Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: Re-apply acls by cron
« on: January 21, 2015, 11:28:26 am »
getfacl/setfacl didn't work for me in a similar situation.
I eventually found the samba-tool get/setacl utilities which enabled me to do the following:
Possibly you could script this to fix up your perms too.
I eventually found the samba-tool get/setacl utilities which enabled me to do the following:
Code: [Select]
NTACLS=(< `samba-tool ntacl get /home/samba/shares/path/to/file/to/copy/ntacls/from --as-sddl`)
samba-tool ntacl set $NTACLS /home/samba/shares/path/to/file/to/overwrite/ntaclsPossibly you could script this to fix up your perms too.
2
Installation and Upgrades / Re: Troubles with NTACL xattr
« on: January 21, 2015, 11:05:59 am »
I have no idea how it happened but I have a "clean" 3.2 installation which had a file I also could mysteriously not access. Despite searching the forums which recommended the use of setacl and getacl I could not access the file or take ownership etc.
I eventually found the samba-tool get/setacl utilities which enabled me to do the following:
This reset the permissions and I was able to continue with my day.
I eventually found the samba-tool get/setacl utilities which enabled me to do the following:
Code: [Select]
NTACLS=(< `samba-tool ntacl get /home/samba/shares/path/to/file/to/copy/ntacls/from --as-sddl`)
samba-tool ntacl set $NTACLS /home/samba/shares/path/to/file/to/overwrite/ntaclsThis reset the permissions and I was able to continue with my day.
3
Installation and Upgrades / Re: Bulk Import Users from CSV with group associations?
« on: June 02, 2014, 12:35:48 am »
Hi I got a solution to this the other day here:-
https://forum.zentyal.org/index.php/topic,18105.msg84858.html#msg84858
in case you still need help,
Regards.
https://forum.zentyal.org/index.php/topic,18105.msg84858.html#msg84858
in case you still need help,
Regards.
4
Installation and Upgrades / Re: ImportUsersInBulk doesn't works in Zentyal 3.2 to create a lot of users
« on: May 26, 2014, 07:28:26 pm »
Hi, I have looked into the code of 3.2 and got this groups script working for me, and if 3.4 is the same api, which I guess it could well be, then you could do the following:-
- Change the group name in the groups csv to be the "group DN"
this is basically the name of the group followed by the "Groups DN"
you can get the Groups DN by Going to Users and Computers ‣ LDAP Settings
mine was ou=Groups,dc=worthing,dc=futures
then, for example, my group named non-staff has a DN of:-
CN=non-staff,OU=Groups,DC=worthing,DC=futures
(I confirmed this by using the ldbsearch command, but it should be pretty standard) - in order to put that into the CSV file, I had to change the delimiter. this is because otherwise the group name wouldn't be parsed correctly as it already has commas in it. So I replaced the existing commas with the ~ (tilde) character before adding in the group DN
e.g. first line:-
desk1~user~desk 1~sunshine~CN=non-staff,OU=Groups,DC=worthing,DC=futures~
- So I changed the BULKUSERS script as follows:-
Code: [Select]
#!/usr/bin/perl
use strict;
use warnings;
use EBox;
use EBox::Users::User;
EBox::init();
my $parent = EBox::Users::User->defaultContainer();
open (my $USERS, 'users.csv');
while (my $line = <$USERS>) {
chomp ($line);
my ($username, $givenname, $surname, $password, $grp) = split('~', $line);
EBox::Users::User->create(
uid => $username,
parent => $parent,
givenname => $givenname,
surname => $surname,
password => $password
);
my $group = new EBox::Users::Group(dn => $grp);
$group->addMember(EBox::Users::User->new(uid => $username));
}
close ($USERS);
1;
5
Installation and Upgrades / Re: Users home drive sometimes is not mapped
« on: March 14, 2014, 04:55:58 pm »
No, there are definitely issues with having the username with capitals in it.
If I have the user Caioa in the system, sometimes he can't view his H drive
If I rename /home/Caioa to /home/caioa, he can view it.
When he reboots and I have restarted samba he can no longer view it
If I rename it back again, from /home/caioa to /home/Caioa it starts working again!
So, I decided to disable this user and create a new user, caio...
when I tried to do it I got:
An internal error has occurred. This is most probably a bug, relevant information can be found in the logs. Please look for the details in the /var/log/zentyal/zentyal.log file and take a minute to submit a bug report so we can fix the issue as soon as possible.
log:
2014/03/14 15:48:29 ERROR> User.pm:631 EBox::Users::User::__ANON__ - Error on person LDAP entry creation: The client attempted to add an entry that already exists. This can occur as
a result of
* An add request was submitted with a DN that already exists
* A modify DN requested was submitted, where the requested new DN already exists
* The request is adding an attribute to the schema and an attribute with the
given OID or name already exists
.<br/> Operation parameters:'add []
'
So, since the new user name is different, but the name is the same, does it mean that two users with different user name but the same first/last names are not allowed???
Will update if I have further issues after deleting the initial user.
If I have the user Caioa in the system, sometimes he can't view his H drive
If I rename /home/Caioa to /home/caioa, he can view it.
When he reboots and I have restarted samba he can no longer view it
If I rename it back again, from /home/caioa to /home/Caioa it starts working again!
So, I decided to disable this user and create a new user, caio...
when I tried to do it I got:
An internal error has occurred. This is most probably a bug, relevant information can be found in the logs. Please look for the details in the /var/log/zentyal/zentyal.log file and take a minute to submit a bug report so we can fix the issue as soon as possible.
log:
2014/03/14 15:48:29 ERROR> User.pm:631 EBox::Users::User::__ANON__ - Error on person LDAP entry creation: The client attempted to add an entry that already exists. This can occur as
a result of
* An add request was submitted with a DN that already exists
* A modify DN requested was submitted, where the requested new DN already exists
* The request is adding an attribute to the schema and an attribute with the
given OID or name already exists
.<br/> Operation parameters:'add []
'
So, since the new user name is different, but the name is the same, does it mean that two users with different user name but the same first/last names are not allowed???
Will update if I have further issues after deleting the initial user.
6
Installation and Upgrades / Re: Users home drive sometimes is not mapped
« on: March 12, 2014, 11:53:13 pm »
Actually, scrub that thought, I renamed the user back because there was a different problem that was hiding the H drive.
On this Windows 7 system, There was a hidden empty media drive mapped to H on the HP desktop. I changed drive letter and path in computer manager disk management using an admin account, changed from H: to B:, and after a reboot drive letter was back.
On this Windows 7 system, There was a hidden empty media drive mapped to H on the HP desktop. I changed drive letter and path in computer manager disk management using an admin account, changed from H: to B:, and after a reboot drive letter was back.
7
Installation and Upgrades / Re: Users home drive sometimes is not mapped
« on: March 12, 2014, 11:24:42 pm »
I just had this problem with a home drive not mapping, the username had capitals in it.
Username was Caioa
I renamed /home/Caioa to /home/caioa and restarted /etc/init.d/zentyal samba restart and it started working.
Should I raise it as a ticket?
Username was Caioa
I renamed /home/Caioa to /home/caioa and restarted /etc/init.d/zentyal samba restart and it started working.
Should I raise it as a ticket?
8
Installation and Upgrades / Re: sane way to use zentyal samba in production?
« on: February 21, 2014, 01:25:48 pm »
Yes the siren lure of AD is what's dragging me towards 3.x 
You see I installed 3.2 but the dns server just kept dying so it had to be manually restarted every few weeks which is a critical component. I then had a disaster with ACLS getting so I upgraded (!) and it broke even further. Now it jsut runs at 100% cpu.
I'm worried if I use 3.2 I'll run into the same problems. But at least with 3.2 you can turn off ACLs so maybe I'll reinstall that. I do have a 3.0 install just whirring away.
As for the difference between buying support and a product, currently you do effectively buy support with Microsoft in the form of updates to the software and access to their support pages. I haven't had the opportunity to try Zentyal support but the only time I had the opportunity to use MS support (with a non-working Office 2007 install) they told me to reinstall the operating system.... It just wasn't useful to me. Maybe to others?
It's surely an unfair comparison given the resources of MS and the fact that Zentyal has to survive but that's just how I feel.
You see I installed 3.2 but the dns server just kept dying so it had to be manually restarted every few weeks which is a critical component. I then had a disaster with ACLS getting so I upgraded (!) and it broke even further. Now it jsut runs at 100% cpu.
I'm worried if I use 3.2 I'll run into the same problems. But at least with 3.2 you can turn off ACLs so maybe I'll reinstall that. I do have a 3.0 install just whirring away.
As for the difference between buying support and a product, currently you do effectively buy support with Microsoft in the form of updates to the software and access to their support pages. I haven't had the opportunity to try Zentyal support but the only time I had the opportunity to use MS support (with a non-working Office 2007 install) they told me to reinstall the operating system.... It just wasn't useful to me. Maybe to others?
It's surely an unfair comparison given the resources of MS and the fact that Zentyal has to survive but that's just how I feel.
9
Installation and Upgrades / sane way to use zentyal samba in production?
« on: February 21, 2014, 11:36:57 am »
Hi
Is there any way to use this software in production without buying a subscription?
What would you download? I am trying 3.0 now.
excuse the lack of sleep RANT:
Since October while testing zentyal with one customer, I have run around repeatedly in circles with showstopping bugs in Zentyal.
I don't remember this in the old days. Sure there were problems but it was possible to work out how to work around it.
just now I feel I will have to just install Samba 4 directly and bin Zentyal as it's not worth the problems. Subscription soon costs more than MS 2012 essentials which just seems wrong.
I would even be happy to pay for access to the stable update stream and but with only community support? Say 40 - 80 Eur per server per year?
The pain of using this software due to so many moving parts and massive fails is insane.
/RANT
Is there any way to use this software in production without buying a subscription?
What would you download? I am trying 3.0 now.
excuse the lack of sleep RANT:
Since October while testing zentyal with one customer, I have run around repeatedly in circles with showstopping bugs in Zentyal.
I don't remember this in the old days. Sure there were problems but it was possible to work out how to work around it.
just now I feel I will have to just install Samba 4 directly and bin Zentyal as it's not worth the problems. Subscription soon costs more than MS 2012 essentials which just seems wrong.
I would even be happy to pay for access to the stable update stream and but with only community support? Say 40 - 80 Eur per server per year?
The pain of using this software due to so many moving parts and massive fails is insane.
/RANT
10
Installation and Upgrades / Re: samba causing named to segfault
« on: January 10, 2014, 11:31:11 am »
No, what I did was, I put monitoring on, as a temporary measure using nagios check_dns, then, it happened once or twice more and I restarted it, and hasn't happened for a few weeks now.
11
Installation and Upgrades / sharing /home on 3.2
« on: December 11, 2013, 09:45:12 pm »
Has anyone tried sharing the /home directory so that a user/group can view the other users folders?
it just sounds like a bad idea sharing out the folders twice, with overlapping acls- particularly as all the file shares are shared out of /home/samba/shares by default
Has anyone applied an alternative method of setting up user's homes?
it just sounds like a bad idea sharing out the folders twice, with overlapping acls- particularly as all the file shares are shared out of /home/samba/shares by default
Has anyone applied an alternative method of setting up user's homes?
12
Installation and Upgrades / Re: [SOLVED.....kind of] DNS - External IP picked up in Internal DNS
« on: November 19, 2013, 03:23:08 pm »
I don't understand why you would need to use the stub file - if you can just change the dns.conf?
at least enabling sortlist is now mentioned in the documentation?
http://doc.zentyal.org/en/filesharing.html
(came here as my vpn connection broke dns...)
at least enabling sortlist is now mentioned in the documentation?
http://doc.zentyal.org/en/filesharing.html
(came here as my vpn connection broke dns...)
13
Installation and Upgrades / location of sysvol
« on: November 19, 2013, 02:01:59 pm »
My path to sysvol is a bit strange, it contains both "tmp" and "backup":
/var/lib/zentyal/tmp/samba.backup/sysvol/
Is this a Bad Thing?
* UPDATE - just realised it's here:
/opt/samba4/var/locks/sysvol/
Sorry if I bothered anyone..!
/var/lib/zentyal/tmp/samba.backup/sysvol/
Is this a Bad Thing?
* UPDATE - just realised it's here:
/opt/samba4/var/locks/sysvol/
Sorry if I bothered anyone..!
14
Installation and Upgrades / Re: samba causing named to segfault
« on: November 14, 2013, 10:44:27 pm »
I've been looking into this a bit more and was wondering if there was a way I can set it to auto-restart?
I looked as supervisord but couldn't work out the configuration that would be required.
I looked as supervisord but couldn't work out the configuration that would be required.
15
Installation and Upgrades / samba causing named to segfault
« on: November 14, 2013, 09:45:21 pm »
Hi I have Zentyal 3.2, fully updated.
Before the latest updates of Nov 6 (when I installed zentyal from the latest ISO) I think I also had this problem.
Basically DNS has stopped, preventing logins.
Here's what I found in the logs:
Nov 13 14:44:37 islington1 named[5707]: samba_dlz: starting transaction on zone islington.local
Nov 13 14:44:37 islington1 kernel: [436398.524903] named[5708]: segfault at 0 ip 00007f443fedbad4 sp 00007f443aed18e0 error 4 in libc-2.15.so[7f443fe9f000+1b
5000]
It doesn't crash straight away, but happens after a day or two.
Before the latest updates of Nov 6 (when I installed zentyal from the latest ISO) I think I also had this problem.
Basically DNS has stopped, preventing logins.
Here's what I found in the logs:
Nov 13 14:44:37 islington1 named[5707]: samba_dlz: starting transaction on zone islington.local
Nov 13 14:44:37 islington1 kernel: [436398.524903] named[5708]: segfault at 0 ip 00007f443fedbad4 sp 00007f443aed18e0 error 4 in libc-2.15.so[7f443fe9f000+1b
5000]
It doesn't crash straight away, but happens after a day or two.