Topics

1

Installation and Upgrades / Kernel management

« on: January 24, 2018, 05:09:09 am »

Is there a recommended policy for managing the application of kernels to a Zentyal installation? I was not paying attention to this and had assumed that Zentyal was updating kernels as part of its core updates, but discovered that I was still running a two year old kernel after a recent update. I can't find anything in the documentation to guide on which kernels are recommended or compatible with Zentyal releases. If we are left to manage the kernels independently of the Zentyal core updates, is there a recommended technique? Thanks.

2

Installation and Upgrades / [SOLVED] Network module: flush-fwmarks stalls when ip enters infinite loop

« on: January 24, 2018, 04:06:24 am »

At the end of the upgrade to core 5.0.10 (with network 5.0.9) the attempt to restart the network module stalled. Eventually I logged onto the system via ssh and found that 'ip' was running at 100% CPU. Seeing that it was called from flush-fwmarks, I tried the call to 'ip rules ls' myself and found that it entered an infinite loop returning a constant stream of "0: from all lookup local". Please advise what might be causing this and ideas on how to reset the configuration to correct it. Thanks.

3

Directory and Authentication / [UNRESOLVED] How to troubleshoot samba backup domain controller function?

« on: April 19, 2017, 09:11:55 pm »

Was marked as SOLVED on April 20, 2017 but was observed to have recurred sometime before June 28, 2017. Upgrade to 5.0.6 apparently was not a permanent fix. All symptoms are the same as originally reported.

Running Zentyal 5.0

I used the web interface a couple years ago (before upgrading to 5.0 a few months back) to configure a Zentyal server as both a backup domain controller and a file server. This was working fine. I recently discovered that it is no longer operating as a BDC and I don't know how long this has been the case, so I can't trace it to any particular event. It may or may not have been coincident with the 5.0 upgrade, but I would think I would have noticed it then if it was. Anyway, there are three observed problems:

• When I try to access the 'Users and Computers' page in the BDC web interface it reports "FATAL: Could not connect to samba LDAP server: connect: Connection refused".
• I am unable to connect to the BDC through the Windows ADExplorer tool - it reports "The server is not operational".
• If my Windows client PC is using the BDC as the logon server, I can logon but am unable to query users and groups for ACLs. From a Windows client, I am unable to query users and groups for ACLs on any of the BDC shares.

None of this is observed when using the PDC. Note that Samba is running in some capacity. The file server function is still fully operational as far as I can tell.

"service smbd status" returns:

Code: [Select]

● smbd.service - Samba SMB Daemon
   Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2017-04-19 11:12:46 PDT; 42min ago
     Docs: man:smbd(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 20688 (smbd)
   Status: "smbd: ready to serve connections..."
   CGroup: /system.slice/smbd.service
           ├─20688 /usr/sbin/smbd
           ├─20689 /usr/sbin/smbd
           ├─20690 /usr/sbin/smbd
           ├─20692 /usr/sbin/smbd
           ├─20695 /usr/sbin/smbd
           ├─20696 /usr/sbin/smbd
           ├─20729 /usr/sbin/smbd
           ├─20830 /usr/sbin/smbd
           ├─21189 /usr/sbin/smbd
           ├─21671 /usr/sbin/smbd
           ├─21675 /usr/sbin/smbd
           └─21677 /usr/sbin/smbd

and "samba-tool processes" returns:

Code: [Select]

Service:                PID
-----------------------------
dnsupdate               4790
cldap_server            4783
rpc_server              4778
rpc_server              4778
nbt_server              4780
winbind_server          3810
winbind_server         10520
kdc_server              4784
notify-daemon          20689
ldap_server             4782
ldap_server             4782
ldap_server             4782
ldap_server             4782
kccsrv                  4789
samba                   4789
dreplsrv                4785

I've also grepped the various samba log files for "ldap" and nothing turns up.

I'm at a bit of a loss now as to where to go looking to figure out why the samba LDAP \ DC function isn't working properly. Please advise on suggested next steps for locating the source of the problem. Thanks.

4

Other modules / How does DNS update when using a separate DHCP server?

« on: February 18, 2016, 09:39:32 pm »

We're running Zentyal 4.2.1.3 with DNS Server 4.2.0.3. The Zentyal server is strictly a domain controller. A separate firewall appliance is acting as the DHCP server and pointing to the Zentyal server as the DNS and WINS server. Names of some PCs which have been joined to the Zentyal managed domain do not resolve and I'm trying to figure out why this occurs.

My understanding is that when Zentyal is both the DNS and DHCP server it automatically refreshes DNS when DHCP leases are granted. How does it add or update DNS entries when there is a separate DHCP server? Does it come from WINS?

Of the PCs listed in the domain which do not resolve, I have regular debugging access to one of them and it is (perhaps not so coincidentally) an Ubuntu box that was joined to the domain via PBIS. Is there a configuration that should be applied to Linux joined PCs to cause DNS updates after obtaining DHCP leases?

Thanks for any guidance you can offer.