This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: Configuration for OVH (gateway reachable only after adding explicit route to it)
« on: June 05, 2023, 07:22:40 pm »
Hi afranca,
If you edit default Linux config files, Zentyal will overwrite them on reboot.
Use Hooks and Stubs to create persistent configuration
please look at https://doc.zentyal.org/en/appendix-c.html#stubs and https://doc.zentyal.org/en/appendix-c.html#hooks
Cheerio
If you edit default Linux config files, Zentyal will overwrite them on reboot.
Use Hooks and Stubs to create persistent configuration
please look at https://doc.zentyal.org/en/appendix-c.html#stubs and https://doc.zentyal.org/en/appendix-c.html#hooks
Cheerio
2
News and Announcements / Re: Zentyal 7.0 available!
« on: March 10, 2023, 01:14:31 pm »
Read this:
https://github.com/zentyal/zentyal/issues/2085
Zentyal 8 will either be released around May or not at all
https://github.com/zentyal/zentyal/issues/2085
Zentyal 8 will either be released around May or not at all
3
Directory and Authentication / Re: ldbsearch -H /var/lib/samba/private/sam.ldb -s base 'dn' --debug-stderr
« on: March 10, 2023, 01:11:06 pm »https://github.com/zentyal/zentyal/compare/master...Deslack:zentyal:patch-1#diff-ff17a008852abbbb52bac92e18e00a344324e3dd95f7778f5d2173bae417e44b
Great idea Deslack however, I suspect this will never get merged.. Look at https://github.com/zentyal/zentyal/pulls?q=is%3Apr+is%3Aclosed
Last accepted PR was late 2020 so we are now waiting for Zentyal 8 (supposedly to be released around May)
More importantly, Thank you @markus.neubauer and @Deslack
4
Other modules / DNS not recognizing static name allocation
« on: February 28, 2023, 03:31:19 pm »
So I have two machines I'd like to have static IP issued by the server.
Some time ago I created "Objects ❱ Static_Workstation" which included Laptop1, IP, MAC. This was working fine, my domain joined laptop (Laptop1) does get static IP and I can ping it via name on the network.
In the last few days I've added another device (same thing Laptop2, IP, MAC). The device does get the allocated IP but DNS doesn't seem to recognize the name. If I ping Laptop2 all I'm getting is "Ping request could not find host Laptop2. Please check the name and try again."; ping with IP works just fine.
What could I be doing wrong? I've restarted server (probably number of times already) DNS and DHCP; Laptop was restarted many times too.
Typing this, I realized that the only difference between Laptop1 and Laptop2 was that the latter was pre-created in the AD. I created an object called Laptop2 in where I want it to exist. I then joined the laptop and it worked (apart the DNS allocation).
Any suggestions would be greatly received,
Some time ago I created "Objects ❱ Static_Workstation" which included Laptop1, IP, MAC. This was working fine, my domain joined laptop (Laptop1) does get static IP and I can ping it via name on the network.
In the last few days I've added another device (same thing Laptop2, IP, MAC). The device does get the allocated IP but DNS doesn't seem to recognize the name. If I ping Laptop2 all I'm getting is "Ping request could not find host Laptop2. Please check the name and try again."; ping with IP works just fine.
What could I be doing wrong? I've restarted server (probably number of times already) DNS and DHCP; Laptop was restarted many times too.
Typing this, I realized that the only difference between Laptop1 and Laptop2 was that the latter was pre-created in the AD. I created an object called Laptop2 in where I want it to exist. I then joined the laptop and it worked (apart the DNS allocation).
Any suggestions would be greatly received,
5
German / Re: when Zentyal 8.0 will be released?
« on: February 06, 2023, 12:31:57 pm »
Halo prossik,
I agree with your question about next zentyal release, it's been a while since there was any announcement or bigger patch.
However, subject of this thread is rather incorrect. Ubuntu 20.04LTS will be getting standard support until April 2025 so there's no need to panic just yet. https://ubuntu.com/about/release-cycle
Bitte entschuldigen Sie die englische Sprache im deutschen Forum
I agree with your question about next zentyal release, it's been a while since there was any announcement or bigger patch.
However, subject of this thread is rather incorrect. Ubuntu 20.04LTS will be getting standard support until April 2025 so there's no need to panic just yet. https://ubuntu.com/about/release-cycle
Bitte entschuldigen Sie die englische Sprache im deutschen Forum
6
Directory and Authentication / Re: PAM User to sudoers
« on: January 18, 2023, 05:50:52 pm »
So I found a way to allow user to use sudo..
Edit the /etc/sudoers and add:
user must also be in the sudo group
That still leaves me wit allowing only some users access to PAM.
Edit the /etc/sudoers and add:
Code: [Select]
domain\\username ALL=(ALL:ALL) ALL
note "\\" between domain and the usernameuser must also be in the sudo group
Quote
sudo usermod -aG sudo username
That still leaves me wit allowing only some users access to PAM.
7
Directory and Authentication / PAM User to sudoers
« on: January 17, 2023, 12:00:41 pm »
I understand that it is possible (and easy) to allow AD users to login to the server via ssh; PAM settings under "Users and Computers" -> LDAP Settings.
However this allows all users to have a system account.
Could anyone suggest how can I enable shell for one or some of the AD users?
Also I'm trying to figure out how to add an AD user to system sudoers?
I tried
adding
Neither allows me to escalate privilages and I get "Domain\Username is not in the sudoers file. This incident will be reported."
However this allows all users to have a system account.
Could anyone suggest how can I enable shell for one or some of the AD users?
Also I'm trying to figure out how to add an AD user to system sudoers?
I tried
Code: [Select]
sudo usermod -aG sudo username
adding
Code: [Select]
username ALL=(ALL:ALL) ALL
and/or
domain\username ALL=(ALL:ALL) ALL
to the /etc/sudoersNeither allows me to escalate privilages and I get "Domain\Username is not in the sudoers file. This incident will be reported."
8
Directory and Authentication / Re: Unable to get a lab software to Zentyal domain
« on: January 17, 2023, 11:50:10 am »
This is a very old post!
my suggestion to the LAB software would be to check DNS settings for the client machine. I would expect your computer does not know where your .com domain is.
You can add it manually to C:\Windows\System32\drivers\etc\hosts and later replace by your network DNS configuration
Also, using the Administrator account for AD queries isn't the best idea.
my suggestion to the LAB software would be to check DNS settings for the client machine. I would expect your computer does not know where your .com domain is.
You can add it manually to C:\Windows\System32\drivers\etc\hosts and later replace by your network DNS configuration
Also, using the Administrator account for AD queries isn't the best idea.
9
Directory and Authentication / Re: Unauthenticated LDAP Bind
« on: January 17, 2023, 11:41:24 am »
Hi,
not sure what to suggest, maybe apart from configuring firewall.
You could also raise an issue on https://github.com/zentyal/zentyal/issues if you can provide more details, this might be looked at by the developers.
not sure what to suggest, maybe apart from configuring firewall.
You could also raise an issue on https://github.com/zentyal/zentyal/issues if you can provide more details, this might be looked at by the developers.
10
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 16, 2022, 03:01:24 pm »Quote
i installed it with no webGUIhmm, doesn't this answer your question?
I think you've decided not to install Window Manager in which case you will only be able to access the server via SSH/noVNC command line or webadmin (https://ip:8443).
You won't get graphical user login without Window manager installed.
11
Other modules / smbd_audit fails
« on: December 15, 2022, 03:14:25 pm »
I created an AD user for and network enabled scanner to use (scan_user) and there is a network share with Read/Write permissions for that user (networkscan)
If I run journalctl -xe I get this:
It does NOT affect operation and users can scan to the share but why am I getting the smbd_audit fails?
If I run journalctl -xe I get this:
Code: [Select]
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|security.NTACL
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|security.NTACL
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|user.DOSATTRIB
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|get_dos_attributes|fail (No data available)|/home/samba/shares/networkscan
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|get_shadow_copy_data|fail (Function not implemented)|
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|fsctl|fail (Function not implemented)|
It does NOT affect operation and users can scan to the share but why am I getting the smbd_audit fails?
12
Directory and Authentication / Radius Authentication Issues
« on: December 15, 2022, 02:48:44 pm »
In my system I use Cisco Catalyst 802.1x for wireless authentication. AP -> Switch -> Zentyal (Radius) -> yes/no
Windows, Android etc, all are working well and users can access network without problems.
However, a HP plotter has some limited settings and trips RADUIS authentication.
With WPA-Enterprise LEAP I get
with WPA-Enterprise PEAP:
My guess would be ERROR: TLS Alert write:fatal:protocol version TLS version.
Can someone tell me how do I force RADIUS to log used protocol&version or how to enable all TLS so I can at least pin point which version to use?
Windows, Android etc, all are working well and users can access network without problems.
However, a HP plotter has some limited settings and trips RADUIS authentication.
With WPA-Enterprise LEAP I get
Code: [Select]
Auth: (1600) Login incorrect (eap_leap: No Cleartext-Password or NT-Password configured for this user): [hp_user]
with WPA-Enterprise PEAP:
Code: [Select]
(1812) Login incorrect (eap_peap: TLS Alert write:fatal:protocol version): [hp_user] (from client x.x.x.x/32 port 60000 cli 40-A8-F0-88-xx-xx)
Thu Dec 15 12:49:06 2022 : ERROR: (1815) eap_peap: ERROR: TLS Alert write:fatal:protocol version
My guess would be ERROR: TLS Alert write:fatal:protocol version TLS version.
Can someone tell me how do I force RADIUS to log used protocol&version or how to enable all TLS so I can at least pin point which version to use?
13
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 14, 2022, 04:56:22 pm »
proxmox with noVNC
It happens sometime that my setup goes to tty1 (for whatever reason)
expand the noVNC side menu, toggle ALT and press F7 on your keyboard. Does work for me..
like here:
https://imgur.com/a/v29gyOe
It happens sometime that my setup goes to tty1 (for whatever reason)
expand the noVNC side menu, toggle ALT and press F7 on your keyboard. Does work for me..
like here:
https://imgur.com/a/v29gyOe
14
Installation and Upgrades / Re: Yet another installation on Ubuntu 20.04 - some question
« on: December 08, 2022, 04:04:43 pm »Quote
Also, keep in mind that Zentyal only displays in the GUI the DNS records created by hand in the GUI itself, the rest of the records must be queried using the CLI.
* https://wiki.samba.org/index.php/DNS_Administration#Listing_zone_records
good point, all is working but the lack of sync between GUI's is confusing
15
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 08, 2022, 03:45:24 pm »
now that's a better screen
you can clearly see that you are on the command-line console (tty1 to tty6), tty7 is what you need.
You don't explain what hypervisor you are using so try to figure yourself how to change console. Use this as a hint https://askubuntu.com/questions/1138357/how-to-enable-switch-back-to-running-gui-from-tty-in-18-04.
Alt+F7 or Ctrl+Alt+F7 does normally work.
you can clearly see that you are on the command-line console (tty1 to tty6), tty7 is what you need.
You don't explain what hypervisor you are using so try to figure yourself how to change console. Use this as a hint https://askubuntu.com/questions/1138357/how-to-enable-switch-back-to-running-gui-from-tty-in-18-04.
Alt+F7 or Ctrl+Alt+F7 does normally work.