Recent Posts

Pages: 1 ... 3 4 [5] 6 7 ... 10
41
Installation and Upgrades / Temporary failure in name resolution
« Last post by hopt on October 23, 2021, 12:23:21 pm »
Hello.
I've started testing Zentyal as a solution for my business. I am not the most knowledgeable in regards to networking or sysadmin.
I think I have found an error in Zentyal behavior. I have documented the process, i have been able to reliably replicate this on a hardware machine as well as a Virtualbox.
TLDR: After setting up a Static IP and marking the network card as the WAN adapter, you have to edit /etc/resolv.conf to add a nameserver that works.

1) I edited /etc/resolv.conf , added "nameserver 8.8.8.8"
2) restarted the service sudo systemctl restart systemd-resolved.service
3) It should work now

I do not know enough to know why this happens. but it can make less tech savvy users like myself struggle, or even abandon Zentyal from the get-go.
42
Directory and Authentication / Re: Domain with PDC+BDC at Zentyal
« Last post by victorsts on October 22, 2021, 06:00:24 pm »
Zentyal uses Active Directory, which does not use the concept of PDC/BDC as old NT domain servers used. Besides the FSMO roles, each Zentyal server in a domain replicate AD information and each one is able to authenticate users at any time.

One exception to this is the SYSVOL data which must be replicated from the server holding the "PDC Emulator" FSMO role to the other(s) servers by any mean applicable.

What exactly did not work while that "PDC" servers was off?
43
Installation and Upgrades / Openvpn site2site in Virtualbox (LABHOME)
« Last post by Gilberto Ferreira on October 21, 2021, 07:19:57 pm »
Hi there

I have deploy two Zentyal Server 4.0 in VirtualBox (V 6.1.27 r147422). I am using my laptop to this purpose.

I also have create two host network, like:

vboxnet0 - 192.168.152.0
vboxnet1 - 192.168.157.0

Aditionaly I have create a few iptables rules in my laptop, to allow both zentyal servers to use the internet properly:
# Flush IPTABLES
iptables -F
iptables -t nat -F
# Loopack
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i vboxnet0 -j ACCEPT
iptables -A INPUT -i vboxnet1 -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Allow all from virtualbox
iptables -A INPUT -s 192.168.152.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.157.0/24 -j ACCEPT

# Masquerade virtualbox network
iptables -t nat -A POSTROUTING -s 192.168.152.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.157.0/24 -j MASQUERADE

#turn on ip forwarding
sysctl -w net.ipv4.ip_forward=1

After install both zentyal server, I have create a openvpn tunnel between two server.
I was unable to use the default IP addrss inside the vpn tunnel, i.e 192.168.0.0 in both sides doesn't work.
I needed to use 192.168.10.0 in server1 and 192.168.20.0 in server2. After that I can now ping both side and the 2 windows 7 behind each servers.
But I can not reach the Windows Client behind VPN.

Server1 has the IP 192.168.152.100 as WAN and 172.16.0.10 as LAN
Server2 has the IP 192.168.157.100 as WAN and 172.18.0.10 as LAN

I have dhcp serving IPS 172.16.0.0 to the Windows 7 behind server1 and I have dhcp serving IPS 172.18.0.0 to the Windows 7 behind server2

Both server1 and server2 are communicating. In both server1 and server2 I can ping Windows behind server1 and Windows behind server2

But inside Windows 7 behind server1 I can not reach Windows 7 behind server2.

What I missing??
I appreciated for any help!

Thank you.



44
Directory and Authentication / OU "groups" not show in RSAT
« Last post by victorsts on October 21, 2021, 05:32:36 pm »
Hello,

I have a Zentyal 7.0 instance with Samba AD. It is working correctly as far as I know. There is an OU called "Groups", which seems to be created by default. I have created a few groups there and have used them in the fileserver to assign permissions to folders without issues.

Now I wanted to move those groups to another OU using RSAT in a Windows hosts, but RSAT does now show that "Groups" OU.

I know I can use samba-tool to move the groups to another OU, but why that "Groups" is not shown in RSAT?  Other OUs are shown correctly.

Thanks in advance.

45
Other modules / Re: DNS error after update
« Last post by pksings on October 21, 2021, 02:03:33 am »
This fixed mine, it was really an IDS/IPS problem.

After some hours of research we found that in file "/etc/init.d/suricata" (date of 2nd March 2021) the line 68 was as following:
LISTEN_OPTIONS=" $NFQUEUE"
but it has to be
LISTEN_OPTIONS=" -q $NFQUEUE"
After correcting this and restarting the system, the module behaves as expected as far as we can see.
46
Replying to my own post because I found the fix. The symptoms are DNS fails. Dig further and no working network.  The real problem is the IDS/IPS is not working. A config file has a critical error in it. In my case that is why it failed after an update, the previous file did not have this error apparently.

The fix is https://github.com/zentyal/zentyal/issues/2037 . long story short is this.
After some hours of research we found that in file "/etc/init.d/suricata" (date of 2nd March 2021) the line 68 was as following:
LISTEN_OPTIONS=" $NFQUEUE"
but it has to be
LISTEN_OPTIONS=" -q $NFQUEUE"
After correcting this and restarting the system, the module behaves as expected as far as we can see.

Fixed mine.....
47
Installation and Upgrades / Re: Issue with zentyal
« Last post by turalyon on October 20, 2021, 04:19:49 pm »
Hi,

I recommend you to generate a system report and analyze it very careful, specially, the Domain Controller part.

Code: [Select]
/usr/share/zentyal/smart-admin-report

Also, did you analyze the following log files:

* /var/log/syslog
* /var/log/zentyal/zentyal.log

Hope it helps you.

--

“This world is ours, and by the Holy Light we will keep it safe, now and forever".
48
Other modules / Re: Zentyal 6.2
« Last post by turalyon on October 20, 2021, 04:16:44 pm »
Hi,

You could try to reconfigure your DLZ back-end as the below link explains:

* https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Reconfiguring_the_BIND9_DLZ_Back_End

If that doesn't fix the issue, paste me the result of the following commands:

Code: [Select]
ls -lad /var/lib/samba/
ls -la /var/lib/samba/

Also, did you analyze the following log files?

* /var/log/syslog
* /var/log/zentyal/zentyal.log

Hope it helps you.

--

“This world is ours, and by the Holy Light we will keep it safe, now and forever".
49
Hi,

There is an old open issue in Github about IPv6, however, at this moment, Zentyal does not support it.

* https://github.com/zentyal/zentyal/issues/2018

--

“This world is ours, and by the Holy Light we will keep it safe, now and forever".
50
Installation and Upgrades / Re: Issue with zentyal
« Last post by spst on October 20, 2021, 11:16:54 am »
Hi,

I experience the same mistake. Zentyal 6.2 with latest updates.

When I try to restart on dashboard or command line I have this error in zentyal.log:

2021/10/20 03:17:37 INFO> Service.pm:965 EBox::Module::Service::restartService - Restarting service for module: mail
2021/10/20 03:17:39 ERROR> LDAP.pm:196 EBox::Module::LDAP::_connectToSchemaMaster - Error binding to schema master LDAP: An error occurred in C<Net::LDAP>
 at Error binding to schema master LDAP: An error occurred in C<Net::LDAP>
 at /usr/share/perl5/EBox/Module/LDAP.pm line 196
EBox::Module::LDAP::_connectToSchemaMaster('EBox::Mail=HASH(0x5567c4f07eb8)') called at /usr/share/perl5/EBox/Module/LDAP.pm line 275
EBox::Module::LDAP::_loadSchemasFiles('EBox::Mail=HASH(0x5567c4f07eb8)', 'ARRAY(0x5567c6434800)') called at /usr/share/perl5/EBox/Module/LDAP.pm line 267
EBox::Module::LDAP::_loadSchemas('EBox::Mail=HASH(0x5567c4f07eb8)') called at /usr/share/perl5/EBox/Module/LDAP.pm line 341
EBox::Module::LDAP::_performSetup('EBox::Mail=HASH(0x5567c4f07eb8)') called at /usr/share/perl5/EBox/Module/LDAP.pm line 331
EBox::Module::LDAP::_regenConfig('EBox::Mail=HASH(0x5567c4f07eb8)', 'restart', 1, 'restartModules', 1) called at /usr/share/perl5/EBox/Module/Kerberos.pm line 378
EBox::Module::Kerberos::_regenConfig('EBox::Mail=HASH(0x5567c4f07eb8)', 'restart', 1, 'restartModules', 1) called at /usr/share/perl5/EBox/Module/Service.pm line 967
eval {...} at /usr/share/perl5/EBox/Module/Service.pm line 966
EBox::Module::Service::restartService('EBox::Mail=HASH(0x5567c4f07eb8)', 'restartModules', 1) called at /usr/share/perl5/EBox/Util/Init.pm line 121
eval {...} at /usr/share/perl5/EBox/Util/Init.pm line 119
EBox::Util::Init::moduleAction('mail', 'restartService', 'restart') called at /usr/share/perl5/EBox/Util/Init.pm line 247
EBox::Util::Init::moduleRestart('mail') called at /usr/bin/zs line 62
main::main at /usr/bin/zs line 82
2021/10/20 03:17:39 ERROR> Service.pm:969 EBox::Module::Service::restartService - Error restarting service: Error binding to schema master LDAP: An error occurred in C<Net::LDAP>
2021/10/20 03:17:39 ERROR> Service.pm:971 EBox::Module::Service::restartService - Error binding to schema master LDAP: An error occurred in C<Net::LDAP>
 at Error binding to schema master LDAP: An error occurred in C<Net::LDAP>
 at /usr/share/perl5/EBox/Module/Service.pm line 971
EBox::Module::Service::restartService('EBox::Mail=HASH(0x5567c4f07eb8)', 'restartModules', 1) called at /usr/share/perl5/EBox/Util/Init.pm line 121
eval {...} at /usr/share/perl5/EBox/Util/Init.pm line 119

When the mail service shuts down, I can't restart it.  Later, when I get up in the morning I can restart the mail service with the zs mail start command.

This is a serious problem, could anyone help?

Thank you for your help.
Pages: 1 ... 3 4 [5] 6 7 ... 10