Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - txsastre

Pages: [1] 2
1
Installation and Upgrades / Error adding zentyal to a Win2003 AD
« on: October 01, 2013, 02:12:12 pm »
hi there, after a succesfull join of a zentyal 3.0 to the windows 2003AD I tried to do the same with a zentyal 3.2 (same configuration) but I've got always this error:  FATAL: Could not connect to samba LDAP server.

Anybody can tell me what's wrong ?

Code: [Select]
2013/10/01 14:09:38 INFO> Provision.pm:1275 EBox::Samba::Provision::__ANON__ - Executing domain join
2013/10/01 14:09:51 WARN> LDB.pm:197 EBox::LDB::safeConnect - Could not connect to Samba LDB: connect: No such file or directory, retrying. (1 attempts)
2013/10/01 14:10:01 WARN> LDB.pm:197 EBox::LDB::safeConnect - Could not connect to Samba LDB: connect: No such file or directory, retrying. (100 attempts)
2013/10/01 14:10:11 WARN> LDB.pm:197 EBox::LDB::safeConnect - Could not connect to Samba LDB: connect: No such file or directory, retrying. (200 attempts)
2013/10/01 14:10:21 WARN> LDB.pm:197 EBox::LDB::safeConnect - Could not connect to Samba LDB: connect: No such file or directory, retrying. (300 attempts)
2013/10/01 14:10:21 DEBUG> LDB.pm:201 EBox::LDB::safeConnect - FATAL: Could not connect to samba LDAP server: connect: No such file or directory at /usr/share/perl5/EBox/LDB.pm line 201
EBox::LDB::safeConnect('EBox::LDB=HASH(0x6932fe0)') called at /usr/share/perl5/EBox/LDB.pm line 155
EBox::LDB::connection('EBox::LDB=HASH(0x6932fe0)') called at /usr/share/perl5/EBox/LDB.pm line 778
EBox::LDB::rootDse('EBox::LDB=HASH(0x6932fe0)') called at /usr/share/perl5/EBox/Samba/Provision.pm line 1061
EBox::Samba::Provision::_addForestDnsZonesReplica('EBox::Samba::Provision=HASH(0x6767bf8)') called at /usr/share/perl5/EBox/Samba/Provision.pm line 1296
EBox::Samba::Provision::provisionADC('EBox::Samba::Provision=HASH(0x6767bf8)') called at /usr/share/perl5/EBox/Samba/Provision.pm line 339
EBox::Samba::Provision::provision('EBox::Samba::Provision=HASH(0x6767bf8)') called at /usr/share/perl5/EBox/Samba.pm line 1038
EBox::Samba::_setConf('EBox::Samba=HASH(0x41b74b0)') called at /usr/share/perl5/EBox/Module/Base.pm line 977
EBox::Module::Base::_regenConfig('EBox::Samba=HASH(0x41b74b0)') called at /usr/share/perl5/EBox/Module/Service.pm line 960
EBox::Module::Service::_regenConfig('EBox::Samba=HASH(0x41b74b0)') called at /usr/share/perl5/EBox/Module/Base.pm line 232
EBox::Module::Base::save('EBox::Samba=HASH(0x41b74b0)') called at /usr/share/perl5/EBox/GlobalImpl.pm line 642
EBox::GlobalImpl::saveAllModules('EBox::GlobalImpl=HASH(0x2c98fc8)', 'progress', 'EBox::ProgressIndicator=HASH(0x2c8c950)') called at /usr/share/perl5/EBox/Global.pm line 95
EBox::Global::AUTOLOAD('EBox::Global=HASH(0x2c96218)', 'progress', 'EBox::ProgressIndicator=HASH(0x2c8c950)') called at /usr/share/zentyal/global-action line 39
2013/10/01 14:10:21 INFO> Base.pm:229 EBox::Module::Base::save - Restarting service for module: dns

Well I can see that there's a ticket about that. http://trac.zentyal.org/ticket/7357

2
Installation and Upgrades / Install zentyal on a raspberry ?
« on: July 16, 2013, 10:03:18 am »
Hi ! i would like to know if its possible to install it on a raspberry.

I've been trying but no result, its due the architecture ?

I wanted to install a captive portal on it.

thanks

3
Installation and Upgrades / AD Domain- Share, permission concepts
« on: June 19, 2013, 12:55:41 pm »
I have an AD windows 2003 and an zentyal server as another domain controller.

The way we shared folder is this one in windows 2003

on the folder properties ,
- tab "sharing" button permissions-> Everyone : change / read.
- tab "security" -> Everyone : "only this folder read, list"

So, how do you do this thing via Zentyal / Samba ? Because I can not see the group "Everyone", ... Shall I create a generic group with everybody inside it ?

Thanks


4
hi there, i'm triying to add a zentyal to a windows 2003 but I don't know whats happening now because moths ago I could do it.

this is the log
as I can see there's a problem that says that the Administrator was not found in the schema, but it really is there !

Code: [Select]
2013/06/17 13:26:13 INFO> Provision.pm:1018 EBox::Samba::Provision::__ANON__ - Executing domain join
2013/06/17 13:26:27 INFO> SysvolSync.pm:204 EBox::Samba::SysvolSync::run - Samba sysvol synchronizer script started
2013/06/17 13:26:30 INFO> Provision.pm:1052 EBox::Samba::Provision::__ANON__ - Running DNS update on remote DC
2013/06/17 13:26:30 INFO> Provision.pm:1057 EBox::Samba::Provision::__ANON__ - Running KCC on remote DC
2013/06/17 13:26:33 INFO> Provision.pm:1064 EBox::Samba::Provision::__ANON__ - Purging the Zentyal LDAP to import Samba users
2013/06/17 13:26:33 INFO> LDB.pm:528 EBox::LDB::ldapServicePrincipalsToLdb - Loading Zentyal service principals into samba database
2013/06/17 13:26:33 INFO> Provision.pm:339 EBox::Samba::Provision::mapAccounts - Mapping domain administrator account
2013/06/17 13:26:33 INFO> User.pm:467 EBox::Samba::User::addToZentyal - Adding samba user 'Administrador' to Zentyal
2013/06/17 13:26:33 DEBUG> LdbObject.pm:255 EBox::Samba::LdbObject::save - There was an error updating LDAP: 0000200A: objectclass_attrs: attribute 'uidNumber' on entry 'CN=Administrador,CN=Users,DC=inca-d,DC=incaciutat,DC=com' was not found in the schema!

5
Installation and Upgrades / additional AC, 2 cards, DNS problem
« on: April 04, 2013, 10:08:03 am »
scenario
1 server win2003 - AC primary

1 server zentyal, 2 network card- AC  additional.

the joining between them works perfect but there is a problem, the zentyal has 2 networks because I want to use it as a proxy server.

If I only configure 1 network (the one witch connects the 2 servers) everything works perfect, but when I configure the network that is going to be used as proxy for the users I get an error and the DNS stops working.

/var/log/zentyal/zentyal.log

2013/04/04 10:06:09 INFO> Service.pm:821 EBox::Module::Service::restartService - Restarting service for module: dns
2013/04/04 10:06:10 WARN> DNS.pm:1578 EBox::DNS::_launchNSupdate - Cannot contact with named, trying in posthook
2013/04/04 10:06:11 ERROR> Sudo.pm:234 EBox::Sudo::_rootError - root command nsupdate -l -t 10 /var/lib/zentyal/tmp/puriC7rmcq failed.
Error output: ; TSIG error with server: tsig indicates error
 update failed: REFUSED(BADKEY)

Command output: .
Exit value: 2
2013/04/04 10:06:11 ERROR> Service.pm:826 EBox::Module::Service::__ANON__ - Error restarting service: root command nsupdate -l -t 10 /var/lib/zentyal/tmp/puriC7rmcq failed.
Error output: ; TSIG error with server: tsig indicates error
 update failed: REFUSED(BADKEY)

Command output: .
Exit value: 2
2013/04/04 10:06:11 ERROR> RestartService.pm:67 EBox::CGI::SysInfo::RestartService::__ANON__ - Restart of DNS from dashboard failed: root command nsupdate -l -t 10 /var/lib/zentyal/tmp/puriC7rmcq failed.
Error output: ; TSIG error with server: tsig indicates error
 update failed: REFUSED(BADKEY)

Command output: .
Exit value: 2

6
hi, after I've done all the necessary steps to do so, once the zentyal is in the domain and connected as a part of an AD server, it does not get users nor groups.

I mean, everything seems ok, but it is not getting users / groups from de windows 2003 AD.

by the way I've done and nmap to the windows server and I can see a lot of open ports, maybe its the problem there ? I don't know what else do. Because I've done the same steps with the same scene in another LAN and it has worked there.

This server is supposed to be the AD server and DNS server.

Starting Nmap 5.21 ( http://nmap.org ) at 2013-03-13 22:43 CET
Nmap scan report for 192.168.200.29
Host is up (0.0013s latency).
Not shown: 984 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
88/tcp   open  kerberos-sec
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
389/tcp  open  ldap
445/tcp  open  microsoft-ds
464/tcp  open  kpasswd5
593/tcp  open  http-rpc-epmap
636/tcp  open  ldapssl
1031/tcp open  iad2
1036/tcp open  unknown
1054/tcp open  unknown
3268/tcp open  globalcatLDAP
3269/tcp open  globalcatLDAPssl
3389/tcp open  ms-term-serv
5666/tcp open  nrpe


7
Hi there

I have expended all the morning with a little problem, I configured a zentyal server, and when trying to add to the domain (zentyal) an XP and a Debian machines (with PBIS Open 7.0 Linux) i get all the time "permission denied"

The problem was due I created and user who belonged to "domain Admins", and using those users I was unable to add the machines to the domain.

Solution : Using the built-in user "Administrator" I've been able to set both machines into the domain.

Before upgrading zentyal, I was able to add machines with any member of "domains Admin".

Please check it.

8
Hi there, I'm testing zentyal 3.0 final

I'm testing http-proxy, and everything I tried work fine, except the SSO, when I activate it, it does not work as it should, in fact it does not uses any ACL, only the "any" that is set to "deny", so they cannot navigate anywhere.

The client machines were Win XP, logged to the zentyal domain.

Do I need to install anything else on the server or client desktops ?

thank you.

9
Installation and Upgrades / RC2 - http proxy problems
« on: September 11, 2012, 10:21:23 am »
As normal http-proxy (no ssl)

things that does not work as expected.

- domain categories.

After created a Filter profile and assigned to a group
I downloaded a list file and Denied specific set of categories, I've tested all the "automobile" categories, but when exploring the web with the correct user I can go to "ferrari, ducati, f1, motogp ..." I shouldn't be allowed an sometimes, it breaks it , does not work at all, and uses the "any-any" rule, that I have set to "deny" so I cannot go anywhere.

in the log i can see when this happens that the user row has the same IP that the machine I'm using, not the user.

--------------------------

ssl-kerberos.

It does not work at all. Well it does not ask for an user, but the browsers always says "access to cache denied", because it is using the any rule (set to deny).

in the log i can see than when using ssl, the user row does not have any users it has an '-' instead.

10
Hi there, still testing the 3.0 RC1.

In the proxy access rules I've created a very simple scenario 1 rule for 1 group (inside the group there are a few users).

The rule is "all time", "myGroup". "Allow All"

The PC (win XP) is correctly inside the zentyal-domain, but when I try to navigate (proxy correctly set) it shows to me an error. "access to cache denied" and I cannot navigate to anywhere.

But when I set the rules to "all time", "ANY". "Allow All" it works, but, obviously not filtering anything.

am I missing something ? or maybe its because its an RC version ?

Thanks !

[edit] a fer more tests. it seems that the groups does not afect the filters, so if the las rule to any is Allow all, so, everithing is working, but if is set to DENY, nobody can navigate.

So, the problem is focused on the relation between the groups and the proxy, seem that it does not recognize them.

11
Hi again. I like the new look of the zentyal server :)

I've installed the "office" module, and now I am trying to add a windows machine to this domain wich its name bios is "zentyal-domain"

when I set up the domain name in the XP machine it founds it, because an user and a password is asked to me, but when I write there it always says the same "error joining "ZENTYAL-DOMAIN" , unknown user o bad password"

I've created an user and it does not work, so I've notice that the check box "administrator rights" is missing (again), also I've tried with the user "Administrator" and not luck.

any clues about this problem ?

thank you !

12
How could I add a windows XP to a 2.3 server ?

I cannot set a user as "administrator", son when I try to add a machine to the domain, when I set user/pass i says that "unknown user / incorrect password". So I assume a lack of privileges here.

How can I create an user with this rights, I see that it is not implemented via GUI.

thanks !

13
hello everybody

I've used zentyal as a slave of a windows 2003 AD, it works ok, as I can see users and groups.

So I tryied to install proxy-cache and content filtering, but when I go to "gateway->http proxy->group policies" add a new group (wich comes from AD) and an errors occours  :

"Global group policy need a global policy with authentication"

and I don't know what else test to solve it.
can you help me ? thanks.

14
Installation and Upgrades / PDC, BDC. login users questions.
« on: September 28, 2011, 11:59:12 am »
hi all

I'm doing some tests and I've installed 2 Zentyal servers, one of them is LDAP domain primary controller and the other one is an slave of it.


I've tested the slave and I can see the users and grups, so I guess its working properly.


The question is. When I stop the PDC, users can not be validated through the slave ... Is this normal?



Thank you.

15
Spanish / duda PDC, BDC login usuarios
« on: September 28, 2011, 11:56:05 am »
hola a todos

estoy haciendo unas pruebas y he montado 2 servers zentyal, uno de ellos es el LDAP PD del dominio y al otro lo he montado como esclavo del mismo.

en el esclavo puedo ver los usuarios, hasta aqui todo ok.

la duda que tengo, es que si paro el PDC, los usuarios no se pueden validar a traves del esclavo... esto es normal ?

ya que la idea es tener un PDC centralizado y en otras sedes un esclavo para que se puedan validar.

gracias.

Pages: [1] 2