This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: Ldap attribute memberuid not present
« on: July 12, 2013, 09:35:44 pm »
Well, you were right in your assumption the complete dc is
nacional_search_base = ou=Groups,dc=jovenclub,dc=cu
also the purpose is indeed check if certain user is member of group CorreoSN and if so then retrieve the cn of the group , since this is for postfix the ultimate goal is to check if user can or can't send mail out of our network, if the user sorlak belong to it then is define that he can't send mail, if he is not then nothing happen a the mail is send, so the group will always be the same but the member of it may well change anytime, Thanks for the reply i will now make some tweak to see if a got any luck with this, thanks for your time and regards. Will post the outcome of the test
nacional_search_base = ou=Groups,dc=jovenclub,dc=cu
also the purpose is indeed check if certain user is member of group CorreoSN and if so then retrieve the cn of the group , since this is for postfix the ultimate goal is to check if user can or can't send mail out of our network, if the user sorlak belong to it then is define that he can't send mail, if he is not then nothing happen a the mail is send, so the group will always be the same but the member of it may well change anytime, Thanks for the reply i will now make some tweak to see if a got any luck with this, thanks for your time and regards. Will post the outcome of the test
2
Installation and Upgrades / Re: Ldap attribute memberuid not present
« on: July 12, 2013, 12:39:23 am »
Thanks for the fast reply, and sorry for the confusion, i was already informed about the change to 390 among other thins i juts post that so everyone know what was i trying to retrieve from the search. Unfortunately i could fallow your recommendations my ldap skill are no so good, could you please show me how it should look the query filter. Sorry for the inconvenience. Regards
3
Installation and Upgrades / Ldap attribute memberuid not present
« on: July 11, 2013, 10:03:44 pm »
Hello everyone there is any way to make zentyal to use by default memberuid in the groups attributes like use to do it in version 2.2
i create this scope and work in previous version on postfix -zentyal 2.2
nacional_server_host = 127.0.0.1
nacional_server_port = 389
nacional_bind = no
nacional_timeout = 5
nacional_search_base = ou=Groups,dc=xyz,dc=net
nacional_query_filter = (&(|(cn=CorreoSN))(memberUid=%u))
nacional_result_attribute = cn
if the user was a member of the group it should give me back the groups that he belong to and with that i can create classes for postfix to check certain parameters, also if any one knows how to get the same result in this new version i will be pleased to hear it. Thanks for your time and eforts, regards.
i create this scope and work in previous version on postfix -zentyal 2.2
nacional_server_host = 127.0.0.1
nacional_server_port = 389
nacional_bind = no
nacional_timeout = 5
nacional_search_base = ou=Groups,dc=xyz,dc=net
nacional_query_filter = (&(|(cn=CorreoSN))(memberUid=%u))
nacional_result_attribute = cn
if the user was a member of the group it should give me back the groups that he belong to and with that i can create classes for postfix to check certain parameters, also if any one knows how to get the same result in this new version i will be pleased to hear it. Thanks for your time and eforts, regards.
4
Installation and Upgrades / Re: figuring out squid-external
« on: June 28, 2013, 03:16:56 am »
Haha after a while this squid internal -- dansguardian -- squid external
enlighten my brain what if.......
squid.conf
cache_peer localhost parent 3130 0 no-query proxy-only login=PASS
squid-external.conf
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest login=PASS
BOOM there you go, now you can surf the web again , to be honest i just try to be consistent with the configuration got no idea if dansguardian has anything to do with what i just did.
Thank for your time effort and consideration. Regards
i made a request in the Idea storm if a get any look i will love to see the old object + group mix policy back, is a pain to control users + ip + time access with diff and patch for the acls.
enlighten my brain what if.......
squid.conf
cache_peer localhost parent 3130 0 no-query proxy-only login=PASS
squid-external.conf
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest login=PASS
BOOM there you go, now you can surf the web again , to be honest i just try to be consistent with the configuration got no idea if dansguardian has anything to do with what i just did.
Thank for your time effort and consideration. Regards
i made a request in the Idea storm if a get any look i will love to see the old object + group mix policy back, is a pain to control users + ip + time access with diff and patch for the acls.
5
Installation and Upgrades / Re: figuring out squid-external
« on: June 28, 2013, 02:41:59 am »
perhaps inherited? since i remember that is the way that always has been in here, the scenario is the same that was debated in this thread http://forum.zentyal.org/index.php/topic,8014.0.html where we found that never_direct allow all was needed to get all request through the parent proxy since machine virtually has no direct access nowhere.
So basically the structure is the next
Client - proxy-zentyal - proxy-parent - internet
the user backend is storage in both the proxy-zentyal and my parent-proxy they must match otherwise the access is denied .
I had attached a brief part of the squid access.log of both proxy,
as you may see the parent give me a denied on 407. Any ideas , i mean as i said before if i put cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS in squid.conf it works, but then, what is the point of squid-external ? Thanks for your time and effort. Regards
So basically the structure is the next
Client - proxy-zentyal - proxy-parent - internet
the user backend is storage in both the proxy-zentyal and my parent-proxy they must match otherwise the access is denied .
I had attached a brief part of the squid access.log of both proxy,
as you may see the parent give me a denied on 407. Any ideas , i mean as i said before if i put cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS in squid.conf it works, but then, what is the point of squid-external ? Thanks for your time and effort. Regards
6
Installation and Upgrades / Re: figuring out squid-external
« on: June 27, 2013, 12:13:45 am »
Well since there is no PDC in the server SSO has no use in this scenario for me, i just need to send the account is password to my parent proxy through login:PASS option, and no, dansguardian is no the one blocks me is actually my parent proxy, which give TCP_DENIED/407, 407= where is your login password ?
So the issue is not dansguardian, it is most likely that the squid-external is not been used at all otherwise he should be sending that info without problem since is declared
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS
PD: In my opinion the combination of group policy with object group was more flexible.
Thanks for your time and regards.
So the issue is not dansguardian, it is most likely that the squid-external is not been used at all otherwise he should be sending that info without problem since is declared
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS
PD: In my opinion the combination of group policy with object group was more flexible.
Thanks for your time and regards.
7
Installation and Upgrades / figuring out squid-external [SOLVED]
« on: June 26, 2013, 02:23:19 am »
Hello everyone i am trying to give to zentyal 3.0 some feature from Zentyal 2.2 since now through GUI HTTP-Proxy Access Rules no longer allow to add user control inside a network object (which is a roll back isn't ? ) i manage already to achieve that. But i still unable to set my parent proxy, in squid.conf there is a parent already :
cache_peer localhost parent 3130 0 no-query proxy-only login=*:nopassword
and then this line :
# force clients to use squid-external
never_direct allow all
So I thought that whatever configuration it should be made in squid-external an so i just add a minor modification from this:
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest
to this in squid-external
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS
but my parent keep on denied every request
however if i put that same line in squid.conf work without a problem
so, can anyone tell me what i am doing wrong here ? Thanks for your time and effort.Regards
cache_peer localhost parent 3130 0 no-query proxy-only login=*:nopassword
and then this line :
# force clients to use squid-external
never_direct allow all
So I thought that whatever configuration it should be made in squid-external an so i just add a minor modification from this:
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest
to this in squid-external
cache_peer 192.168.250.12 parent 1080 0 no-query no-digest default login=PASS
but my parent keep on denied every request
however if i put that same line in squid.conf work without a problem
so, can anyone tell me what i am doing wrong here ? Thanks for your time and effort.Regards
8
Installation and Upgrades / Re: Zentyal on openVZ
« on: June 12, 2013, 12:09:14 am »
Not sure if will help but you may want look at this http://forum.zentyal.org/index.php/topic,9339.msg40329.html#msg40329
9
Installation and Upgrades / Re: VoIP server can get extension
« on: April 19, 2013, 08:53:53 pm »
Ok so far what i get is that asterisk-voicemail is not installed by default so i install mostly all package that are no installed with the zentyal-asterisk package and i was able to connect using a softphone called zoipper. Maybe you should see if asterisk-voicemail is installed
#sudo aptitude search asterisk
that will give you a list off all related asterisk packages available
you will need if not installed already the moh-opsound-g722 an then create a symbolic link from
/usr/share/asterisk/moh to /var/lib/asterisk/moh
you can achieve that with
# ln -s /usr/share/asterisk/moh/* /var/lib/asterisk/moh/
So far that is all the help that i can supply to you tellme if you can resolve your issue whit it. Regards
#sudo aptitude search asterisk
that will give you a list off all related asterisk packages available
you will need if not installed already the moh-opsound-g722 an then create a symbolic link from
/usr/share/asterisk/moh to /var/lib/asterisk/moh
you can achieve that with
# ln -s /usr/share/asterisk/moh/* /var/lib/asterisk/moh/
So far that is all the help that i can supply to you tellme if you can resolve your issue whit it. Regards
10
Installation and Upgrades / (SOLVED) VoIP server can get extension
« on: April 03, 2013, 11:22:06 pm »
After some tweaks to make all sound file work properly in zentyal 3.0 core 3.0.17 voip3.0.1 i am unable however to get a connection to any extension created so far after some debug all i can find is:
Dial("SIP/cha-00000003", "SIP/4120,15,tTwWr") in new stack
[Apr 3 17:18:14] WARNING[17581]: app_dial.c:2218 dial_exec_full: Unable to create channel of type 'SIP' (cause 20 - Unknown)
== Everyone is busy/congested at this time (1:0/0/1)
-- Executing [4120@users:2] VoiceMail("SIP/cha-00000003", "4120,u") in new stack
-- <SIP/cha-00000003> Playing 'vm-theperson.slin' (language 'es')
-- <SIP/cha-00000003> Playing 'digits/4.slin' (language 'es')
[Apr 3 17:18:17] ERROR[17375]: res_config_ldap.c:1327 update_ldap: Couldn't modify 'name'='cha', dn:uid=cha,ou=Users,dc=jovenclub,dc=cu because Invalid syntax
I am using to connect a softphone.
Can anyone give a hint on this one. Thanks ind advantage for your time and patience
Dial("SIP/cha-00000003", "SIP/4120,15,tTwWr") in new stack
[Apr 3 17:18:14] WARNING[17581]: app_dial.c:2218 dial_exec_full: Unable to create channel of type 'SIP' (cause 20 - Unknown)
== Everyone is busy/congested at this time (1:0/0/1)
-- Executing [4120@users:2] VoiceMail("SIP/cha-00000003", "4120,u") in new stack
-- <SIP/cha-00000003> Playing 'vm-theperson.slin' (language 'es')
-- <SIP/cha-00000003> Playing 'digits/4.slin' (language 'es')
[Apr 3 17:18:17] ERROR[17375]: res_config_ldap.c:1327 update_ldap: Couldn't modify 'name'='cha', dn:uid=cha,ou=Users,dc=jovenclub,dc=cu because Invalid syntax
I am using to connect a softphone.
Can anyone give a hint on this one. Thanks ind advantage for your time and patience
11
Installation and Upgrades / [SOLVED] Lost web interface access
« on: March 26, 2013, 10:10:17 pm »
Hi everyone I have lost my access to the web interface of zentyal 2.2 so far it seems like there is no other problem the rest of the service are working just fine including the webserver module. i have set my admin interface to listen thought port 2442 and that is ok i tested with a telnet consult and is working just fine.
So far what i got is this:
sudo netstat -tlnp | grep apache
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1459/apache2
tcp 0 0 0.0.0.0:2442 0.0.0.0:* LISTEN 3233/apache2
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1459/apache2
And this in the error.log
Statement unlikely to be reached at /usr/share/perl5/EBox/Apache.pm line 115.
(Maybe you meant system() when you said exec()?)
Init: Session Cache is not configured [hint: SSLSessionCache]
I had try this
dpkg-reconfigure zentyal
but no luck
Can anyone give a hand with this. Thanks for your time and effort.
False alarm boys, one of my IT group mess with the firewall infrastructure and forgot add the port for administration. Sorry and thank any ways
So far what i got is this:
sudo netstat -tlnp | grep apache
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1459/apache2
tcp 0 0 0.0.0.0:2442 0.0.0.0:* LISTEN 3233/apache2
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1459/apache2
And this in the error.log
Statement unlikely to be reached at /usr/share/perl5/EBox/Apache.pm line 115.
(Maybe you meant system() when you said exec()?)
Init: Session Cache is not configured [hint: SSLSessionCache]
I had try this
dpkg-reconfigure zentyal
but no luck
Can anyone give a hand with this. Thanks for your time and effort.
False alarm boys, one of my IT group mess with the firewall infrastructure and forgot add the port for administration. Sorry and thank any ways
12
Installation and Upgrades / Re: Log parsing stop after logrotation
« on: June 28, 2012, 03:01:04 pm »
Anyone? from the development team?
13
Installation and Upgrades / Log parsing stop after logrotation
« on: June 25, 2012, 07:15:22 pm »
Hello guys i need rotate my postfix log but when i do so then the log parsing of zentyal stop working until i restart the OpenVZ any idea how could i restart this daemon by it self and not the entirely machine. Thanks
Zentyal 2.2
Modules Mail, Webserver, Webmail, Users.
Offtopic:Why i cant download the community version of zentyal 2.3 from sourceforge this version is Libre of payment as far as i know.Regards
Zentyal 2.2
Modules Mail, Webserver, Webmail, Users.
Offtopic:Why i cant download the community version of zentyal 2.3 from sourceforge this version is Libre of payment as far as i know.Regards
14
Installation and Upgrades / Re: Slowness in control panel Zentyal
« on: March 06, 2012, 03:39:15 pm »
No, thank you guys for this great software,to the main subject:
I never try this in a stand alone server installation since we use containers OPENVZ, and the tweak is performed to reduce the time of response for apache's zentyal web interface. Those numbers work for me, maybe for a stand alone server a hight number is required or it may usefull tray zentyal using apache is worker MPM instead of prefork i may give a try to this later.Regards
I never try this in a stand alone server installation since we use containers OPENVZ, and the tweak is performed to reduce the time of response for apache's zentyal web interface. Those numbers work for me, maybe for a stand alone server a hight number is required or it may usefull tray zentyal using apache is worker MPM instead of prefork i may give a try to this later.Regards
15
Installation and Upgrades / Re: Slowness in control panel Zentyal
« on: March 05, 2012, 11:45:52 pm »
Sorry for the longtime here is what i have done !Notice! this run over a openvz in proxmox:
edit /var/lib/zentyal/conf/apache2.conf
and set
<IfModule mpm_prefork_module>
StartServers 1
MinSpareServers 10
MaxSpareServers 20
MaxClients 1
MaxRequestsPerChild 10000
</IfModule>
# worker MPM
<IfModule mpm_worker_module>
StartServers 1
MinSpareThreads 10
MaxSpareThreads 20
ThreadsPerChild 1
MaxClients 1
MaxRequestsPerChild 10000
</IfModule>
then save
:wq
and like i said you should create a hook for the webserver module (postsetconf) to keep this at every restart.thats all folks.Regards
edit /var/lib/zentyal/conf/apache2.conf
and set
<IfModule mpm_prefork_module>
StartServers 1
MinSpareServers 10
MaxSpareServers 20
MaxClients 1
MaxRequestsPerChild 10000
</IfModule>
# worker MPM
<IfModule mpm_worker_module>
StartServers 1
MinSpareThreads 10
MaxSpareThreads 20
ThreadsPerChild 1
MaxClients 1
MaxRequestsPerChild 10000
</IfModule>
then save
:wq
and like i said you should create a hook for the webserver module (postsetconf) to keep this at every restart.thats all folks.Regards