Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: What's wrong with Zentyal LDAP ? (3.0)
« on: February 21, 2013, 01:40:43 pm »As far as I know, zentyalro user cannot read passowords, please pay a look to the ACLs:
Code: [Select]
olcAccess: {0}to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by dn="cn=zentyal,<% $dn %>" manage
by * break
olcAccess: {1}to attrs=userPassword,shadowLastChange,krb5Key
by dn="cn=zentyal,<% $dn %>" write
by anonymous auth
by dn="cn=zentyalro,<% $dn %>" none
by self write
by * none
olcAccess: {2}to * by users read
Only zentyal user can do that.
Sincerely, I think that using zentyalro for your approach is a good option (some zentyal modules already do that, mail, zarafa...). And it's secure. I agree that we may communicate it better to the user, but nothing else
Regards
2
Installation and Upgrades / Re: What's wrong with Zentyal LDAP ? (3.0)
« on: February 21, 2013, 01:05:26 pm »
Hi christian,
You don't need anonymous access to authenticate users, some of the Zentyal modules implement bind based authentication. In summary these are the steps you need to make it work:
Configure base dn for your users (or regexp), which will give you the DN for any username. Example:
BASE_DN = ou=Users,dc=zentyal,dc=com
Now, your applications now that for a given user (ie exekias), the DN is:
uid=<username>,ou=Users,dc=zentyal,dc=com
It only needs to bind to Zentyal LDAP, and authenticate the user if everything goes well.
Most applications support this kind of configuration! (I have tested a lot, for example: wordpress, openerp, moodle, sugarcrm...)
Moreover, if you need to do this based on a search, you can use zentyalro account for that
I agree that it should be shown on the interface, bug probably we will fix that for 3.2
Best regards
You don't need anonymous access to authenticate users, some of the Zentyal modules implement bind based authentication. In summary these are the steps you need to make it work:
Configure base dn for your users (or regexp), which will give you the DN for any username. Example:
BASE_DN = ou=Users,dc=zentyal,dc=com
Now, your applications now that for a given user (ie exekias), the DN is:
uid=<username>,ou=Users,dc=zentyal,dc=com
It only needs to bind to Zentyal LDAP, and authenticate the user if everything goes well.
Most applications support this kind of configuration! (I have tested a lot, for example: wordpress, openerp, moodle, sugarcrm...)
Moreover, if you need to do this based on a search, you can use zentyalro account for that
I agree that it should be shown on the interface, bug probably we will fix that for 3.2Best regards
3
Installation and Upgrades / Re: Remote API? Enhanced User Attributes? Account creation delegation.
« on: September 03, 2012, 10:58:40 am »
Hi mutax,
And welcome to Zentyal Community
Your approach seems correct to me congratulations!
If you want to use a RPC mechanism you can try to hack our master-slave architecture to act as a Zentyal master, I can help you on this
I would recommend to do it on 3.0 version, because we have changed master-slave and if you implement this for 2.2 the code will be obsolete soon.
All you have to do to make this work is create a SOAP client and call procedures defined on:
In order to get the calls allowed you need to hack the slave register process, so Zentyal will allow you as master. To do so you need to create a certificate and use it on the SSL calls to the SOAP service.
I will be around IRC (#zentyal at freenode) or email (cperez at zentyal.com) so if you want some help on the master-slave setup, just ping me
And welcome to Zentyal Community
Your approach seems correct to me
congratulations!If you want to use a RPC mechanism you can try to hack our master-slave architecture to act as a Zentyal master, I can help you on this
I would recommend to do it on 3.0 version, because we have changed master-slave and if you implement this for 2.2 the code will be obsolete soon.
All you have to do to make this work is create a SOAP client and call procedures defined on:
Code: [Select]
main/users/src/EBox/UsersSync/SOAPSlave.pmIn order to get the calls allowed you need to hack the slave register process, so Zentyal will allow you as master. To do so you need to create a certificate and use it on the SSL calls to the SOAP service.
I will be around IRC (#zentyal at freenode) or email (cperez at zentyal.com) so if you want some help on the master-slave setup, just ping me
4
Installation and Upgrades / Re: LDAP Settings Issue
« on: June 20, 2012, 03:40:07 pm »
Hi all,
Your problem is that once users is enabled, you cannot change the base dn. If you want to do it you will need to reconfigure users module (but this will delete your current users + configuration):
/usr/share/zentyal/unconfigure-module users
And then configure your desired DN in Users menu, before enabling it.
Best regards
Your problem is that once users is enabled, you cannot change the base dn. If you want to do it you will need to reconfigure users module (but this will delete your current users + configuration):
/usr/share/zentyal/unconfigure-module users
And then configure your desired DN in Users menu, before enabling it.
Best regards
5
Installation and Upgrades / Re: Ldap slave sync
« on: June 12, 2012, 03:08:05 am »
Hi Olimar,
As robb said, now masters can have modules too. So your problem should be with replication itself. Can you look at your /var/log/zentyal/zentyal.log file (in Master server) and see if you see any sync errors? They should happen every 5 minutes if present.
Also, is the master showing the slave in slaves table? Is its hostname correct?
Thank you for your feedback, new master-slave architecture is now on beta, and can have some glitches on special cases, so your feedback is really appreciated
Best regards!
As robb said, now masters can have modules too. So your problem should be with replication itself. Can you look at your /var/log/zentyal/zentyal.log file (in Master server) and see if you see any sync errors? They should happen every 5 minutes if present.
Also, is the master showing the slave in slaves table? Is its hostname correct?
Thank you for your feedback, new master-slave architecture is now on beta, and can have some glitches on special cases, so your feedback is really appreciated
Best regards!
6
Spanish / Re: Sugerencia de mejora de acceso al webmail y al GroupWare Zarafa
« on: May 19, 2012, 06:02:28 pm »
Hola,
Supongo que el principal motivo por el que ésto es así es que puedes alojar todo bajo el mismo dominio.
En cualquier caso parece que to comentario tiene bastante sentido, intentaré revisar esa parte de la configuración en Zentyal para ver si podemos mejorar su usabilidad.
Gracias por tu aporte!
Un saludo
Supongo que el principal motivo por el que ésto es así es que puedes alojar todo bajo el mismo dominio.
En cualquier caso parece que to comentario tiene bastante sentido, intentaré revisar esa parte de la configuración en Zentyal para ver si podemos mejorar su usabilidad.
Gracias por tu aporte!
Un saludo
7
Installation and Upgrades / Re: Portforward RDP
« on: May 09, 2012, 07:48:13 pm »
Hi arnada,
Are you following these steps: ?
http://doc.zentyal.org/en/firewall.html#port-redirection-with-zentyal
Cheers
Are you following these steps: ?
http://doc.zentyal.org/en/firewall.html#port-redirection-with-zentyal
Cheers
8
Installation and Upgrades / Re: ebox - manage-logs : Consuming cpu and memory
« on: May 07, 2012, 08:56:09 pm »
Hi skyflyer,
Currently there are 2 processes that can cause this behavior: logs and events threads, depending on your setup, if you have too much log processing this may be consuming (in ram + cpu). We are working on improving the performance of that code for 3.0, but take into account that this may be caused buy your specific configuration.
Best regards
Currently there are 2 processes that can cause this behavior: logs and events threads, depending on your setup, if you have too much log processing this may be consuming (in ram + cpu). We are working on improving the performance of that code for 3.0, but take into account that this may be caused buy your specific configuration.
Best regards
9
Installation and Upgrades / Re: Forbidden You don't have permission to access /~username on this server.
« on: May 04, 2012, 06:01:37 pm »
Hi Luke,
Probably your problem is related with file permissions. Check that the webserver can read the public_html dir (it runs under www-data user). So:
Cheers
Probably your problem is related with file permissions. Check that the webserver can read the public_html dir (it runs under www-data user). So:
Code: [Select]
cd /home/gallery
chown gallery:www-data public_html
chmod g+rx public_html
Cheers
10
Installation and Upgrades / Re: login webinterface zentyal 2.3
« on: March 05, 2012, 01:35:16 pm »
Hi guys,
Probably the problem here is that Zentyal is not aware of the change you did in the user. You will need to restart Zentyal Administration GUI to get it working:
Did it work for you?
Best regards,
Probably the problem here is that Zentyal is not aware of the change you did in the user. You will need to restart Zentyal Administration GUI to get it working:
Code: [Select]
/etc/init.d/zentyal apache restartDid it work for you?
Best regards,
11
Installation and Upgrades / Re: Installing Zentyal on Ubuntu Server 11.10 Oneiric?
« on: January 19, 2012, 07:53:59 pm »
Hi guys,
As robb said, zentyal is based on Ubuntu LTS, but take this into account: next Ubuntu LTS will be Precise Pangolin 12.04. That means that it will be out in April! We are already working on next Zentyal version, which will be based on Precise, so as soon as first Zentyal 2.3 beta is out you will be able to install and test it.
Cheers
As robb said, zentyal is based on Ubuntu LTS, but take this into account: next Ubuntu LTS will be Precise Pangolin 12.04. That means that it will be out in April! We are already working on next Zentyal version, which will be based on Precise, so as soon as first Zentyal 2.3 beta is out you will be able to install and test it.
Cheers
12
Installation and Upgrades / Re: 2.0 to 2.2 - Third-party modules
« on: January 14, 2012, 12:40:30 pm »
Hi ymangolds,
The note only applies to zentyal modules (if you made one by yourself). Migration script shouldn't make any change on services not managed by zentyal. The only related thing that it does is an "apt-get upgrade", so it should be safe for your setup.
Anyway, as you mention, is a good idea to try first on a testing environment, if you want to clone your installation you can try some cloning tool like http://clonezilla.org/
Best regards
The note only applies to zentyal modules (if you made one by yourself). Migration script shouldn't make any change on services not managed by zentyal. The only related thing that it does is an "apt-get upgrade", so it should be safe for your setup.
Anyway, as you mention, is a good idea to try first on a testing environment, if you want to clone your installation you can try some cloning tool like http://clonezilla.org/
Best regards
13
Installation and Upgrades / Re: Zentyal in a home situation
« on: January 14, 2012, 12:27:04 pm »
Hi guys,
For those of you interested in contributing, just let you know that we've recently released a new developing guide, with all you need to write a simple module. I think you will find it interesting, and the examples are very helpful!
Take a look to:
http://trac.zentyal.org/wiki/Documentation/Community/Document/Development/Tutorial
If you finally try to do something, don't hesitate to ask for help! We will be very happy if you write some module
Best regards
For those of you interested in contributing, just let you know that we've recently released a new developing guide, with all you need to write a simple module. I think you will find it interesting, and the examples are very helpful!
Take a look to:
http://trac.zentyal.org/wiki/Documentation/Community/Document/Development/Tutorial
If you finally try to do something, don't hesitate to ask for help! We will be very happy if you write some module
Best regards
14
Spanish / Re: LDAP Master/Slave - Problemas: sincronización+información de tareas pendientes
« on: January 08, 2012, 02:15:45 pm »
Hola ASRIX,
La reinstalación de los esclavos debería ser suficiente. Para hacerlo fácil tan sólo tienes que ejecutar el siguiente comando (en cada esclavo):
/usr/share/zentyal-users/reinstall
Tras ello tendrás que reconfigurar el esclavo y los módulos dependientes de Usuarios y Grupos.
Un saludo
La reinstalación de los esclavos debería ser suficiente. Para hacerlo fácil tan sólo tienes que ejecutar el siguiente comando (en cada esclavo):
/usr/share/zentyal-users/reinstall
Tras ello tendrás que reconfigurar el esclavo y los módulos dependientes de Usuarios y Grupos.
Un saludo
15
Installation and Upgrades / Re: Zentyal 2.0 -> 2.2 Update Error (Master/Slave)
« on: December 30, 2011, 04:30:34 pm »
Hi sheck,
please, after seeing that error, it would be very useful if you provide the output of this command:
Thank you
please, after seeing that error, it would be very useful if you provide the output of this command:
Code: [Select]
ps aux | grep ebox
Thank you