starting [Close]
« on: January 04, 2012, 11:46:10 am »
I have commented this rule in the firewall module in this file: /usr/share/perl5/EBox/Iptables.pm
Zentyal is working fine now
Zentyal is working fine now
4
Installation and Upgrades / Firewall module error starting
« on: January 03, 2012, 05:45:37 pm »
I have a problem with this comand launching firewall module, is it possible to delete it from launching?
I get this in a openvz (proxmox) container of zentyal 2.2.4: Linux zentyal2 2.6.32-4-pve #1 SMP Mon May 9 12:59:57 CEST 2011 x86_64 GNU/Linux
Code: [Select]
sysctl -q -w net.ipv4.tcp_syncookies="1"I get this in a openvz (proxmox) container of zentyal 2.2.4: Linux zentyal2 2.6.32-4-pve #1 SMP Mon May 9 12:59:57 CEST 2011 x86_64 GNU/Linux
Code: [Select]
# sudo /sbin/sysctl -q -w net.ipv4.tcp_syncookies="1"
error: permission denied on key 'net.ipv4.tcp_syncookies'
5
Installation and Upgrades / IP Route configuration problem
« on: November 09, 2011, 09:50:20 am »
I have a Zentyal-A with VPN server (192.168.130.1) and exposed network (192.168.1.x), in other place I have a zentyal-B VPN client with local IP: 192.168.1.100.
My problem is that when I enable VPN in client I cant access to the Zetyal-B, the route table is:
I have to delete the second route to work with my zentyal-b but I lost the access to LAN network exposed by VPN.
Any idea?
My problem is that when I enable VPN in client I cant access to the Zetyal-B, the route table is:
Code: [Select]
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.130.0 * 255.255.255.0 U 0 0 0 tap0
192.168.1.0 192.168.130.0 255.255.255.0 U 0 0 0 tap0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth2
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth2
I have to delete the second route to work with my zentyal-b but I lost the access to LAN network exposed by VPN.
Any idea?
6
Installation and Upgrades / Re: Clean list of pending sync
« on: October 25, 2011, 07:39:18 pm »
Ok, I found it... It was the usercorner pending sync. I have removed /var/lib/ebox-usercorner/userjournal/*
Thanks
Thanks
7
Installation and Upgrades / Re: Clean list of pending sync
« on: October 25, 2011, 07:01:40 pm »
it is very strange because in that directory there are only one slave directory and I have 4 differents slaves with pending sync
8
Installation and Upgrades / basic subscription for multiple servers
« on: October 23, 2011, 06:45:34 pm »
Is possible to use basic subscription to management multiple servers??
9
Installation and Upgrades / Clean list of pending sync
« on: October 23, 2011, 06:28:44 pm »
How can I clean list of pending sync in master?
10
Installation and Upgrades / Re: Error slave + PDC + samba
« on: October 17, 2011, 10:21:39 am »
Any help please??
11
Installation and Upgrades / Re: Error slave + PDC + samba
« on: October 06, 2011, 12:42:26 pm »
Se aprecia al rescatar la información de un mismo usuario en dos esclavos PDC como falta información del usuario en Samba, debe de haber un error con el módulo de samaba al sincronizar con el maestro LDAP. El otro resultado es de un esclavo que no he actualizado a las ultimas versiones de los módulos de usuarios y samba en la 2.0; para evitar el problema...
Resultado en esclavo PDC 2.2
Resultado en esclavo PDC 2.0, el único que sigue funcionando porque no he actualizado las versiones de Usuarios y Grupos, y Samba.
Resultado en esclavo PDC 2.2
Code: [Select]
user01@slave01:~$ ldapsearch -x -b dc=sevilla02 uid=dominios
# extended LDIF
#
# LDAPv3
# base <dc=sevilla02> with scope subtree
# filter: uid=dominios
# requesting: ALL
#
# dominios, Users, sevilla02
dn: uid=dominios,ou=Users,dc=sevilla02
cn: dominios AdminPDC
uid: dominios
sn: AdminPDC
loginShell: /bin/bash
uidNumber: 2113
gidNumber: 1901
homeDirectory: /home/dominios
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: sambaSamAccount
givenName: dominios
description: PDC ADmin
sambaHomePath: \\slave01\homes\dominios
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5226
sambaPrimaryGroupSID: S-1-5-21-3818554400-921237426-3143208535-513
sambaPwdMustChange: 2147483647
sambaPwdLastSet: 1317208712
sambaKickoffTime: 2147483647
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
sambaAcctFlags: [U]
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaPwdCanChange: 0
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1Resultado en esclavo PDC 2.0, el único que sigue funcionando porque no he actualizado las versiones de Usuarios y Grupos, y Samba.
Code: [Select]
seadmin01@slave00:~$ ldapsearch -x -b dc=sevilla02 -D uid=dominios,ou=Users,dc=sevilla02
ldap_bind: Server is unwilling to perform (53)
additional info: unauthenticated bind (DN with no password) disallowed
seadmin01@sevilla01:~$ ldapsearch -x -b dc=sevilla02 -D uid=dominios
ldap_bind: Server is unwilling to perform (53)
additional info: unauthenticated bind (DN with no password) disallowed
seadmin01@sevilla01:~$ ldapsearch -x -b dc=sevilla02 uid=dominios
# extended LDIF
#
# LDAPv3
# base <dc=sevilla02> with scope subtree
# filter: uid=dominios
# requesting: ALL
#
# dominios, Users, sevilla02
dn: uid=dominios,ou=Users,dc=sevilla02
cn: dominios AdminPDC
uid: dominios
sn: AdminPDC
loginShell: /bin/bash
uidNumber: 2113
gidNumber: 1901
homeDirectory: /home/dominios
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: sambaSamAccount
givenName: dominios
description: PDC ADmin
eboxSha1Password: {SHA}0DPiKuNIrrVmD8IUCuw1hQxNqZc=
eboxMd5Password: {MD5}ISMvKXpXpadDiUoOSoAfww==
eboxLmPassword: F0D412BD764FFE81AAD3B435B51404EE
eboxNtPassword: 209C6174DA490CAEB422F3FA5A7AE634
eboxDigestPassword: {MD5}bU/luoj+4ghurgYJmHl8QA==
eboxRealmPassword: {MD5}6d4fe5ba88fee2086eae060998797c40
sambaHomePath: \\slave00\homes\dominios
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5226
sambaPrimaryGroupSID: S-1-5-21-3818554400-921237426-3143208535-513
sambaPwdMustChange: 2147483647
sambaPwdLastSet: 1290514262
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
sambaKickoffTime: 2147483647
sambaAcctFlags: [U]
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaPwdCanChange: 0
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
12
Installation and Upgrades / Re: Error slave + PDC + samba
« on: October 04, 2011, 10:09:09 am »
¿cómo se puede mirar eso?
13
Installation and Upgrades / Re: Error slave + PDC + samba
« on: October 03, 2011, 05:51:29 pm »
Efectivamente, si consulto un usuario en el esclavo me dice que no está.
Alguna forma de forzar está sincronización entre LDAP y Samba? qué puede estar fallando?
Code: [Select]
sudo pdbedit -u dominios
user01@slave01:/etc$ sudo pdbedit -u dominios
[sudo] password for user01:
smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=DOMINIO))]
smbldap_open_connection: connection opened
ldap_connect_system: successful connection to the LDAP server
Username not found!Alguna forma de forzar está sincronización entre LDAP y Samba? qué puede estar fallando?
14
Installation and Upgrades / Re: Error slave + PDC + samba
« on: September 30, 2011, 10:59:57 am »
Yes, I get the user:
And if I try to login in samba:
I need help because I have this problem with all my slaves servers since I got the las updates in master over version 2.0.x
Code: [Select]
getent passwd | grep dominios
Code: [Select]
dominios:*:2113:1901:dominios AdminPDC:/home/dominios:/bin/bashAnd if I try to login in samba:
Code: [Select]
smbclient -U dominios -L //localhost
Code: [Select]
[2011/09/30 10:48:09, 3] smbd/uid.c:428(push_conn_ctx)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2011/09/30 10:48:09, 3] smbd/sec_ctx.c:310(set_sec_ctx)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2011/09/30 10:48:09, 2] lib/smbldap.c:890(smbldap_open_connection)
smbldap_open_connection: connection opened
[2011/09/30 10:48:09, 3] lib/smbldap.c:1101(smbldap_connect_system)
ldap_connect_system: successful connection to the LDAP server
[2011/09/30 10:48:09, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2011/09/30 10:48:09, 3] auth/auth_sam.c:282(check_sam_security)
check_sam_security: Couldn't find user 'dominios' in passdb.
[2011/09/30 10:48:09, 3] auth/auth_winbind.c:54(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [DOMAIN] was for this SAM.
[2011/09/30 10:48:09, 2] auth/auth.c:320(check_ntlm_password)
check_ntlm_password: Authentication for user [dominios] -> [dominios] FAILED with error NT_STATUS_NO_SUCH_USER
[2011/09/30 10:48:09, 3] smbd/sesssetup.c:42(do_map_to_guest)
No such user dominios [DOMAIN] - using guest accountI need help because I have this problem with all my slaves servers since I got the las updates in master over version 2.0.x
15
Installation and Upgrades / Slave, PDC + File Sharing
« on: September 28, 2011, 02:59:05 pm »
I have opened a ticket with this problem, but it has been closed because it is a adminsitration problem: http://trac.zentyal.org/ticket/3280#comment:1
I have tested with a fresh install of 2.2 slave server and 2.0 master. Also I have tested it in 2.0 slave with the same result.
The problem is that I can not login in windows client to join domain or access to files sharing.
Other thing, I have to insert in smb.conf this line to map correctly users and domain: map untrusted to domain = Yes if I dont put this line i get:
If I try to access to a file sharing with permissions I get:
And if I try to join the client to the domain, I also get this error.
I have tested with a fresh install of 2.2 slave server and 2.0 master. Also I have tested it in 2.0 slave with the same result.
The problem is that I can not login in windows client to join domain or access to files sharing.
Other thing, I have to insert in smb.conf this line to map correctly users and domain: map untrusted to domain = Yes if I dont put this line i get:
Code: [Select]
==> casa <==
[2011/09/27 10:02:42, 3] auth/auth.c:222(check_ntlm_password)
check_ntlm_password: Checking password for unmapped user []\[]@[CASA] with the new password interface
[2011/09/27 10:02:42, 3] auth/auth.c:225(check_ntlm_password)
check_ntlm_password: mapped user is: [GRANADA1]\[]@[CASA]
[2011/09/27 10:02:42, 2] lib/smbldap.c:890(smbldap_open_connection)
smbldap_open_connection: connection opened
...If I try to access to a file sharing with permissions I get:
Code: [Select]
[2011/09/27 16:56:31, 3] libsmb/ntlm_check.c:350(ntlm_password_check)
ntlm_password_check: NT MD4 password check failed for user dominiosAnd if I try to join the client to the domain, I also get this error.
Code: [Select]
....
[2011/09/27 16:56:31, 3] libsmb/ntlm_check.c:350(ntlm_password_check)
ntlm_password_check: NT MD4 password check failed for user dominios
....
[2011/09/27 16:56:31, 3] auth/auth_winbind.c:54(check_winbind_security)
check_winbind_security: Not using winbind, requested domain [GRANADA1] was for this SAM.
[2011/09/27 16:56:31, 2] auth/auth.c:320(check_ntlm_password)
check_ntlm_password: Authentication for user [dominios] -> [dominios] FAILED with error NT_STATUS_WRONG_PASSWORD
[2011/09/27 16:56:31, 3] smbd/error.c:60(error_packet_set)
error packet at smbd/sesssetup.c(122) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
....