Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - shoppc

Pages: [1]
1
Thanks for creating the post showing how to setup letsencrypt etc.  However, I am a linux noob, and a zentyal noob and I think many people would appreciate a little more detail on the instructions provided, at least I would.

My installation is the community edition Zentyal 7.0.4 - It's running great, I have a Windows 10 machine joined to the 'domain' and email via SOGo works.  However I cannot get my head around the way certificates are installed/setup in Zentyal.

My backround is in IT support, and whilst I don't fully grasp every facet of SSL certificate implementation, I have installed certificates on a variety of platforms (mainly windows server, exchange, IIS etc), using wildcard certs and find the process reasonably simple.  Linux/Zentyal however seems a black art.  For every iteration of linux, and for all the different services running that might want to use a certificate (apache, ngnix etc.) it seems like a never ending process of config file changes.  Enough if the thicko moaning....

The thing is, and I know it's my lack of knowledge, I cannot tell from the the (I'm sure excellent) instructions in the forum here and in Zentyals own documents how to configure services to use a letsencrypt ssl certificate.  I can install letsencrypt, add the repo etc, as per the documentation, but for example, the following command from the manual:

> certbot --apache -m abraham@zentyal-domain.com

...clearly the 'abraham@zentyal-domain.com' needs to change, if I want to setup the certificate for the SOGo webmail service, what should this be?

The documentation instruction seems to be completely different than those posted here too...(https://forum.zentyal.org/index.php/topic,32351.msg112718.html#msg112718), with the final notes in the official documentation reading:

"When the certificate has been correctly issued and stored on your Zentyal Server, the next step is to configure the services to use this certificate. Below you can find some of the most common paths used to establish the certificate:"

But what are you supposed to do in those paths to establish the certificates?  It's a little confusing!  I'm used to just opening a GUI control, choosing the installed certificate and confirming it's use in that 'service'.

I think I understand that the process pulls down a certificate, stores it in maybe /etc/certs (but I don't really know), and then you are supposed to make numerous config changes to make use of the certificates - but I'm lost!

Also, from the web admin, I really don't understand the process, it doesn't seem to have any options to say select 'webmail' as the service, and choose the certificate for that service.  It kinda looks like you can create certificates signed by the server (so not CA approved by clients), and assign them - but 'Editing certificate' does not mean 'applying' so really don't understand what this GUI feature is actually doing (again me being thick), and the documentation really doesn't explain - it's almost like you need to know what its doing to understand what the documentation is telling you!

Apologies if this all sounds like a moan - I'm just frustrated, and really I do this for a job (although very much a jack of all, master of none), but Linux/Zentyal just seems so difficult to get my head round - will there ever be a certmgr equivalent tool that devs can utilise to simplify install and usage of certificates for people like me?

Anyway, I guess I'm asking for someone to produce a video or document with step by step instructions with explanations of what the commands do (simple), and what elements are to be tailored for an individuals setup (back to my question, why does the certbot apache command above require what looks like an email address when you are trying to apply SSL to a host/domain).

I'm pretty sure I'll be high maintenance with the responses, and me being so dim - but if anyone who has the time could respond, maybe we could email/PM to get me on the right track, or perhaps if you want the fame and er um 'fortune' post a youtube video of the whole process of applying a free lets encrypt cert on Zentyal 7 for admin console and SOGo webmail etc. - that would be awesome and frankly you would become a legend on these forums (according to me anyway).

Thankyou for making it to the end of this post!


2
Hi,

Yes, everything you currently do is still supported in v4, and yes Jabber is the 'integrated' messaging service in Zentyal 4.  The fact that you use Thunderbird for email is a bonus, using Outlook works, but has limited features (including having to update folders to see new mail) - don't believe that is a problem for Thunderbird.

You can always download and try the product as a virtual machine, just to make sure there are no pitfalls for you - but I suspect it is a good to go upgrade for you (don't attempt an upgrade, create from new and import/export your mail using your client software).  Backup your share data and re-create on the new Zentyal server to avoid any snags.

Hope this helps.....

3
Installation and Upgrades / Re: OpenCloud + Outlook 2013 issue
« on: January 23, 2015, 03:20:45 pm »
There is a 30-day trial of the pay-for commercial version (http://www.zentyal.com/zentyal-server/trial/).  Since the system is quick & Easy to setup, you could give that a go and then post back your finding regarding inbox refresh etc.  I don't have the time, or know anyone who has looked at the commercial version. I think most of us here are trying the FREE community version believing it is the same but without support!  Like you though, I'd be willing to consider buying the commercial version if someone could answer positively to these questions;

1 - Does outlook update automatically when new mail arrives (your question)?
2 - If you pay for the commercial version, then stop paying the subscription, are you still able to use the product without restriction (other than updates & support) - Perpetual license if you will?
3 - Does outlook work fine with self signed certificates in the commercial version, since the community version constantly asks to accept certificates?
4 - Does the commercial version support nested AD folders?  Currently not supported (or creatable) in Zentyal Community.

There are probably more questions, but if anyone here can answer these in detail, that would very much appreciated!

4
Installation and Upgrades / Re: Anyone having success with Zentyal 4.0?
« on: November 26, 2014, 11:20:33 pm »
Yep - same here - all good except that the Exchange/Outlook side of things is short on reliable features (certificate issues, folder sharing, etc etc).  However if users don't need to use Outlook, then so far all is good - OpenChange web interface is pretty good, clean, and as well featured as any free email service (e.g. Yahoo Mail). 

Perhaps some time down the dev roadmap, Outlook will be fully catered for - that will be the day Zentyal is really a drop in replacement for small business server.

As an all round file/print/directory/email server it's pretty good - just can't 'sell' it as a direct replacement for Microsofts own products - but that is true of all the open source alternatives.

Give it a go and see what you think :)

5
Ok, I have scrapped my VM for Zentyal, but will rebuild later (may take a week or two), as I'm away on holiday.  Once re-installed v3.5 & updated, do you want me to copy up the Log here?  Or, do you want a fresh install with NO updates and then the logs?

6
Applied the 'patch', as per the instructions found in bug 1090 report.  All working again except OpenChange module. So scrapping my install to start again. Will monitor the install/update process and report finding here if there is anything of help. I understand the roadmap speaks if a new release point soon (sept) I think, maybe will wait till then.

7
Installation and Upgrades / Re: after reboot modules missed
« on: July 30, 2014, 12:13:56 pm »
Hi,

This is resolved 'manually' by entering the code found in bug report 1090 into a file called Ldap.pm.   So find bug report 1090, open the Ldap.pm.patch file, then copy the '+' lines of code into the Ldap.pm file on your system (/usr/share/perl5/EBox/Ldap.pm).

Hope this helps.

8
Thought I'd post to keep the topic alive, but also to say the problem still exists.  Self signed certificates for the domain and the alias 'autodiscover.domain' can't be imported into Outlook, it goes through the motions, but never appears in the list of certificates.  And, once Outlook is quit, you have to re-accept certs for domain & autodiscover all over again!

Any clues, very much appreciated.

9
Hi,

I Have Community edition 3.5.2 setup and running.  Today console desktop screen just stayed BLACK. When I went to use the console remotely through WebAdmin all was looking fine, so figured it was my VMware workstation playing up.  Anyway, restarted the server and found two issues:

1 - the Internal & External Interfaces were swapped, proved by changing the vnet setting on each interface in my virtual environment until pings could be made on each LAN segment.  Bit odd, but not sure if this is a bug with Zentyal on startup. 

But most important/relevant....

2 - Half of the services had not started, checked zentyal.log and sure enough I had the Samba LDAP error as found in this report (bug report 1090).  I followed the advice here and restarted the services from command line - all good and all working.  However, I would say that the bug is not solved!  The issue has been identified, but not permanently resolved (otherwise I wouldn't have experienced it after updates). 

Hopefully someone can pull/fix whatever causes this, since it took me a day to find the issue (being new to Zentyal and all that).  Otherwise, good system!  Regarding (1), the interfaces - will monitor and report an issue if it occurs again.

Pages: [1]