Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
16
Installation and Upgrades / Re: Default Domain Policy - 504 Gateway Time-out nginx
« on: May 13, 2015, 12:06:57 pm »17
German / Re: [Solved] Customizing von Nginx Webserver in Zentyal 4.0
« on: May 13, 2015, 12:05:34 pm »
Used this in an attempt to solve the nginx 504 timeout issue and it seems to be successful.
First create the stub (see above).
then:
# nano /etc/zentyal/stubs/core/nginx.conf.mas
What seemed to work is to insert the lines
in the http context (look for the section below):
And finally restart webadmin:
# service zentyal webadmin stop
# service zentyal webadmin start
Note that after succesfull stop "service zentyal webadmin status" shows [RUNNING] - the webadmin does no longer respond however.
I have not seen 504's anymore since ...
First create the stub (see above).
then:
# nano /etc/zentyal/stubs/core/nginx.conf.mas
What seemed to work is to insert the lines
Code: [Select]
proxy_read_timeout 300;
uwsgi_read_timeout 300;in the http context (look for the section below):
Code: [Select]
http {
##
# Basic Settings
##
# 20150513 Attempt to prevent nginx 504 timeout WSOD error in webadmin
# http://howtounix.info/howto/110-connection-timed-out-error-in-nginx
# http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_read_timeout
proxy_read_timeout 300;
# http://stackoverflow.com/questions/14167910/nginx-and-mysql-timeout-upstream-timed-out-110-connection-timed-out
# http://nginx.org/en/docs/http/ngx_http_uwsgi_module.html#uwsgi_read_timeout
uwsgi_read_timeout 300;
sendfile on;
tcp_nopush on;
And finally restart webadmin:
# service zentyal webadmin stop
# service zentyal webadmin start
Note that after succesfull stop "service zentyal webadmin status" shows [RUNNING] - the webadmin does no longer respond however.
I have not seen 504's anymore since ...
18
Installation and Upgrades / Re: NTP Configuration from GPO not working in Windows 7 ++
« on: January 30, 2015, 11:13:51 am »19
Installation and Upgrades / Re: Windows Time Service and Zentyal(Samba4)
« on: January 30, 2015, 11:11:16 am »20
Installation and Upgrades / Re: Windows 7 NTP time issue after joining domain.
« on: January 30, 2015, 10:55:08 am »
This worked for me in Zentyal 3.4. supposedly this issue is fixed in Zentyal 3.5(+??)
see: https://tracker.zentyal.org/issues/2037
Customize the ntp stub:
see: https://wiki.zentyal.org/wiki/En/3.5/Development_and_advanced_configuration
change the (last) line from:
to:
Change permissions on the ntp socket directory:
Restart the ntp service:
Test from your Win7 machine (as admin):
Voila ...
PS: some more info here: http://blog.mycroes.nl/2013/03/setting-up-ntp-signing-ntpsignd-with.html
see: https://tracker.zentyal.org/issues/2037
Customize the ntp stub:
see: https://wiki.zentyal.org/wiki/En/3.5/Development_and_advanced_configuration
sudo mkdir /etc/zentyal/stubs/ntp
sudo cp /usr/share/zentyal/stubs/ntp/ntp.conf.mas /etc/zentyal/stubs/ntp
sudo nano /etc/zentyal/stubs/ntp/ntp.conf.mas
change the (last) line from:
ntpsigndsocket /opt/samba4/var/lib/ntp_signd/
to:
ntpsigndsocket /var/lib/samba/ntp_signd/
Change permissions on the ntp socket directory:
sudo chgrp ntp /var/lib/samba/ntp_signd
Restart the ntp service:
sudo service zentyal ntp restart
Test from your Win7 machine (as admin):
w32tm /resync /rediscover
Voila ...
PS: some more info here: http://blog.mycroes.nl/2013/03/setting-up-ntp-signing-ntpsignd-with.html
21
News and Announcements / Re: Zentyal 4.0 Roadmap Published!
« on: September 10, 2014, 11:16:22 am »
So there is a lot of talk on modules that are being abandoned. Although I do agree that it is for some modules regretful and for sure inconvenient - I also think it is something that is a fact and the company's good right.
However - the incrementally scrapping of supported modules over the last releases leaves me (and I presume many others) in uncertainty on what I can rely on for the future. It makes me very hesitant and wonder if and how Zentyal fits into my infrastructure (be it commercial or community edition).
It would be extremely helpful if Zentyal could list the modules they are (and will be) committed to supporting such that I can make a founded decision on the future position of Zentyal in my organization.
Thank you!
However - the incrementally scrapping of supported modules over the last releases leaves me (and I presume many others) in uncertainty on what I can rely on for the future. It makes me very hesitant and wonder if and how Zentyal fits into my infrastructure (be it commercial or community edition).
It would be extremely helpful if Zentyal could list the modules they are (and will be) committed to supporting such that I can make a founded decision on the future position of Zentyal in my organization.
Thank you!
22
Installation and Upgrades / Re: Finally got 3.4 installed - working haproxy.cfg?
« on: June 23, 2014, 11:49:21 pm »
Hi,
This is what I've got on 3.4.6 after a troublesome upgrade from 3.3.10 (3.4.6 webadmin is working now):
cat /etc/haproxy/haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
contimeout 5000
clitimeout 50000
srvtimeout 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
This is what I've got on 3.4.6 after a troublesome upgrade from 3.3.10 (3.4.6 webadmin is working now):
cat /etc/haproxy/haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
contimeout 5000
clitimeout 50000
srvtimeout 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
23
Installation and Upgrades / Re: HOWTO: Jabber configuration to hide "internal" groups in shared roster
« on: March 20, 2014, 06:51:27 pm »
Modified this to read
% if ($sharedroster) {
{mod_shared_roster_ldap, [
{ldap_filter, ""},
{ldap_rfilter, "(&(objectClass=posixGroup)(!(internal=1)))"},
{ldap_gfilter, "(&(objectClass=posixGroup)(cn=%g)(cn=jabberusers)(!(internal=1)))"},
{ldap_ufilter, "(&(uid=%u)(objectClass=userJabberAccount))"},
{ldap_groupattr, "cn"},
{ldap_groupdesc, "description"},
{ldap_memberattr, "member"},
{ldap_memberattr_format, "uid=%u,<% $usersDn %>"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"}
]},
Now only the jabberusers group shows up.
Note that the group must have a description to show up in the shared roster.
% if ($sharedroster) {
{mod_shared_roster_ldap, [
{ldap_filter, ""},
{ldap_rfilter, "(&(objectClass=posixGroup)(!(internal=1)))"},
{ldap_gfilter, "(&(objectClass=posixGroup)(cn=%g)(cn=jabberusers)(!(internal=1)))"},
{ldap_ufilter, "(&(uid=%u)(objectClass=userJabberAccount))"},
{ldap_groupattr, "cn"},
{ldap_groupdesc, "description"},
{ldap_memberattr, "member"},
{ldap_memberattr_format, "uid=%u,<% $usersDn %>"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"}
]},
Now only the jabberusers group shows up.
Note that the group must have a description to show up in the shared roster.
24
Installation and Upgrades / Re: Zentyal 3.3.4, Jabber 3.3 - Jabber fails to start - won't bind to LDAP
« on: February 12, 2014, 03:19:43 pm »
solved - not sure which steps were necessary.
did a
apt-get remove -purge zentyal-jabber
apt-get autoremove -purge
Then reinstalled jabber through zentyal webadmin
Still not running, only a crash report in /var/log/ejabberd
Then ran into this post: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516718
Which led me to kill some processes:
Rebooting the server isn't necessary, just make sure there's no beam, beam.smp and epmd processes running.
You can find them like this:
# ps axc|grep beam
# ps axc|grep epmd
Note that the epmd process comes up again after killing it.
And - tada - jabber can be started (I used "service zentyal jabber start" but I presume the webinterface would have worked as well ....
did a
apt-get remove -purge zentyal-jabber
apt-get autoremove -purge
Then reinstalled jabber through zentyal webadmin
Still not running, only a crash report in /var/log/ejabberd
Then ran into this post: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516718
Which led me to kill some processes:
Rebooting the server isn't necessary, just make sure there's no beam, beam.smp and epmd processes running.
You can find them like this:
# ps axc|grep beam
# ps axc|grep epmd
Note that the epmd process comes up again after killing it.
And - tada - jabber can be started (I used "service zentyal jabber start" but I presume the webinterface would have worked as well ....
25
Installation and Upgrades / Re: Zentyal 3.3.4, Jabber 3.3 - Jabber fails to start - won't bind to LDAP
« on: February 12, 2014, 11:05:54 am »
So - wanted to try and install ejabberd 2.1.13 to see if this solves the issue.
http://www.process-one.net/en/ejabberd/archive/
However the installer wants to configure from scratch so not sure if it is wise to proceed.
Any hints on how to just upgrade ejabberd within the Zentyal setting?
http://www.process-one.net/en/ejabberd/archive/
However the installer wants to configure from scratch so not sure if it is wise to proceed.
Any hints on how to just upgrade ejabberd within the Zentyal setting?
26
Installation and Upgrades / Re: Zentyal 3.3.4, Jabber 3.3 - Jabber fails to start - won't bind to LDAP
« on: February 12, 2014, 10:47:00 am »
the used ejabberd version is indeed 2.1.10.
ejabberd 2.1.12 has an erlang related ldap fix on board ...
http://redir.process-one.net/ejabberd-2.1.12
ejabberd 2.1.12 has an erlang related ldap fix on board ...
http://redir.process-one.net/ejabberd-2.1.12
27
Installation and Upgrades / [SOLVED] Zentyal 3.3.4, Jabber 3.3 - Jabber fails to start - won't bind to LDAP
« on: February 11, 2014, 09:41:42 pm »
I seem to hit this bug
https://bugs.launchpad.net/ubuntu/+source/ejabberd/+bug/1241632
I can not find a way to start jabber (despite the webadmin interface sayin that the module started correctly, the module status says "stopped". "/etc/init.d/zentyal jabber status" shows "stopped". a commandline restart takes forever to no avail.
The credentials in /etc/ejabberd/ejabberd.cgf match the ones provided in the webinterface. External ldap explorer works fine with the same credentials.
Any help would be appreciated!
From /var/log/ejabberd/ejabberd.log.1 (this is repeated many many many times):
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.291.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.281.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.373.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.347.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.347.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.373.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.281.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.291.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
https://bugs.launchpad.net/ubuntu/+source/ejabberd/+bug/1241632
I can not find a way to start jabber (despite the webadmin interface sayin that the module started correctly, the module status says "stopped". "/etc/init.d/zentyal jabber status" shows "stopped". a commandline restart takes forever to no avail.
The credentials in /etc/ejabberd/ejabberd.cgf match the ones provided in the webinterface. External ldap explorer works fine with the same credentials.
Any help would be appreciated!
From /var/log/ejabberd/ejabberd.log.1 (this is repeated many many many times):
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.291.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.281.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.373.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=INFO REPORT==== 2014-02-11 20:28:42 ===
I(<0.347.0>:eldap:983) : LDAP connection on 127.0.0.1:390
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.347.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.373.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.281.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
=WARNING REPORT==== 2014-02-11 20:28:42 ===
W(<0.291.0>:eldap:931) : LDAP bind failed on 127.0.0.1:390
Reason: invalidCredentials
28
Installation and Upgrades / Re: ebox 1.4 --> fresh Zentyal 2.2: Windows clients create new profile at logon
« on: June 11, 2012, 11:56:38 am »
Dank je wel Ian - ik zal er eens naar kijken ... (Thanks Ian - I'll have a look at it ...)
29
Installation and Upgrades / Re: ebox 1.4 --> fresh Zentyal 2.2: Windows clients create new profile at logon
« on: June 05, 2012, 04:16:36 pm »
OK - so it seems to be a user/group/computer sid thing rather than a domain sid thing.
Will look closer at batch export and import of users/groups/computers etc ...
Will look closer at batch export and import of users/groups/computers etc ...
30
Installation and Upgrades / Re: ebox 1.4 --> fresh Zentyal 2.2: Windows clients create new profile at logon
« on: June 05, 2012, 03:29:10 pm »
EDIT: Interestingly enough the SID of both servers are the same so I do not expect it will resolve anything.
Is this the answer? Could I just run these commands without breaking anything in Zentyal?
You can restore a domain SID from the old to the new Samba server by using
net getdomainsid
and
net setdomainsid
This way you can run the new Samba server with the same domain SID as the old one. No need to change the clients.
from: http://community.spiceworks.com/topic/143798-change-domain-sid-without-rejoining-domain
Is this the answer? Could I just run these commands without breaking anything in Zentyal?
You can restore a domain SID from the old to the new Samba server by using
net getdomainsid
and
net setdomainsid
This way you can run the new Samba server with the same domain SID as the old one. No need to change the clients.
from: http://community.spiceworks.com/topic/143798-change-domain-sid-without-rejoining-domain