Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - sspeed

Pages: [1] 2
1
Thanks for that, it seems to move on from kill -9 and all is upgraded now.

It seems the problem might start a few lines sooner.  It never loses network connection, so the message is sort of weird.

Code: [Select]
Setting up zentyal-software (7.0.0) ...
Setting up zentyal-network (7.0.0) ...
 * Restarting Zentyal module: network
   ...fail!
Setting up zentyal (7.0.0ubuntu1) ...
Setting up zentyal-firewall (7.0.0) ...
 * Restarting Zentyal module: firewall
   ...done.
Setting up zentyal-dns (7.0.2) ...
Installing new version of config file /etc/bind/db.root ...

2
I have two Zentyals, one upgraded fine, the other just hangs here

Code: [Select]
Setting up zentyal (7.0.0ubuntu1) ...
Setting up zentyal-firewall (7.0.0) ...
 * Restarting Zentyal module: firewall
   ...done.
Setting up zentyal-dns (7.0.2) ...
Installing new version of config file /etc/bind/db.root ...

3
I've narrowed it down to why my reverse zone is not being updated, but don't know why...

On a test server, the reverse zone updates.  In my named.conf.local I have:

zone "1.1.10.in-addr.arpa" {
    type master;
    file "/var/lib/bind/db.1.1.10";
    update-policy {
        // The only allowed dynamic updates are PTR records
        grant test.domain. subdomain 1.1.10.in-addr.arpa. PTR TXT;
        // Grant from localhost
        grant local-ddns zonesub any;
    };
};

On my "production server" this entry is only populated if I have the Domain Controller and File Sharing module turned off.  Once I turn it on the reverse  zone disappears.

This gets populated via the /usr/share/zentyal/stubs/dns/named.conf.local.mas file:

<%args>
    @domains
    @inaddrs
    $generateReverseZones
    @intnets
    @internalLocalNets => ()
    $confDir
    $dynamicConfDir
    $sambaZones => undef
</%args>
...
% if ($generateReverseZones) {
%   foreach my $inaddr (@inaddrs) {
%       my $zoneName = $inaddr->{'ip'} . ".in-addr.arpa";
%       next if (defined $sambaZones and
%                lc ($zoneName) eq any @{$sambaZones});

zone "<% $zoneName %>" {
    type master;
    file "<% $inaddr->{'file'} %>";
    update-policy {
        // The only allowed dynamic updates are PTR records
%       foreach my $keyName (@{$inaddr->{'keyNames'}}) {
        grant <% $keyName %>. subdomain <% $inaddr->{'ip'} %>.in-addr.arpa. PTR TXT;
%       }
        // Grant from localhost
        grant local-ddns zonesub any;
    };
};
%   }


Why is this reverse zone getting removed?  What do I have configured wrong? I'm inclined to try just deleting the reverse zone, but don't want to end up in a worse situation than it is right now.


4
Other modules / Re: Zentyal 6 DHCP update DNS
« on: November 30, 2019, 06:24:51 am »
You are right, this project is pretty much forgotten.  Forum is dead, strange errors here and there, no support (or concern) at all from Zentyal developers.  I've had a problem forever where the reverse zone won't update, gives an error  update failed: rejected by secure update (REFUSED), but getting any help at all is non-existent.

5
Looking around, it seems maybe I need to populate something like this into the named.conf?  But that file regenerates automatically.

allow-update { 172.22.0.0/16;};

6
First of all, thank you so much for your work.  Looks like Zentyal included it in their normal release.

However, I'm getting this over and over in my logs, and updates do not appear to be working.

Nov 22 10:46:04 zentyal sh[1121]: Required keytab /etc/dhcp/samba-keys/dhcpduser.keytab not found, it needs to be created.
Nov 22 10:46:04 zentyal sh[1121]: Use the following commands as root
Nov 22 10:46:04 zentyal sh[1121]: samba-tool domain exportkeytab --principal=dhcpduser@AERO.TSI.AWD /etc/dhcp/samba-keys/dhcpduser.keytab
Nov 22 10:46:04 zentyal sh[1121]: chown XXXX:XXXX /etc/dhcp/samba-keys/dhcpduser.keytab
Nov 22 10:46:04 zentyal sh[1121]: Replace 'XXXX:XXXX' with the user & group that dhcpd runs as on your distro
Nov 22 10:46:04 zentyal sh[1121]: chmod 400 /etc/dhcp/samba-keys/dhcpduser.keytab

The file exists and seems to have the right permissions.

root@zentyal:/etc/dhcp/samba-keys# ls -l
total 4
-r-------- 1 dhcpd dhcpd 190 Nov 19 21:52 dhcpduser.keytab

Any ideas?

7
Installation and Upgrades / Re: best practices for two Zentyal servers
« on: November 18, 2019, 05:14:46 pm »
Thank you very much!

8
Installation and Upgrades / best practices for two Zentyal servers
« on: November 14, 2019, 09:56:26 pm »
I'm finally convincing myself to retire the old Windows 2003 server that I have running alongside Zentyal since I have SMB1 long disabled.  Looking for the best practices when having two Zentyal servers.  Last time I attempted two Zentyal servers dcpromo failed on the old 2003 box and the DNS_Zentyal domain account broke on the original server when I brought the new Zentyal server online.  As of now I have all 7 FSMO roles transferred to Zentyal.

1) Are there any gotchas on the dcpromo for a 2003 box as long as the FSMO roles are transferred?
2) Has anyone else had the DNS_Zentyal account problem with two Zentyals?
3) On the domain tab, do I set my first one up as "Domain controller" and the new one as "Additional Domain Controller"?
4) What else am I missing?  What, if any, functionality will I lose by tombstoning the 2003 server?

9
Installation and Upgrades / Re: adc to pdc
« on: February 11, 2019, 11:16:02 pm »
I had the same thing and ended up putting the Windows server back into service and seizing all of the FSMO roles. 

10
Ok, I tried just what I mentioned using the samba wiki for transferring roles.

On dcpromo:

The operation failed because:

Active Directory could not find another domain controller to transfer the remaining data in directory partition DC=ForestDNSZones,DC=xxxx,DC=xxx,DC=xxxx.

"The specified domain either does not exist or could not be contacted."


Doesn't make sense to me.

11
I have 3 domain controllers:

1) 2003 domain controller
2) Zentyal domain controller 1 (setup as Additional domain controller)
3) Zentyal domain controller 2 (setup as Additional domain controller)

I want to retire the 2003 domain controller, but dcpromo dies because it can't transfer roles.

1) Do I need to change one of the Zentyal servers to the "Domain Controller" role under Domain?

2) I can't transfer the FSMO, schema and associated roles in the usual AD tools.  Do I need to do with samba commands somehow?

3) Once roles are transferred, can I just do dcpromo on the Server 2003 and be done with it?

12
Yeah, I basically just ran:

sudo apt-get install

sudo apt-get update

sudo apt-get upgrade

It worked, I guess because it probably restored a file that was messed up. We'll see if it keeps working.

13
Ahh, thank you for that.  I had looked through the bug tracker and missed it.  I ran an apt-get install again and it appears to have fixed it for now.  It's sad that the forums are so dead.  Good product overall, but with no support it's a bummer.

14
Looking at nethserver now, does it have built-in AD support like zentyal or is it a user-installed and configured option?

15
Thanks for the reply, that's what I ended up doing and it seems to be working.  Thanks also for the suggestion on nethserver, I'll check it out.

Pages: [1] 2