Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Barrydocks

Pages: [1] 2 3
Email and Groupware / Zarafa IMAP access for Thunderbird
« on: January 06, 2020, 03:11:03 pm »
So I have an ageing Zentyal 3.2 server with Zarafa that I am retiring.  I need to transfer the email to the new server running 4.2.  In the past I have used various tools to do this but my preferred method is to use Thunderbird to copy the messages across, fortunately there are only a handful of accounts.  My problem is that I cannot authenticate to the server.  I have tried imap, imaps, pop, pops without any success.  Please can someone kindly post what settings i need for username, password encryption, ports etc?


Directory and Authentication / SAMBA stops working
« on: December 01, 2016, 06:52:18 pm »
I have had 2 instances where samba has stopped working, unfortunately I have not been on site on either occurrence so a staff member has simply rebooted the server
I have looked through the syslog but can't see anything that sticks out
Currently running Zentyal 4.2 as a file server only

Any suggestions please

We have a bit of local software that will only interface with a locally installed version of out look.  I am currently upgrading our server from Zentyal v2.2 to v4.2 and all the local PCs to win7.  What is the minimum version of MS outlook that will work well with Zentyal 4.2?


Installation and Upgrades / Zentyal 3.4 and subsonic
« on: May 17, 2014, 09:59:03 am »
So I am thinking about upgrading from 2.2 to 3.4.  Currently I run subsonic on the same server as zentyal and use zentyal ldap to authenticate users for subsonic.  With the omission of openldap from 3.4 will I still be able to do this?


Installation and Upgrades / Samba Write Once Read Many (WORM)
« on: January 12, 2014, 09:01:07 pm »
I would like to set up a share that allows the user to write a file and modify or delete the file within a specific time period of the original write action.  I am using zentyal 2.2

I think the vfs_worm object will do this but I am having trouble making it work:[/b]]

I have made a samba.postsetconf script to instert the appropriate lines in the smb share which looks like this:
Code: [Select]

# This is a sample postsetconf script.

# postsetconf scripts are run after the configuration for a given module is
# written. The module will check if an executable file called
# <module>.presetconf exists in /etc/zentyal/hooks and will try to run it

# Copy this file or create a script with the appropriate name if you want
# to run some customization script after a module writes its configuration
sed 's/Photos.*/& \nworm: grace_period = 10/' /etc/samba/smb.conf > /etc/samba/temp_file
mv /etc/samba/temp_file /etc/samba/smb.conf
sed 's/Photos.*/& \nvfs objects = worm/' /etc/samba/smb.conf > /etc/samba/temp_file2
mv /etc/samba/temp_file2 /etc/samba/smb.conf
exit 0

and after restarting the file sharing module the section of the smb.conf file looks like:
Code: [Select]
vfs objects = worm
worm: grace_period = 10
 comment = Photographs
 path = /media/photos
 browseable = yes
 read only = no
 valid users = @"xbmc", @"local_users", "admin"
 read list = @"xbmc"
 write list = @"local_users"
 admin users = "admin"
 force create mode = 0660
 force directory mode = 0660
 vfs objects = full_audit vscan-clamav recycle
 vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
 recycle: versions = Yes
 recycle: repository = RecycleBin
 recycle: keeptree = Yes
 recycle: excludedir = /tmp|/var/tmp
 recycle: directory_mode = 0700

Any suggestions would be welcome?

Installation and Upgrades / GPO script help
« on: December 12, 2013, 04:09:33 pm »
So I have finally installed my first 3.2 server, now I want to take advantage of the Group Policy Objects to control the XP clients on the domain. I have never done this before and, to be honest, I am a bit overwhelmed.
Here's what I want to achieve:
1. Install the printers and make them default;
2. lock down the XP clients so that they can only run applications I choose
3. Automatically install any Windows updates
4. Automatically install and configure an application for new users or new computers

Please can someone either post some basic scripts to get me going or point me in the direction of an noobs guide that will help me achieve at least parts 1 & 2


Really not sure what is going on.  I have a fresh install of Zentyal 3.2 ruunig as a guest on KVM.

The network and dhcp server are set up and will serve IP addresses to XP clients on the LAN but will not give an IP address to my ubuntu laptop or 2 networked printers (both of which are happily getting addresses from a router)

Any suggestions?

Really need some help to get the permissions sorted for Zentyal users on the guest OS to access the shared folders.

Here's the scenario:
Host: Ubuntu Server 10.04 LTS 64 bit with Virtual box 4.2.6
Guest: Ubuntu Server 10.04 LTS 32bit with Zentyal 2.2 & Guest Additions installed

I have a directory on the host shared with the guest. I want to use the shared folder as a smb share for the guest users. Permissions on the host directory are 777. Permissions on the guest VB shared folder are 770, owned by user root and group vboxsf - I can't change this.

As you know the users on the guest are authenticated via ldap and all belong to the Zentyal ldap group __USERS__

My question is, how do I add the Zentyal ldap group __USERS__ to the local group vboxsf to allow them to access the shared directory? Alternatively, is there an automagical way to add new Zentyal users to the vboxsf group?


Also posted this on the ubuntu forums:

Installation and Upgrades / Spam & Ham learning accounts
« on: March 17, 2013, 11:29:34 pm »
In need of a little help, the spam & ham learning accounts do not seem to work on v2.2, mail forwarded to either of these accounts bounces:
Code: [Select]
The following recipient(s) could not be reached: on Sun 03/17/13 22:03:17
5.1.1 <>: Recipient address rejected: User unknown in virtual mailbox table

I have seen this bug listed as fixed:
But I do not know how to apply the fix, both accounts are available on my server:
Code: [Select]
$ sudo slapcat
dn: uid=spam,ou=Users,dc=myserver,dc=mydomain,dc=com
cn: Spam spam
uid: spam
sn: spam
loginShell: /usr/sbin/nologin
uidNumber: 1901
gidNumber: 1901
homeDirectory: /home/spam
quota: 100
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: systemQuotas
structuralObjectClass: inetOrgPerson
entryUUID: 91802e90-de47-1031-8574-7b5f0fb51fb4
creatorsName: cn=ebox,dc=myserver,dc=mydomain,dc=com
createTimestamp: 20121219164749Z
givenName: Spam
entryCSN: 20121219164749.905665Z#000000#000#000000
modifiersName: cn=ebox,dc=myserver,dc=mydomain,dc=com
modifyTimestamp: 20121219164749Z

dn: uid=ham,ou=Users,dc=myserver,dc=mydomain,dc=com
cn: Ham ham
uid: ham
sn: ham
loginShell: /usr/sbin/nologin
uidNumber: 1902
gidNumber: 1901
homeDirectory: /home/ham
quota: 100
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: systemQuotas
structuralObjectClass: inetOrgPerson
entryUUID: 918504c4-de47-1031-8575-7b5f0fb51fb4
creatorsName: cn=ebox,dc=myserver,dc=mydomain,dc=com
createTimestamp: 20121219164749Z
givenName: Ham
entryCSN: 20121219164749.934406Z#000000#000#000000
modifiersName: cn=ebox,dc=myserver,dc=mydomain,dc=com
modifyTimestamp: 20121219164749Z

I appears that there is no mail accoutn for either the spam or ham users?
Any help would be appreciated, thanks

I have a directory that needs to be writable by apache user www-data but also available to zentyal users as a smb share.  I could add all the zentyal users to the www-data group but it would be easier if I could add www-data to the ldap group __USERS__ that zentyal uses.

Any suggestions would be welcome :)

DocMGR is a simple document management system that allows version control, full text indexing of documents and integration with Zentyal mail system and LDAP user database.  It is easily installed on ubuntu with apache and php.  For more details see

This assumes you have successfully installed Ubuntu 10.04, Zentyal 2,2 and setup the users and groups module
Enable the webserver module in the Zentyal interface
Enable SSL if you want a https connection (probably advisable if the site is accessible by the rest of the world).
Ensure the correct ports are open on the firewall (usually port 80 and 443 - you will need to change the Zentyal admin port to something other than 443)
You will probably also have to set up the Zentyal CA certificates as well

To force an ssl conection to your domain:
Log in as root
Create a hook to adjust the webserver configuration:
Code: [Select]
nano /etc/zentyal/hooks/webserver.postsetconf
Paste the following:
Code: [Select]

sed '/<VirtualHost \*:80>/r /etc/apache2/apache_mod.txt' /etc/apache2/sites-available/default > /etc/apache2/sites-available/default.tmp
mv /etc/apache2/sites-available/default.tmp /etc/apache2/sites-available/default

Save the file > ctrl + x
make the webserver.postsetconf executable:
Code: [Select]
chmod +x /etc/zentyal/hooks/webserver.postsetconf
Create the apache_mod.txt file:
Code: [Select]
nano /etc/apache2/apache_mod.txt
Paste the following:
Code: [Select]
# redirect http to https
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

Make sure the apache rewrite rule is installed and enabled:
Code: [Select]
a2enmod rewrite
Restart Zentyal webserver module:
Code: [Select]
/etc/init.d/zentyal apache restart
Now browse to http://yourserver.yourdomain and you will find it redirects you to https://yourserver.yourdomain

Download the latest version of DocMGR which was 1.2.6 at the time of writting:
Code: [Select]
Untar the file:
Code: [Select]
tar xvf doc*
If you are just accessing DocMGR from your internal LAN then move the files to the webserver root directory:
Code: [Select]
mv docmgr /var/www/
Set the permissions correctly:
Code: [Select]
chown -R www-data:www-data /var/www/docmgr
If you are allowing access from the 'ternet, then you might want to put the DocMGR files somewhere else and create an alias in apache:
Code: [Select]
mv docmgr /usr/share/Set the file preferences as above.

Then setup the apache site:
Code: [Select]
nano /etc/apache2/sites-available/docmgrPaste the following:
Code: [Select]
Alias /docmgr "/usr/share/docmgr"

<Directory /usr/share/docmgr/>
    DirectoryIndex index.php
    Options -Indexes +FollowSymLinks
    AllowOverride Options

    Order allow,deny
    Allow from all
Enable the site and reload apache:
Code: [Select]
a2ensite docmgr && /etc/init.d/apache2 reload
Install a few other items that are required:
Code: [Select]
apt-get install php5 php5-cli php5-pgsql php5-ldap python-uno ocrad xpdf imagemagick zip libtiff-tools php5-pgsql python-openoffice
You now need to setup the database, I tend to use webmin for this sort of thing.  Download the current version of webmin:
Code: [Select]
Install some stuff that webmin depends on:
Code: [Select]
apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
Install webmin:
Code: [Select]
dpkg --install webmin_1.620_all.deb
Now browse to:

Log in with the user you used to setup Ubuntu with.
Goto Servers > ProgresSQL Database Server > ProgresSQL Users
Create a user with a password, ensure the Can create databases and can create users options are selected.
Create a new database for DocMGR, select your new user as the owner

Now browse to:
Follow the install instructions using the database name, user and password you created. 
If the database and the webserver are on the same machine as zentyal then set the url for the database to localhost
For the external applications make sure the following paths are used:

Path to python binary with UNO bindings (usually in OpenOffice program directory)

Path to sendmail

PHP CLI binary

Go back to your terminal window.
enter the docmgr directory:
Code: [Select]
cd /var/www/docmgr
remove the install files:
Code: [Select]
rm -r install
remove the scripts files
Code: [Select]
rm -r scripts
I would suggest moving the files directory some where else:
Code: [Select]
mv files /media/files
Now set up the basic DocMGR configuration:
Code: [Select]
nano config/config.php
Find the following lines:
Code: [Select]
//Absolute path to DocMGR files directory
Change to:
Code: [Select]
//Absolute path to DocMGR files directory

Find the following lines:
Code: [Select]
//Enable LDAP for accounts
Change to:
Code: [Select]
//Enable LDAP for accounts

Now set up the LDAP integration, you will need the information form the LDAP set up on the Users & Groups module in the Zentyal interface.  Make sure you adjust the password conception form MD5 to SHA.  Edit the ldap-config.php file,
Code: [Select]
nano config/ldap-config.phpto look like this:
Code: [Select]
//your ldap server uri

//your ldap server port

//the dn to bind to your server with

//the password of the above specified dn

//your search attribute base for accounts

//default base for creating accounts

//a search filter to limit valid accounts to

//password encrytion in database

//ldap protocol

//default group id for a new account

//base of our tree

Now you need to adjust the account.php file to use the correct password encryption:
Code: [Select]
nano lib/account/ldap.phpYou will need to find MD5 and replace with SHA and find md5 and replace with sha1 (note the case)
To enable user searches to work correctly (allows sharing of documents) fin this line:
Code: [Select]
return $ret;and add this line directly before it:
Code: [Select]
To allow users with IE and MS office installed to edit files directly in ther browser you will need WebbOffice ActiveX control, download it to the correct directory, then rename it and set the permissions:
Code: [Select]
cd controls
chown www-data:www-data

Now add a LDAP user as DocMGR admin.  Go back to webmin and select you docmgr database which will now contain tables etc, select Execute SQL, paste the following:
Code: [Select]
INSERT INTO auth.accountperm (account_id,bitset,enable,bitmask) VALUES ('2001','1','t','00000000000000000000000000000001');where 2001 is the uid of the user you want to use, generally speaking Zentyal creates the uid in order of user creation so 2001 will be the first user you created, 2002 the second and so forth.

Finally, set the user to be used for indexing otherwise it won't work - this needs to be the same uid as the admin user:
Code: [Select]
nano bin/docmgr-indexer.php
Find these lines at the top:
Code: [Select]
//set which DocMGR user id the script should run as.  defaults to
//"admin" user
Change to:
Code: [Select]
//set which DocMGR user id the script should run as.  defaults to
//"admin" user
You will also need to comment out these 2 lines in order to make the indexing work correctly as the ldap user:
Code: [Select]
$a = new AUTH($info["login"],$info["password"]);
if ($a->getError()) die($a->getError()."\n");

Now login to DocMGR and have fun!!

To reindex all the documents in the library just use this command:
Code: [Select]
php bin/docmgr-indexer.php --reindex-all
Other things:
You could make the import directory a samba share in zentyal, but I am not sure what permissions are needed.  Similarly you could create a symlink to the users home directory and the DocMGR users directory, I expect there could be an elegant method of doing this automgically with php and variable such as $HOME etc?

This worked for me but I can't guarantee it will work for you, I am not an IT professional so I am more than happy if you spot any glaring errors or omissions  :)

I am trying to set up DocMGR as a document management system, currently I have managed to get everything to work except authenticating users against my LDAP server which is Zentyal 2.2.

Here is the document ation form the DocMGR site:

Here is my ldap-config.php file for DocMGR:
Code: [Select]
<?php /******************************************************************************$ 
Fileame: ldap-config.php 

Purpose: Contains all settings for ldap connectiving and attribute mapping 

Created: 11-20-2005 

LDAP Connectivity 

//your ldap server uri 

//your ldap server port 

//the dn to bind to your server with 

//the password of the above specified dn 

//your search attribute base for accounts 

//default base for creating accounts 

//a search filter to limit valid accounts to 

//password encrytion in database 

//ldap protocol 

//default group id for a new account 

//base of our tree 

Attribute Mapping *
define("LDAP_UID","uid"); define("LDAP_UIDNUMBER","uidNumber"); 
define("LDAP_SN","sn"); define("LDAP_GECOS","gecos"); 
define("LDAP_GIVENNAME","givenName"); define("LDAP_MAIL","mail"); 

//your dn in your directory should look like this: 
//ex: uid=mylogin,ou=people,dc=mydomain,dc=com

I have posted on the DocMGR project forum but the response time is not exactly quick :(

I would be grateful for any suggestions as I am not entirely sure these settings are correct.


Installation and Upgrades / blocking access attempts by IP address
« on: February 09, 2013, 05:42:38 pm »
We have had a number of breaking attempts via ssh.  Nobody has got in but it floods the syslogs with alerts.  Is there any way to configure the zentyal firewall and/or IDS to block access according to number of failed attempts and IP address?  I suspect it might be do able via the events and dispatchers?


I am trying to get the virtual machine manager in 2.2 to work with virtualbox.  I have a fresh install of ubuntu 10.04 and have installed virtualbox from the standard repos (I think it is version 3.2)but when I try to install zentyal-virt, it also installs kvm as well.  I have also tried with virtualbox4.2 but have tha same problem. 

I have managed it earlier in the week but can't seem to get it to work now.  Please can someone tell me which vision of virtualbox I need to use?

Installation and Upgrades / FTP help
« on: December 24, 2012, 09:11:13 am »
running zentyal 2.2 but I can't get any ftp clients to connect with ssl enabled, tried fireftp, and several android clients that support ssl.  With ssl disabled there is not problem connecting.  There doesn't seem to be anything in the logs either??

Suggestions are welcome

Pages: [1] 2 3