Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Barrydocks

Pages: [1] 2 3
1
Email and Groupware / Zarafa IMAP access for Thunderbird
« on: January 06, 2020, 03:11:03 pm »
So I have an ageing Zentyal 3.2 server with Zarafa that I am retiring.  I need to transfer the email to the new server running 4.2.  In the past I have used various tools to do this but my preferred method is to use Thunderbird to copy the messages across, fortunately there are only a handful of accounts.  My problem is that I cannot authenticate to the server.  I have tried imap, imaps, pop, pops without any success.  Please can someone kindly post what settings i need for username, password encryption, ports etc?

Thanks

2
Directory and Authentication / SAMBA stops working
« on: December 01, 2016, 06:52:18 pm »
I have had 2 instances where samba has stopped working, unfortunately I have not been on site on either occurrence so a staff member has simply rebooted the server
I have looked through the syslog but can't see anything that sticks out
Currently running Zentyal 4.2 as a file server only

Any suggestions please

3
We have a bit of local software that will only interface with a locally installed version of out look.  I am currently upgrading our server from Zentyal v2.2 to v4.2 and all the local PCs to win7.  What is the minimum version of MS outlook that will work well with Zentyal 4.2?

Thanks

4
Installation and Upgrades / Zentyal 3.4 and subsonic
« on: May 17, 2014, 09:59:03 am »
So I am thinking about upgrading from 2.2 to 3.4.  Currently I run subsonic on the same server as zentyal and use zentyal ldap to authenticate users for subsonic.  With the omission of openldap from 3.4 will I still be able to do this?

Thanks

5
Installation and Upgrades / Samba Write Once Read Many (WORM)
« on: January 12, 2014, 09:01:07 pm »
I would like to set up a share that allows the user to write a file and modify or delete the file within a specific time period of the original write action.  I am using zentyal 2.2

I think the vfs_worm object will do this but I am having trouble making it work:
https://wiki.samba.org/index.php/VFS/vfs_worm[/b]]https://wiki.samba.org/index.php/VFS/vfs_worm

I have made a samba.postsetconf script to instert the appropriate lines in the smb share which looks like this:
Code: [Select]
#!/bin/sh

# This is a sample postsetconf script.

# postsetconf scripts are run after the configuration for a given module is
# written. The module will check if an executable file called
# <module>.presetconf exists in /etc/zentyal/hooks and will try to run it

# Copy this file or create a script with the appropriate name if you want
# to run some customization script after a module writes its configuration
sed 's/Photos.*/& \nworm: grace_period = 10/' /etc/samba/smb.conf > /etc/samba/temp_file
mv /etc/samba/temp_file /etc/samba/smb.conf
sed 's/Photos.*/& \nvfs objects = worm/' /etc/samba/smb.conf > /etc/samba/temp_file2
mv /etc/samba/temp_file2 /etc/samba/smb.conf
exit 0

and after restarting the file sharing module the section of the smb.conf file looks like:
Code: [Select]
[Photos] 
vfs objects = worm
worm: grace_period = 10
 comment = Photographs
 path = /media/photos
 browseable = yes
 read only = no
 valid users = @"xbmc", @"local_users", "admin"
 read list = @"xbmc"
 write list = @"local_users"
 admin users = "admin"
 force create mode = 0660
 force directory mode = 0660
 vfs objects = full_audit vscan-clamav recycle
 vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
 recycle: versions = Yes
 recycle: repository = RecycleBin
 recycle: keeptree = Yes
 recycle: excludedir = /tmp|/var/tmp
 recycle: directory_mode = 0700

Any suggestions would be welcome?

6
Installation and Upgrades / GPO script help
« on: December 12, 2013, 04:09:33 pm »
So I have finally installed my first 3.2 server, now I want to take advantage of the Group Policy Objects to control the XP clients on the domain. I have never done this before and, to be honest, I am a bit overwhelmed.
Here's what I want to achieve:
1. Install the printers and make them default;
2. lock down the XP clients so that they can only run applications I choose
3. Automatically install any Windows updates
4. Automatically install and configure an application for new users or new computers

Please can someone either post some basic scripts to get me going or point me in the direction of an noobs guide that will help me achieve at least parts 1 & 2

Thanks

7
Really not sure what is going on.  I have a fresh install of Zentyal 3.2 ruunig as a guest on KVM.

The network and dhcp server are set up and will serve IP addresses to XP clients on the LAN but will not give an IP address to my ubuntu laptop or 2 networked printers (both of which are happily getting addresses from a router)

Any suggestions?

8
Really need some help to get the permissions sorted for Zentyal users on the guest OS to access the shared folders.

Here's the scenario:
Host: Ubuntu Server 10.04 LTS 64 bit with Virtual box 4.2.6
Guest: Ubuntu Server 10.04 LTS 32bit with Zentyal 2.2 & Guest Additions installed

I have a directory on the host shared with the guest. I want to use the shared folder as a smb share for the guest users. Permissions on the host directory are 777. Permissions on the guest VB shared folder are 770, owned by user root and group vboxsf - I can't change this.

As you know the users on the guest are authenticated via ldap and all belong to the Zentyal ldap group __USERS__

My question is, how do I add the Zentyal ldap group __USERS__ to the local group vboxsf to allow them to access the shared directory? Alternatively, is there an automagical way to add new Zentyal users to the vboxsf group?

Thanks

Also posted this on the ubuntu forums: http://ubuntuforums.org/showthread.php?t=2143616

9
Installation and Upgrades / Spam & Ham learning accounts
« on: March 17, 2013, 11:29:34 pm »
In need of a little help, the spam & ham learning accounts do not seem to work on v2.2, mail forwarded to either of these accounts bounces:
Code: [Select]
The following recipient(s) could not be reached:

spam@mydomain.com on Sun 03/17/13 22:03:17
5.1.1 <spam@mydomain.com>: Recipient address rejected: User unknown in virtual mailbox table

I have seen this bug listed as fixed:
http://trac.zentyal.org/ticket/3331
But I do not know how to apply the fix, both accounts are available on my server:
Code: [Select]
$ sudo slapcat
dn: uid=spam,ou=Users,dc=myserver,dc=mydomain,dc=com
cn: Spam spam
uid: spam
sn: spam
loginShell: /usr/sbin/nologin
uidNumber: 1901
gidNumber: 1901
homeDirectory: /home/spam
userPassword:
quota: 100
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: systemQuotas
structuralObjectClass: inetOrgPerson
entryUUID: 91802e90-de47-1031-8574-7b5f0fb51fb4
creatorsName: cn=ebox,dc=myserver,dc=mydomain,dc=com
createTimestamp: 20121219164749Z
givenName: Spam
entryCSN: 20121219164749.905665Z#000000#000#000000
modifiersName: cn=ebox,dc=myserver,dc=mydomain,dc=com
modifyTimestamp: 20121219164749Z

dn: uid=ham,ou=Users,dc=myserver,dc=mydomain,dc=com
cn: Ham ham
uid: ham
sn: ham
loginShell: /usr/sbin/nologin
uidNumber: 1902
gidNumber: 1901
homeDirectory: /home/ham
userPassword:
quota: 100
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
objectClass: systemQuotas
structuralObjectClass: inetOrgPerson
entryUUID: 918504c4-de47-1031-8575-7b5f0fb51fb4
creatorsName: cn=ebox,dc=myserver,dc=mydomain,dc=com
createTimestamp: 20121219164749Z
givenName: Ham
entryCSN: 20121219164749.934406Z#000000#000#000000
modifiersName: cn=ebox,dc=myserver,dc=mydomain,dc=com
modifyTimestamp: 20121219164749Z

I appears that there is no mail accoutn for either the spam or ham users?
Any help would be appreciated, thanks

10
I have a directory that needs to be writable by apache user www-data but also available to zentyal users as a smb share.  I could add all the zentyal users to the www-data group but it would be easier if I could add www-data to the ldap group __USERS__ that zentyal uses.

Any suggestions would be welcome :)

11
DocMGR is a simple document management system that allows version control, full text indexing of documents and integration with Zentyal mail system and LDAP user database.  It is easily installed on ubuntu with apache and php.  For more details see www.docmgr.org

This assumes you have successfully installed Ubuntu 10.04, Zentyal 2,2 and setup the users and groups module
Enable the webserver module in the Zentyal interface
Enable SSL if you want a https connection (probably advisable if the site is accessible by the rest of the world).
Ensure the correct ports are open on the firewall (usually port 80 and 443 - you will need to change the Zentyal admin port to something other than 443)
You will probably also have to set up the Zentyal CA certificates as well

To force an ssl conection to your domain:
Log in as root
Create a hook to adjust the webserver configuration:
Code: [Select]
nano /etc/zentyal/hooks/webserver.postsetconf
Paste the following:
Code: [Select]
#!/bin/sh

sed '/<VirtualHost \*:80>/r /etc/apache2/apache_mod.txt' /etc/apache2/sites-available/default > /etc/apache2/sites-available/default.tmp
mv /etc/apache2/sites-available/default.tmp /etc/apache2/sites-available/default

Save the file > ctrl + x
make the webserver.postsetconf executable:
Code: [Select]
chmod +x /etc/zentyal/hooks/webserver.postsetconf
Create the apache_mod.txt file:
Code: [Select]
nano /etc/apache2/apache_mod.txt
Paste the following:
Code: [Select]
# redirect http to https
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

Make sure the apache rewrite rule is installed and enabled:
Code: [Select]
a2enmod rewrite
Restart Zentyal webserver module:
Code: [Select]
/etc/init.d/zentyal apache restart
Now browse to http://yourserver.yourdomain and you will find it redirects you to https://yourserver.yourdomain

Download the latest version of DocMGR which was 1.2.6 at the time of writting:
Code: [Select]
wget https://downloads.sourceforge.net/project/docmgr/docmgr/1.2.6/docmgr-1.2.6.tar.gz
Untar the file:
Code: [Select]
tar xvf doc*
If you are just accessing DocMGR from your internal LAN then move the files to the webserver root directory:
Code: [Select]
mv docmgr /var/www/
Set the permissions correctly:
Code: [Select]
chown -R www-data:www-data /var/www/docmgr
If you are allowing access from the 'ternet, then you might want to put the DocMGR files somewhere else and create an alias in apache:
Code: [Select]
mv docmgr /usr/share/Set the file preferences as above.

Then setup the apache site:
Code: [Select]
nano /etc/apache2/sites-available/docmgrPaste the following:
Code: [Select]
Alias /docmgr "/usr/share/docmgr"

<Directory /usr/share/docmgr/>
    DirectoryIndex index.php
    Options -Indexes +FollowSymLinks
    AllowOverride Options

    Order allow,deny
    Allow from all
</Directory>
Enable the site and reload apache:
Code: [Select]
a2ensite docmgr && /etc/init.d/apache2 reload
Install a few other items that are required:
Code: [Select]
apt-get install php5 php5-cli php5-pgsql php5-ldap python-uno ocrad xpdf imagemagick zip libtiff-tools openoffice.org-core php5-pgsql openoffice.org-writer openoffice.org-calc openoffice.org-draw openoffice.org-impress openoffice.org-java-common openoffice.org-headless python-openoffice
You now need to setup the database, I tend to use webmin for this sort of thing.  Download the current version of webmin:
Code: [Select]
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.620_all.deb
Install some stuff that webmin depends on:
Code: [Select]
apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
Install webmin:
Code: [Select]
dpkg --install webmin_1.620_all.deb
Now browse to:
https://yourserver.yourdomain:10000

Log in with the user you used to setup Ubuntu with.
Goto Servers > ProgresSQL Database Server > ProgresSQL Users
Create a user with a password, ensure the Can create databases and can create users options are selected.
Create a new database for DocMGR, select your new user as the owner

Now browse to:
https://yourserver.yourdomain/docmgr
Follow the install instructions using the database name, user and password you created. 
If the database and the webserver are on the same machine as zentyal then set the url for the database to localhost
For the external applications make sure the following paths are used:

Path to python binary with UNO bindings (usually in OpenOffice program directory)
/usr/lib/openoffice/program

Path to sendmail
/usr/lib/sendmail

PHP CLI binary
/usr/bin/php

Go back to your terminal window.
enter the docmgr directory:
Code: [Select]
cd /var/www/docmgr
remove the install files:
Code: [Select]
rm -r install
remove the scripts files
Code: [Select]
rm -r scripts
I would suggest moving the files directory some where else:
Code: [Select]
mv files /media/files
Now set up the basic DocMGR configuration:
Code: [Select]
nano config/config.php
Find the following lines:
Code: [Select]
//Absolute path to DocMGR files directory
define("FILE_DIR",SITE_PATH."/files");
Change to:
Code: [Select]
//Absolute path to DocMGR files directory
//define("FILE_DIR",SITE_PATH."/files");
define("FILE_DIR","/media/files");

Find the following lines:
Code: [Select]
//Enable LDAP for accounts
//define("USE_LDAP","1");
Change to:
Code: [Select]
//Enable LDAP for accounts
define("USE_LDAP","1");


Now set up the LDAP integration, you will need the information form the LDAP set up on the Users & Groups module in the Zentyal interface.  Make sure you adjust the password conception form MD5 to SHA.  Edit the ldap-config.php file,
Code: [Select]
nano config/ldap-config.phpto look like this:
Code: [Select]
//your ldap server uri
define("LDAP_SERVER","ldap://localhost");

//your ldap server port
define("LDAP_PORT","389");

//the dn to bind to your server with
define("BIND_DN","cn=ebox,dc=yourserver,dc=yourdomain.com,dc=com");

//the password of the above specified dn
define("BIND_PASSWORD","scerete");

//your search attribute base for accounts
define("LDAP_BASE","ou=Users,dc=yourserver,dc=yourdomain,dc=com");

//default base for creating accounts
define("LDAP_CREATE_BASE",LDAP_BASE);

//a search filter to limit valid accounts to
define("LDAP_FILTER","(uid=*)");

//password encrytion in database
define("LDAP_CRYPT","SHA");

//ldap protocol
define("LDAP_PROTOCOL","3");

//default group id for a new account
define("DEFAULT_GID","100");

//base of our tree
define("LDAP_ROOT","dc=yourserver,dc=yourdomain,dc=com");

Now you need to adjust the account.php file to use the correct password encryption:
Code: [Select]
nano lib/account/ldap.phpYou will need to find MD5 and replace with SHA and find md5 and replace with sha1 (note the case)
To enable user searches to work correctly (allows sharing of documents) fin this line:
Code: [Select]
return $ret;and add this line directly before it:
Code: [Select]
$ret["count"]=$num;
To allow users with IE and MS office installed to edit files directly in ther browser you will need WebbOffice ActiveX control, download it to the correct directory, then rename it and set the permissions:
Code: [Select]
cd controls
wget http://www.dianju.cn/p/weboffice/html/weboffice_v6.0.5.0.cab
mv weboffice_v6.0.5.0.cab weboffice.cab
chown www-data:www-data weboffice.cab

Now add a LDAP user as DocMGR admin.  Go back to webmin and select you docmgr database which will now contain tables etc, select Execute SQL, paste the following:
Code: [Select]
INSERT INTO auth.accountperm (account_id,bitset,enable,bitmask) VALUES ('2001','1','t','00000000000000000000000000000001');where 2001 is the uid of the user you want to use, generally speaking Zentyal creates the uid in order of user creation so 2001 will be the first user you created, 2002 the second and so forth.

Finally, set the user to be used for indexing otherwise it won't work - this needs to be the same uid as the admin user:
Code: [Select]
nano bin/docmgr-indexer.php
Find these lines at the top:
Code: [Select]
//set which DocMGR user id the script should run as.  defaults to
//"admin" user
define("USER_ID","1");
Change to:
Code: [Select]
//set which DocMGR user id the script should run as.  defaults to
//"admin" user
//define("USER_ID","1");
define("USER_ID","2001");
You will also need to comment out these 2 lines in order to make the indexing work correctly as the ldap user:
Code: [Select]
$a = new AUTH($info["login"],$info["password"]);
if ($a->getError()) die($a->getError()."\n");

Now login to DocMGR and have fun!!

To reindex all the documents in the library just use this command:
Code: [Select]
php bin/docmgr-indexer.php --reindex-all
Other things:
You could make the import directory a samba share in zentyal, but I am not sure what permissions are needed.  Similarly you could create a symlink to the users home directory and the DocMGR users directory, I expect there could be an elegant method of doing this automgically with php and variable such as $HOME etc?

This worked for me but I can't guarantee it will work for you, I am not an IT professional so I am more than happy if you spot any glaring errors or omissions  :)
DO NOT BE TEMPED TO ADMISITETER YOUR LDAP USERS OR GROUPS FROM THE DOCMGR INTERFACE - IT WILL BE BAD - YOU HAVE BEEN WARNED  :o


12
I am trying to set up DocMGR as a document management system, currently I have managed to get everything to work except authenticating users against my LDAP server which is Zentyal 2.2.

Here is the document ation form the DocMGR site:
http://www.docmgr.org/documentation/ldap-configuration/

Here is my ldap-config.php file for DocMGR:
Code: [Select]
<?php /******************************************************************************$ 
Fileame: ldap-config.php 

Purpose: Contains all settings for ldap connectiving and attribute mapping 

Created: 11-20-2005 
*******************************************************************************$ 

/************************************************************ 
LDAP Connectivity 
************************************************************/ 

//your ldap server uri 
define("LDAP_SERVER","ldap://10.0.0.1"); 

//your ldap server port 
define("LDAP_PORT","389"); 

//the dn to bind to your server with 
define("BIND_DN","dc=myserver,dc=mydomain,dc=com"); 

//the password of the above specified dn 
define("BIND_PASSWORD","secret"); 

//your search attribute base for accounts 
define("LDAP_BASE","ou=Users,dc=myserver,dc=mydomain,dc=com"); 

//default base for creating accounts 
define("LDAP_CREATE_BASE",LDAP_BASE); 

//a search filter to limit valid accounts to 
define("LDAP_FILTER","(uid=*)"); 

//password encrytion in database 
define("LDAP_CRYPT","MD5"); 

//ldap protocol 
define("LDAP_PROTOCOL","3"); 

//default group id for a new account 
define("DEFAULT_GID","100"); 

//base of our tree 
define("LDAP_ROOT","cn=ebox,dc=myserver,dc=mydomain,dc=com"); 

/*********************************************************** 
Attribute Mapping *
**********************************************************/ 
define("LDAP_UID","uid"); define("LDAP_UIDNUMBER","uidNumber"); 
define("LDAP_GIDNUMBER","gidNumber"); 
define("LDAP_USERPASSWORD","userPassword"); 
define("LDAP_CLEARPASSWORD","plainPassword"); 
define("LDAP_CN","cn"); 
define("LDAP_SN","sn"); define("LDAP_GECOS","gecos"); 
define("LDAP_TELEPHONENUMBER","telephoneNumber"); 
define("LDAP_GIVENNAME","givenName"); define("LDAP_MAIL","mail"); 

//your dn in your directory should look like this: 
//<UID>=<login>,<LDAP_BASE> 
//ex: uid=mylogin,ou=people,dc=mydomain,dc=com

I have posted on the DocMGR project forum but the response time is not exactly quick :(

I would be grateful for any suggestions as I am not entirely sure these settings are correct.

Thanks

13
Installation and Upgrades / blocking access attempts by IP address
« on: February 09, 2013, 05:42:38 pm »
We have had a number of breaking attempts via ssh.  Nobody has got in but it floods the syslogs with alerts.  Is there any way to configure the zentyal firewall and/or IDS to block access according to number of failed attempts and IP address?  I suspect it might be do able via the events and dispatchers?

Thanks

14
I am trying to get the virtual machine manager in 2.2 to work with virtualbox.  I have a fresh install of ubuntu 10.04 and have installed virtualbox from the standard repos (I think it is version 3.2)but when I try to install zentyal-virt, it also installs kvm as well.  I have also tried with virtualbox4.2 but have tha same problem. 

I have managed it earlier in the week but can't seem to get it to work now.  Please can someone tell me which vision of virtualbox I need to use?
Thanks

15
Installation and Upgrades / FTP help
« on: December 24, 2012, 09:11:13 am »
running zentyal 2.2 but I can't get any ftp clients to connect with ssl enabled, tried fireftp, and several android clients that support ssl.  With ssl disabled there is not problem connecting.  There doesn't seem to be anything in the logs either??

Suggestions are welcome

Pages: [1] 2 3