Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - shahdivy

Pages: [1] 2
1
Unfortunately, I have not been able to find the solution.   

Currently, I am just mapping in user profile home folder from QNAP.  Wanted to map other shared folders which are done manually at each client!

2
Installation and Upgrades / Re: Connecting to Zentyal 5.0.2 LDAP
« on: April 19, 2017, 04:35:27 pm »
I was able to setup LDAP authentication on pfsense firewall.  Use following to debug.

LDAP is running on port 389.  Confirm by running on zentyal server - "nmap -v localhost"

Look on GUI for zentyal server -> Users and Computers -> LDAP settings.

Another useful tool "dsquery" from client will help debug..

https://social.technet.microsoft.com/Forums/windowsserver/en-US/fdcff84a-21a7-4403-bc4e-b4c7255f69fd/how-to-test-an-ldap-connection-via-dsquery-command?forum=winserverDS

Regards to user - I created new user for LDAP and used it.  Note - review dsquery output to figure out what you need to use for using that account correctly.  It does not use username!

Hope this helps.

3
LDAP is running on port 389.  Confirm by running on zentyal server - "nmap -v localhost"

Look on GUI for zentyal server -> Users and Computers -> LDAP settings.

Another useful tool "dsquery" from client will help debug..

https://social.technet.microsoft.com/Forums/windowsserver/en-US/fdcff84a-21a7-4403-bc4e-b4c7255f69fd/how-to-test-an-ldap-connection-via-dsquery-command?forum=winserverDS

Hope this helps.



4
Update:

Looks like /etc/network/interfaces file gets overwritten when server is rebooted..   Need to figure out permanent fix..

5
Following older article - https://forum.zentyal.org/index.php?topic=21190.0

Added gateway in /etc/network/interfaces file
/etc/init.d/networking restart

Now I am able to route traffic to Internet and local network works as well.

6
Update:

Was able to fix issue of routing to internet by  selecting External (WAN) box in

Network -> Interfaces section.

But this broke local access to the server - SSH or DNS did not work.

After I finished update, I had to uncheck box to get it working!!  Strange issue as other servers are working fine without checking box.

More info on server:

It has 2 interfaces as follows:

bksdadmin@amddc02:~$ netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.16.0     0.0.0.0         255.255.255.0   U         0 0          0 eno1
172.16.17.0     0.0.0.0         255.255.255.0   U         0 0          0 enp1s10
bksdadmin@amddc02:~$

Selected external WAN box for en01 to get external routing working.  Yes there is no default gateway but it works!  Not sure how zentyal is managing default gateways.

Still doing investigating more on this issue.

7
Performed Component updates -  Network/Firewall modules on April 10,2017 which was successful.  After that tried performing rest of updates which were failing.

Checked log  /var/log/zentyal/zentyal.log file to find errors -

2017/04/10 22:20:09 ERROR> install-packages:94 main:: - Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/g/glibc/multiarch-support_2.23-0ubuntu7_amd64.deb  Cannot initiate the connection to us.archive.ubuntu.com:80 (91.189.91.26). - connect (101: Network is unreachable) [IP: 91.189.91.26 80]

Traceroute also gave same error:

#traceroute yahoo.com
traceroute to yahoo.com (98.138.253.109), 30 hops max, 60 byte packets
connect: Network is unreachable

Issue: After component upgrade, routing to external network broke. 

I have performed same upgrade on another system which did not have issue.!

8
Hopefully we will see a fix for it. 

We have created reverse lookup zones manually and started to add entries manually - specially for servers.

Clients are still failing with the same failure message.   

9
I had to rebuild server as could not find any solution.  As suggested, had filed issue on github as well but there was no solution found. 

10
Problem is solved by updating /etc/default/grub file

Added option - i915.enable_rc6=0

Here is website for reference -   https://wiki.ubuntu.com/Kernel/PowerManagementRC6

Debugging steps which helped for this issue - performing tail -f /var/log/syslog and hope to capture last entries on screen.  Note syslog file gets rotated by cron and so it will stop updating when that happens..


11
Have been monitoring syslog and seems to have one common last message seen - see attached screenshot

*ERROR* timeout setting power well state

Tried stopping service acpid and it still crashed.  Still looking..


12
I have Zenytal 5.0 additional server for DNS and Domain controller. 

After system hang, 3 services are not starting after boot - bind9, ntp and redis-server.

I can manually start bind9 and ntp services.  redis-server does not want to come online.

Following from the syslog file:

Mar  3 14:09:08 alndc03 systemd[1]: Started Advanced key-value store.
Mar  3 14:09:08 alndc03 systemd[1]: redis-server.service: Main process exited, code=killed, status=11/SEGV
Mar  3 14:09:08 alndc03 systemd[1]: redis-server.service: Unit entered failed state.
Mar  3 14:09:08 alndc03 systemd[1]: redis-server.service: Failed with result 'signal'.
Mar  3 14:09:08 alndc03 systemd[1]: redis-server.service: Service hold-off time over, scheduling restart.
Mar  3 14:09:08 alndc03 systemd[1]: Stopped Advanced key-value store.
Mar  3 14:09:08 alndc03 systemd[1]: redis-server.service: Start request repeated too quickly.
Mar  3 14:09:08 alndc03 systemd[1]: Failed to start Advanced key-value store.

Any ideas?  Thanks,

13
Its not recursive and its valid IP of a client.  This message is appearing for all clients on network.

I have opened another thread to see if I can get help to fix reverse lookup zone issue.  Thanks,

14
Other modules / DNS reverse lookup is not setup - update <domain>/IN denied
« on: February 28, 2017, 07:52:27 pm »
I have Zentyal PDC and 2 Additional DC servers running Development version 5.0 ( upgraded to 5.0.7)

Configuration: - Site A - PDC and ADC ( 2 servers)
                     - Site B - ADC ( 1 server)

DNS is working by name (forward lookup) but reverse lookup by IP is not working.

In syslog, following messages show up:

Mar  1 00:19:57 amddc01 named[1541]: samba_dlz: starting transaction on zone bksd.com
Mar  1 00:19:57 amddc01 named[1541]: client 172.16.16.73#60108: update 'bksd.com/IN' denied
Mar  1 00:19:57 amddc01 named[1541]: samba_dlz: cancelling transaction on zone bksd.com

Do not see any reverse lookup files setup in /etc/bind directory.  I thought its suppose to be automatically setup.  Any suggestion if this needs to be setup manually? 

Using RSAT tools on windows 10 client to manage adding DNS A records  which seems to be working and replicating to all servers correctly.

15
Update - Still having issues with random freezing / hanging of systems.  Trying to review syslog messages and trying to fix issues to see if it helps. 

Currently looking at DNS reverse lookup zone issue  - looks like its not setup. 

E.g. of errors noticed:

named[1541]: client 172.16.17.77#53874: update 'bksd.com/IN' denied

29 updates were installed today to see if any of them help as well. 

Pages: [1] 2