This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: 6.2: Mail Error
« on: February 05, 2021, 11:25:17 am »Run these commands to enable debugging:
Code: [Select]
sudo su -
sed -i 's/debug = no/debug = yes/' /etc/zentyal/zentyal.conf
zs webadmin restart
Try to restart the Mail module, logs will be much more verbose now.
In addition, you should study the specific mail module logs (/var/log/mail.log, etc)
This command could be useful too:
Code: [Select]
sudo systemctl status postfix@-.service postfix.service
Cheers!
2
Installation and Upgrades / Re: How to add 2nd email and domain to Zentyal 6.2
« on: February 05, 2021, 11:04:58 am »Oh!... This task is easy. Go to the Mail module configuration and add a new virtual domain. Zentyal will give you the option of choosing between the configured virtual domains when setting a new account. You'll be able of modifying the existing accounts too and adding new addresses in the new virtual domains.
https://doc.zentyal.org/en/mail.html#virtual-domains-and-e-mail-accounts
Cheers!
3
Installation and Upgrades / Re: How to add 2nd email and domain to Zentyal 6.2
« on: February 02, 2021, 01:08:08 pm »Zentyal doesn't manage trusted relationships between domains, so, you'll have to configure ir manually. Here you have a document explaining this topic https://www.kania-online.de/wp-content/uploads/2019/06/trusts-tutorial-en.pdf (Bear in mind that I haven't tested it but it seems to be really useful)
Cheers!
4
Directory and Authentication / Re: Domain roaming profile data migration. How to made that ?
« on: February 01, 2021, 01:53:50 pm »https://forum.zentyal.org/index.php/topic,35078.msg114133.html#msg114133
Please, if you uses it, give here some feedback. I don't know this tool but it seems to be interesting.
Cheers!
5
Spanish / Re: Migracion Windows Server 2008R2, no funcionan compartidas
« on: February 01, 2021, 01:45:13 pm »¿Has comprobado que samba está habilitado y funcionando cuando encuentras estos errores?
Comprueba el estado de la base de datos de samba:
Code: [Select]
sudo samba-tool dbcheck --cross-ncs -v
Si encuentras errores, puedes utilizar el comando anterior con las opciones "--fix" y "--yes" para intentar "repararlo".
¿Has comprobado si hubo errores durante el proceso de unión de Zentyal al dominio como controlador de dominio adicional?
¡Salud!
PS: No deberías haber transferido los roles FSMO antes de estar seguro de que el nuevo controlador de dominio funciona correctamente.
6
Portuguese / Re: Elemento não encontrado
« on: January 28, 2021, 04:00:52 pm »Hmmm ... ... ...
Você deve usar o FQDN do controlador de domínio e não apenas o nome do domínio.
Ou seja, tente este URI:
Code: [Select]
//hostname.domainname.tld/user.name
Saúde!
7
Spanish / Re: VPN's redes anunciadas
« on: January 28, 2021, 01:43:42 pm »La configuración site-to-site en el caso que propones es sencilla:
En el servidor principal creas dos servidores openvpn asegurándote de que en cada uno de ellos publicas la red interna del principal y las redes internas de cada uno de los dos clientes (tendrás que crear los correspondientes objetos de red)
En cada uno de los clientes configura un cliente openvpn con el correspondiente bundle descargable proporcionado por Zentyal en los respectivos servidores openvpn. Publica en cada cliente la red interna local, la del servidor principal y la del otro cliente.
Con ésto, debería ser suficiente para tener conectividad entre las máquinas de cada una de las redes publicadas.
Cheers!
8
Other modules / Re: Zentyal to Zentyal VPN constantly dropping
« on: January 27, 2021, 06:29:38 pm »Your remote and local servers don't use the same cipher nor the same key size. Did you use the server bundle to configure the client-side? Are the two servers from different versions?
In a standard deployment:
Code: [Select]
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 TLS: Initial packet from [AF_INET]192.168.1.200:36235, sid=b8748dd1 f64cb113
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 VERIFY OK: depth=1, C=ES, ST=ARDA, L=ALQUALONDE, O=VALINOR, CN=VALINOR Authority Certificate
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 VERIFY OK: depth=0, C=ES, ST=ARDA, L=ALQUALONDE, O=VALINOR, CN=client
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_VER=2.4.7
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_PLAT=linux
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_PROTO=2
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_NCP=2
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_LZ4=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_LZ4v2=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_LZO=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_COMP_STUB=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_COMP_STUBv2=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 peer info: IV_TCPNL=1
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Wed Jan 27 16:53:44 2021 192.168.1.200:36235 [client] Peer Connection Initiated with [AF_INET]192.168.1.200:36235
Wed Jan 27 16:53:44 2021 client/192.168.1.200:36235 MULTI_sva: pool returned IPv4=192.168.160.2, IPv6=(Not enabled)
Wed Jan 27 16:53:46 2021 client/192.168.1.200:36235 PUSH: Received control message: 'PUSH_REQUEST'
Wed Jan 27 16:53:46 2021 client/192.168.1.200:36235 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.2.0 255.255.255.0,route-gateway 192.168.160.1,ping 10,ping-restart 120,ifconfig 192.168.160.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Wed Jan 27 16:53:46 2021 client/192.168.1.200:36235 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Jan 27 16:53:46 2021 client/192.168.1.200:36235 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Jan 27 16:53:46 2021 client/192.168.1.200:36235 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
...
cheers!
9
Directory and Authentication / Re: File Shared error -- I am not authorized to give an element not found.
« on: January 27, 2021, 02:24:33 pm »Run this command:
Code: [Select]
sudo testparm
I have configured a "test" shared resource. The testparm command shows this regardinf this share:
Code: [Select]
...
[test]
force create mode = 0660
force directory mode = 0660
path = /home/samba/shares/test
valid users = "@Domain Users"
vfs objects = acl_xattr full_audit
write list = "@Domain Users"
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
...
Check you valid users and write list parameters.
Cheers!
10
Portuguese / Re: Elemento não encontrado
« on: January 27, 2021, 02:02:45 pm »Se bem entendi, este não é um comportamento normal.
Ainda assim, os diretórios "iniciais" do usuário no servidor não são iguais aos recursos compartilhados.
Eles podem ser configurados pelo samba mesmo como "somente leitura" e "não navegáveis" (execute o comando sudo testparm em seu servidor e consulte a seção "casas")
Esses diretórios não são os mesmos que hospedam os "perfis de roaming" de cada usuário, se habilitados. Eles são os mesmos que as "casas" das contas do servidor local e são necessários se o módulo PAM estiver habilitado (o que permite usar as contas de domínio como contas locais no servidor)
(O módulo FTP também tem uma opção que permite que você dê aos usuários acesso às suas casas, mas é até certo ponto uma anomalia)
Verifique se o diretório /home/user.registered existe em seu servidor e execute estes comandos para obter informações:
Code: [Select]
getfacl /home/user.registered
sudo testparm
net rpc share list localhost -User.registered% password
Use smbclient para tentar acessar a pasta:
Code: [Select]
smbclient //10.5.12.107/test -User.registered% password
Saúde!
PS: Que Camões perdoe o Google Translate e a mim por esse ataque à nobre língua portuguesa. : P
11
Directory and Authentication / Re: PDC won't fully create new users in AD after machine is restored from backup.
« on: January 25, 2021, 04:42:34 pm »It's a really odd issue. I would check the FSMO roles, I would demote the PDC and, afterward, I would join a new additional domain controller.
In addition, if you manage a little domain (only a few clients and easily accessible) and there isn't a huge amount of data to move, you could migrate the whole data to a fresh install (read this: https://doc.zentyal.org/en/directory.html#total-migration. )
Regarding how to debug this issue I think you could begin by using the RSAT dcdiag.exe tool:
Code: [Select]
Diagn¢stico del servidor de directorio
Realizando instalaci¢n inicial:
* Conect ndose al servicio de directorio en el servidor zentyal.zentyal-domain.lan.
* Se identific¢ el bosque de AD.
Collecting AD specific global data
* Recopilando informaci¢n del sitio.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Getting ISTG and options for the site
* Identificando todos los servidores.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identificando todas las referencias cruzadas de NC.
* Se encontraron 1 DC. Probando 1 de ellos.
Recopilaci¢n de informaci¢n inicial finalizada.
Realizando pruebas requeridas iniciales
Probando servidor: Default-First-Site-Name\ZENTYAL
Iniciando prueba: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... ZENTYAL super¢ la prueba Connectivity
Realizando pruebas principales
Probando servidor: Default-First-Site-Name\ZENTYAL
Iniciando prueba: Advertising
The DC ZENTYAL is advertising itself as a DC and having a DS.
The DC ZENTYAL is advertising as an LDAP server
The DC ZENTYAL is advertising as having a writeable directory
The DC ZENTYAL is advertising as a Key Distribution Center
The DC ZENTYAL is advertising as a time server
The DS ZENTYAL is advertising as a GC.
......................... ZENTYAL super¢ la prueba Advertising
Prueba omitida por solicitud del usuario: CheckSecurityError
Prueba omitida por solicitud del usuario: CutoffServers
Iniciando prueba: FrsEvent
* Prueba del registro de eventos del servicio de replicaci¢n de archivos
......................... ZENTYAL super¢ la prueba FrsEvent
Iniciando prueba: DFSREvent
The DFS Replication Event Log.
Omitir esta prueba porque el servidor est ejecutando FRS.
......................... ZENTYAL super¢ la prueba DFSREvent
Iniciando prueba: SysVolCheck
* Prueba de preparaci¢n de SYSVOL del servicio de replicaci¢n de archivos
SysVol no est listo. Esto puede provocar que el DC no se anuncie como DC para NetLogon despus de Dcpromo.
Asimismo, los problemas relativos a la replicaci¢n de FRS SysVol pueden ocasionar problemas en la directiva de
grupo. Compruebe el registro de eventos de FRS de este DC.
......................... ZENTYAL no super¢ la prueba SysVolCheck
Iniciando prueba: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... ZENTYAL super¢ la prueba KccEvent
Iniciando prueba: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Role Domain Owner = CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Role PDC Owner = CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Role Rid Owner = CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Role Infrastructure Update Owner = CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
......................... ZENTYAL super¢ la prueba KnowsOfRoleHolders
Iniciando prueba: MachineAccount
Checking machine account for DC ZENTYAL on DC ZENTYAL.
* SPN found :LDAP/zentyal.zentyal-domain.lan/zentyal-domain.lan
* SPN found :LDAP/zentyal.zentyal-domain.lan
* SPN found :LDAP/ZENTYAL
* SPN found :LDAP/zentyal.zentyal-domain.lan/ZENTYAL-DOMAIN
* SPN found :LDAP/deb08c03-614b-4547-ad9a-24d5d1bc7bf9._msdcs.zentyal-domain.lan
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/deb08c03-614b-4547-ad9a-24d5d1bc7bf9/zentyal-domain.lan
* SPN found :HOST/zentyal.zentyal-domain.lan/zentyal-domain.lan
* SPN found :HOST/zentyal.zentyal-domain.lan
* SPN found :HOST/ZENTYAL
* SPN found :HOST/zentyal.zentyal-domain.lan/ZENTYAL-DOMAIN
* SPN found :GC/zentyal.zentyal-domain.lan/zentyal-domain.lan
......................... ZENTYAL super¢ la prueba MachineAccount
Iniciando prueba: NCSecDesc
* Security Permissions check for all NC's on DC ZENTYAL.
* Comprobaci¢n de permisos de seguridad para
CN=Schema,CN=Configuration,DC=zentyal-domain,DC=lan
(Schema,Version 3)
* Comprobaci¢n de permisos de seguridad para
DC=ForestDnsZones,DC=zentyal-domain,DC=lan
(NDNC,Version 3)
* Comprobaci¢n de permisos de seguridad para
DC=DomainDnsZones,DC=zentyal-domain,DC=lan
(NDNC,Version 3)
* Comprobaci¢n de permisos de seguridad para
CN=Configuration,DC=zentyal-domain,DC=lan
(Configuration,Version 3)
* Comprobaci¢n de permisos de seguridad para
DC=zentyal-domain,DC=lan
(Domain,Version 3)
......................... ZENTYAL super¢ la prueba NCSecDesc
Iniciando prueba: NetLogons
* Network Logons Privileges Check
Verified share \\ZENTYAL\netlogon
Verified share \\ZENTYAL\sysvol
......................... ZENTYAL super¢ la prueba NetLogons
Iniciando prueba: ObjectsReplicated
ZENTYAL is in domain DC=zentyal-domain,DC=lan
Checking for CN=ZENTYAL,OU=Domain Controllers,DC=zentyal-domain,DC=lan in domain DC=zentyal-domain,DC=lan on 1 servers
No se pudieron leer los metadatos del objeto en ZENTYAL. Error Solicitud no compatible.
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan in domain CN=Configuration,DC=zentyal-domain,DC=lan on 1 servers
No se pudieron leer los metadatos del objeto en ZENTYAL. Error Solicitud no compatible.
Object is up-to-date on all servers.
......................... ZENTYAL super¢ la prueba ObjectsReplicated
Prueba omitida por solicitud del usuario: OutboundSecureChannels
Iniciando prueba: Replications
* Replications Check
* Replication Latency Check
......................... ZENTYAL super¢ la prueba Replications
Iniciando prueba: RidManager
* Available RID Pool for the Domain is 1600 to 1073741823
* zentyal.zentyal-domain.lan is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1107
......................... ZENTYAL super¢ la prueba RidManager
Iniciando prueba: Services
No se pudo abrir la IPC remota en [zentyal.zentyal-domain.lan]: error 0x4c3
"Las conexiones m£ltiples para un servidor o recurso compartido compatible por el mismo usuario, usando m s de un nombre de usuario, no est n permitidas. Desconecte todas las conexiones anteriores al servidor o recursos compartido e intntelo de nuevo."
......................... ZENTYAL no super¢ la prueba Services
Iniciando prueba: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... ZENTYAL super¢ la prueba SystemLog
Prueba omitida por solicitud del usuario: Topology
Prueba omitida por solicitud del usuario: VerifyEnterpriseReferences
Iniciando prueba: VerifyReferences
La referencia del objeto del sistema (serverReference)
CN=ZENTYAL,OU=Domain Controllers,DC=zentyal-domain,DC=lan y el v¡nculo de retroceso
CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan son
correctos.
Algunos objetos relacionados con el DC ZENTYAL tienen problemas:
[1] Problema: falta un valor esperado
Objeto base:
CN=NTDS Settings,CN=ZENTYAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zentyal-domain,DC=lan
Descripci¢n de objeto base: "Objeto DSA"
Nombre de atributo de objeto de valor: serverReferenceBL
Descripci¢n de objeto de valor: "Objeto de miembro de SYSVOL FRS"
Acci¢n recomendada: vea el art¡culo de Knowledge Base: Q312862
[1] Problema: falta un valor esperado
Objeto base: CN=ZENTYAL,OU=Domain Controllers,DC=zentyal-domain,DC=lan
Descripci¢n de objeto base: "Objeto de cuenta de DC"
Nombre de atributo de objeto de valor: frsComputerReferenceBL
Descripci¢n de objeto de valor: "Objeto de miembro de SYSVOL FRS"
Acci¢n recomendada: vea el art¡culo de Knowledge Base: Q312862
......................... ZENTYAL no super¢ la prueba VerifyReferences
Prueba omitida por solicitud del usuario: VerifyReplicas
Prueba omitida por solicitud del usuario: DNS
Prueba omitida por solicitud del usuario: DNS
Ejecutando pruebas de partici¢n en: Schema
Iniciando prueba: CheckSDRefDom
......................... Schema super¢ la prueba CheckSDRefDom
Iniciando prueba: CrossRefValidation
......................... Schema super¢ la prueba CrossRefValidation
Ejecutando pruebas de partici¢n en: ForestDnsZones
Iniciando prueba: CheckSDRefDom
A la partici¢n del directorio de la aplicaci¢n DC=ForestDnsZones,DC=zentyal-domain,DC=lan le falta un
dominio de referencia del descriptor de seguridad. El administrador debe establecer el atributo
DS-SD-Reference-Domain del objeto de la referencia cruzada
CN=74b97699-13ec-48fb-a6d8-13eb94c26a90,CN=Partitions,CN=Configuration,DC=zentyal-domain,DC=lan en el DN de
un dominio.
......................... ForestDnsZones no super¢ la prueba CheckSDRefDom
Iniciando prueba: CrossRefValidation
......................... ForestDnsZones super¢ la prueba CrossRefValidation
Ejecutando pruebas de partici¢n en: DomainDnsZones
Iniciando prueba: CheckSDRefDom
A la partici¢n del directorio de la aplicaci¢n DC=DomainDnsZones,DC=zentyal-domain,DC=lan le falta un
dominio de referencia del descriptor de seguridad. El administrador debe establecer el atributo
DS-SD-Reference-Domain del objeto de la referencia cruzada
CN=9c00fa89-d4b4-4cbb-b74b-c28ddacabd70,CN=Partitions,CN=Configuration,DC=zentyal-domain,DC=lan en el DN de
un dominio.
......................... DomainDnsZones no super¢ la prueba CheckSDRefDom
Iniciando prueba: CrossRefValidation
......................... DomainDnsZones super¢ la prueba CrossRefValidation
Ejecutando pruebas de partici¢n en: Configuration
Iniciando prueba: CheckSDRefDom
......................... Configuration super¢ la prueba CheckSDRefDom
Iniciando prueba: CrossRefValidation
......................... Configuration super¢ la prueba CrossRefValidation
Ejecutando pruebas de partici¢n en: zentyal-domain
Iniciando prueba: CheckSDRefDom
......................... zentyal-domain super¢ la prueba CheckSDRefDom
Iniciando prueba: CrossRefValidation
......................... zentyal-domain super¢ la prueba CrossRefValidation
Ejecutando pruebas de empresa en: zentyal-domain.lan
Prueba omitida por solicitud del usuario: DNS
Prueba omitida por solicitud del usuario: DNS
Iniciando prueba: LocatorCheck
Nombre de GC: \\zentyal.zentyal-domain.lan
Locator Flags: 0xe00003fd
PDC Name: \\zentyal.zentyal-domain.lan
Locator Flags: 0xe00003fd
Time Server Name: \\zentyal.zentyal-domain.lan
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\zentyal.zentyal-domain.lan
Locator Flags: 0xe00003fd
KDC Name: \\zentyal.zentyal-domain.lan
Locator Flags: 0xe00003fd
......................... zentyal-domain.lan super¢ la prueba LocatorCheck
Iniciando prueba: Intersite
Omitiendo el sitio Default-First-Site-Name. Este sitio est fuera del mbito proporcionado por los argumentos
de la l¡nea de comandos facilitados.
......................... zentyal-domain.lan super¢ la prueba Intersite
Cheers!
12
Directory and Authentication / Re: Dead Primary DC, Working Secondary DC - How Create Primary again?
« on: January 25, 2021, 03:58:00 pm »It's an interesting tool.
Actually, if it weren't for the need to join the machines to the domain, more of the times I would prefer to migrate the data from old servers to a fresh install instead of upgrading them(especially if you have your shares in a dedicated disk)
Thank you!
13
Installation and Upgrades / Re: Zentyal 7 release date?
« on: January 25, 2021, 02:19:03 pm »The Dynamic DNS Options can be setted on "webmin > DHCP >interface configuration > Dynamic DNS Options". Here you can enable or disable the DDNS.
I have disabled DHCP and the system seems to run properly (the DNS module shows the "Dynamic Domain" enabled though).
Could be your samba service was down when the system tried to update DNS?
Paste here the zentyal.log parts regarding network and samba errors if you need some help.
Cheers!
14
Directory and Authentication / Re: GPO's under user configuration
« on: January 25, 2021, 01:42:58 pm »I tried to configure a user based GPO and I had the same issue you reported.
GPRESULT shows all right but the GPO doesn't seem to run.
(I added delegation for Domain Computers (r) and Domain Users (r). )
Windows 10 Pro. 1607 (OS Build 14393.0)
Zentyal 6.2
Code: [Select]
General
hide
User name ZENTYAL-DOMAIN\admindc
Domain zentyal-domain.lan
Security Group Membership
hide
ZENTYAL-DOMAIN\Domain Users
Everyone
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
NT AUTHORITY\This Organization
LOCAL
ZENTYAL-DOMAIN\Domain Admins
ZENTYAL-DOMAIN\Denied RODC Password Replication Group
Mandatory Label\High Mandatory Level
...
Group Policy Objects
hide
Applied GPOs
hide
testgpo [{02594854-7656-40C7-AC4A-0E41B183E334}]
hide
Link Location zentyal-domain.lan
Extensions Configured Group Policy Drive Maps
Group Policy Infrastructure
Enforced No
Disabled None
Security Filters NT AUTHORITY\Authenticated Users
Revision AD (10), SYSVOL (10)
WMI Filter
Code: [Select]
# samba-tool gpo show {02594854-7656-40C7-AC4A-0E41B183E334}
...
GPO : {02594854-7656-40C7-AC4A-0E41B183E334}
display name : testgpo
path : \\zentyal-domain.lan\SysVol\zentyal-domain.lan\Policies\{02594854-7656-40C7-AC4A-0E41B183E334}
dn : CN={02594854-7656-40C7-AC4A-0E41B183E334},CN=Policies,CN=System,DC=zentyal-domain,DC=lan
version : 655360
flags : NONE
ACL : <hidden>
Code: [Select]
getfacl /var/lib/samba/sysvol/zentyal-domain.lan/Policies/\{02594854-7656-40C7-AC4A-0E41B183E334\}
getfacl: Removing leading '/' from absolute path names
# file: var/lib/samba/sysvol/zentyal-domain.lan/Policies/{02594854-7656-40C7-AC4A-0E41B183E334}
# owner: ZENTYAL-DOMAIN\134admindc
# group: ZENTYAL-DOMAIN\134domain\040admins
user::rwx
user:ZENTYAL-DOMAIN\134admindc:rwx
user:3000002:rwx
user:3000003:r-x
user:3000007:rwx
user:3000010:r-x
user:3000018:r-x
group::rwx
group:ZENTYAL-DOMAIN\134domain\040admins:rwx
group:ZENTYAL-DOMAIN\134domain\040users:r-x
group:NT\040AUTHORITY\134system:rwx
group:NT\040AUTHORITY\134authenticated\040users:r-x
group:ZENTYAL-DOMAIN\134enterprise\040admins:rwx
group:NT\040AUTHORITY\134serverlogon:r-x
group:ZENTYAL-DOMAIN\134domain\040computers:r-x
mask::rwx
other::---
default:user::rwx
default:user:ZENTYAL-DOMAIN\134admindc:rwx
default:user:3000002:rwx
default:user:3000003:r-x
default:user:3000007:rwx
default:user:3000010:r-x
default:user:3000018:r-x
default:group::---
default:group:ZENTYAL-DOMAIN\134domain\040admins:rwx
default:group:ZENTYAL-DOMAIN\134domain\040users:r-x
default:group:NT\040AUTHORITY\134system:rwx
default:group:NT\040AUTHORITY\134authenticated\040users:r-x
default:group:ZENTYAL-DOMAIN\134enterprise\040admins:rwx
default:group:NT\040AUTHORITY\134serverlogon:r-x
default:group:ZENTYAL-DOMAIN\134domain\040computers:r-x
default:mask::rwx
default:other::---
Could be I forgotten some evident thing?
Cheers!
15
Installation and Upgrades / Re: New Install Should I Wait
« on: January 25, 2021, 11:08:15 am »Zentyal has always offered a functional way for upgrading to the newest versions from the version before, so I believe that you could install Zentyal 6.2 and being confident on a transparent upgrading when necessary.
In addition to make a global migration from a Zentyal server to another isn't a difficult task (if you haven't huge amount of data to be moved)
cheers!