This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Other modules / Re: How to properly re-create a CA in Zentyal
« on: October 15, 2024, 07:59:06 pm »
It is enought to remove /var/lib/zentyal/CA and re-generate.
2
Other modules / How to properly re-create a CA in Zentyal
« on: September 02, 2024, 07:09:59 pm »
My CA is going to expire soon, I'm probably not going to renew cert with old key as its pretty hairy and should update also to better private key. But there is nowhere written how to properly re-create the CA - there seems to be no GUI option to do that. Should I delete the /var/lib/zentyal/CA to re-initialize the "Certificate Authority -> General" to ask for CA creation?
3
Installation and Upgrades / Re: After update from 6.2 to 7.0 can not edit users on DC without fetchmail
« on: May 22, 2023, 11:02:25 am »
Ok, so attributes are synced correcly, just they are base64 and encrypted.. the encryption seems to be the problem...
and well... the /var/lib/zentyal/conf/fetchmail.passwd is used to encrypt the attribute, but this password is of-course not synced between two DC. So matching this pwds make the edit to work also on other DC.
Code: [Select]
WARN zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $optionsStr in split at /usr/share/perl5/EBox/Mail/FetchmailLdap.pm line 228.
WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $mailProtocol in string ne at /usr/share/perl5/EBox/Mail/FetchmailLdap.pm line 591.
WARN> zentyal.psgi:43 Plack::Sandbox::_2fusr_2fshare_2fzentyal_2fpsgi_2fzentyal_2epsgi::__ANON__ - Use of uninitialized value $mailProtocol in string ne at /usr/share/perl5/EBox/Mail/FetchmailLdap.pm line 591.
Code: [Select]
sub _decryptExternalAccountString
{
my ($self, $str) = @_;
my $cipher = $self->_cipher();
$str = decode_base64($str);
$str = $cipher->decrypt($str);
return $str;
}
and well... the /var/lib/zentyal/conf/fetchmail.passwd is used to encrypt the attribute, but this password is of-course not synced between two DC. So matching this pwds make the edit to work also on other DC.
4
Installation and Upgrades / After update from 6.2 to 7.0 can not edit users on DC without fetchmail
« on: May 22, 2023, 10:29:33 am »
Two zentyal instances, one is having the fetchmail (external email retrieval) enabled, after update to 7.0 I can not edit the users on the DC without fetchmail enabled. In the zentyal log there are messages like this:
Code: [Select]
DEBUG> FetchmailLdap.pm:591 EBox::Mail::FetchmailLdap::checkEmailProtocol - Unknown mail protocol: Ä.µ Ý.íÒ.×ÅRüÞ.?ÐúTþG.BÁ´R'¹²÷].b..²òö;6£Ñék(@®.EÜBÌã.Ä.Ë$ܱ<÷Ñ7R.v.v"Òî..ë at Unknown mail protocol: Ä.µ Ý.íÒ.×ÅRüÞ.?ÐúTþG.BÁ´R'¹²÷].b..²òö;6£Ñék(@®.EÜ
BÌã.Ä.Ë$ܱ<÷Ñ7R.v.v"Òî..ë at /usr/share/perl5/EBox/Mail/FetchmailLdap.pm line 591
If I enable fetchmail also on this DC then the generated zentyal-fetchmail.rc is full of garbage. This seems like somehow the attributes for fetchmail are not synced properly?!
5
Other modules / Re: Zentyal 7 DNS: QUERY REFUSED
« on: October 06, 2021, 08:55:35 am »
What you have exactly added to named.conf.local?
I have there among trusted sources localnets, the VPN range is on local tap interface, but queries from VPN are refused. The .mas has also
acl "internal-local-nets" {
% foreach my $net (@internalLocalNets) {
<% $net %>;
% }
};
but I did not found a way to get a VPN ranges into "internalLocalNets" - not sure how zentyal distiguishes this. So you have added directly your VPN IP range somewhere?
Thanks
I have there among trusted sources localnets, the VPN range is on local tap interface, but queries from VPN are refused. The .mas has also
acl "internal-local-nets" {
% foreach my $net (@internalLocalNets) {
<% $net %>;
% }
};
but I did not found a way to get a VPN ranges into "internalLocalNets" - not sure how zentyal distiguishes this. So you have added directly your VPN IP range somewhere?
Thanks
6
Directory and Authentication / Re: [SOLVED] Configuring DNS updates for all DHCP leases (not just domain members)?
« on: May 29, 2021, 07:36:08 pm »
I have the same issue on 6.0 - my question however is - how to get all records of the DHCP and DNS synced at the first place.
samba-tool dns query ad.my.domain my.domain @ ALL
shows results that absolutely do not match the dhcpd.conf.
samba_dnsupdate --verbose --all-names
does nothing with dhcp client names... it only synces whats in /var/lib/samba/private/dns_update_list
I can do that manually via samba-tool dns but it is very tedious even for few addresses.
Any ideas?
samba-tool dns query ad.my.domain my.domain @ ALL
shows results that absolutely do not match the dhcpd.conf.
samba_dnsupdate --verbose --all-names
does nothing with dhcp client names... it only synces whats in /var/lib/samba/private/dns_update_list
I can do that manually via samba-tool dns but it is very tedious even for few addresses.
Any ideas?
7
Directory and Authentication / Re: Avoid samba binding to a vlan interfaces
« on: December 10, 2020, 06:54:04 pm »
Thanks, I do not like to modify stubs - here is a method that should work: there is a /etc/zentyal/samba.conf with "listen" and "listen_external" directives.. so setting the vlans as "external" and setting "listen_external=no" should work, not sure what else this means for zentyal behavior thou... not sure how to use the "listen" as there also seems to be only "yes,no" - not sure what this is for setting listen to no would cause most of the zentyal functions to be useless right?
8
Directory and Authentication / Avoid samba binding to a vlan interfaces
« on: December 09, 2020, 10:57:26 am »
I've Zentyal 6 and I created a two vlans in the interfaces, however samba not binds to their IPs and is trying to use the for replays for requests that came on a primary IP. The best would be to avoid this. Is the
checkbox
External (WAN) Check this if you are using Zentyal as a gateway and this interface is connected to your Internet router.
the way to achieve the samba to not to bind to those vlan IPs?
Thanks.
checkbox
External (WAN) Check this if you are using Zentyal as a gateway and this interface is connected to your Internet router.
the way to achieve the samba to not to bind to those vlan IPs?
Thanks.
9
Other modules / How to sort the users in web UI?
« on: October 05, 2019, 02:55:10 pm »
Is there a way to show the users sorted according login user name or anything else in the Samba/Tree/Manage (i.e. Users and Computers) web UI? Is seems it is by defaul sorted according to Display name which is kidna weired and there is no obvious way how to change it.
10
Installation and Upgrades / Re: Upgrading server from 4.2 to 5.0: errors in redis blocking setup of zentyal-core
« on: August 09, 2019, 09:16:22 am »
The final notice - the Z5.0 seems to use the default redis installation and config - if failed during install clean the /var/lib/redis/ and copy there a DB dump from /var/lib/zentyal/dump.rdb chown redis:redis and you are good to go.
11
Installation and Upgrades / Re: Upgrading server from 4.2 to 5.0: errors in redis blocking setup of zentyal-core
« on: August 08, 2019, 11:36:14 pm »
What helped to me now - hard reboot, after upgrade to systemd formal upstart system, the system can not reboot thru systemd.
After that I remove the requirepass directive in /var/lib/zentyal/conf/redis.conf otherwise I got:
manually started redis with the zentyal config and re configured dpkg... it complained about upstart, but at least moved on:
then you have to manually stop services like bind, samba etc. that were started by systemd at boot to continue with reconfiguration of packages... but still not there to start everything OK.... TBC.
Good luck.
After that I remove the requirepass directive in /var/lib/zentyal/conf/redis.conf otherwise I got:
Code: [Select]
dpkg --configure zentyal-core
Setting up zentyal-core (5.0.14) ...
Reconnecting to redis server (1 try)... at /usr/share/perl5/EBox/Config/Redis.pm line 476.
Reconnecting to redis server (2 try)... at /usr/share/perl5/EBox/Config/Redis.pm line 476.
Reconnecting to redis server (3 try)... at /usr/share/perl5/EBox/Config/Redis.pm line 476.
Reconnecting to redis server (4 try)... at /usr/share/perl5/EBox/Config/Redis.pm line 476.
Redis command 'get version' failed: [get] NOAUTH Authentication required., at /usr/share/perl5/EBox/Config/Redis.pm line 453.
dpkg: error processing package zentyal-core (--configure):
subprocess installed post-installation script returned error exit status 29
Errors were encountered while processing:
zentyal-core
manually started redis with the zentyal config and re configured dpkg... it complained about upstart, but at least moved on:
Code: [Select]
dpkg --configure zentyal-core
Setting up zentyal-core (5.0.14) ...
Synchronizing state of zentyal.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable zentyal
initctl: Unable to connect to Upstart: Failed to connect to socket /com/ubuntu/upstart: Connection refused
insserv: warning: script 'lxdm' missing LSB tags and overrides
insserv: Default-Start undefined, assuming empty start runlevel(s) for script `lxdm'
insserv: Default-Stop undefined, assuming empty stop runlevel(s) for script `lxdm'
initctl: Unable to connect to Upstart: Failed to connect to socket /com/ubuntu/upstart: Connection refused
insserv: warning: script 'lxdm' missing LSB tags and overrides
insserv: Default-Start undefined, assuming empty start runlevel(s) for script `lxdm'
insserv: Default-Stop undefined, assuming empty stop runlevel(s) for script `lxdm'
Processing triggers for zentyal-core (5.0.14) ...
* Restarting Zentyal module: webadmin [ OK ]
* Restarting Zentyal module: logs [ OK ]
then you have to manually stop services like bind, samba etc. that were started by systemd at boot to continue with reconfiguration of packages... but still not there to start everything OK.... TBC.
Good luck.
12
Installation and Upgrades / Re: Upgrading server from 4.2 to 5.0: errors in redis blocking setup of zentyal-core
« on: August 08, 2019, 10:49:33 pm »
Even thou this is old topic, I have the same problem. I did a test install of 3.5 and tried if I am able to upgrade to later version. 4.0 was fine, but during upgrade to 5.0 from web interface if ended with Zentyal upgrade failed. The problem is that zentyal-core is not properly configured at time when the package is installed. It fails to reach redis. As far as I can tell, this is a problem related to conversion to systemd. During redis installation the redis is started by the unit "consumes" the port 6379 or something and zentyal starts the redis on 6380, but the core package update is not able to use the redis on different port, at least I saw several times the redis started at 6380. Even thou I changed it to 6379 and disabled the unit and started it manualy the zentyal-core is not able to finish the reconfiguration. The next problem seems authentication - zentyal-core is probably not able to authenticated to redis during install.
Whatever is causing this is preveting the smooth 4.x->5.x upgrade. I tried to start the redis server manually same way as it was started at 4.0 (sudo -u ebox redis-server /var/lib/zentyal/conf/redis.conf) but the dpkg --configure -a is stuck forever, the zentyal GUI is unreachable as it is not configured/working.
Code: [Select]
ebox.redis stop/waiting
Stopping redis-server: redis-server.
cp: cannot create regular file ‘/var/lib/redis/dump.rdb’: No such device or address
Starting redis-server: redis-server.
* Stopping Zentyal module: printers
...done.
mv: cannot stat ‘/etc/zentyal/stubs’: No such file or directory
Upgrading from Ubuntu 14.04 to 16.04 with Zentyal 5.0...
Preparing to unpack .../redis-server_2%3a3.0.6-1ubuntu0.4_amd64.deb ...
/usr/sbin/invoke-rc.d: 1: /usr/sbin/invoke-rc.d: /sbin/runlevel: not found
invoke-rc.d: could not determine current runlevel
Stopping redis-server: redis-server.
Unpacking redis-server (2:3.0.6-1ubuntu0.4) over (2:2.8.4-2ubuntu0.2) ...
dpkg: warning: unable to delete old directory '/var/log/redis': Directory not empty
dpkg: warning: unable to delete old directory '/var/lib/redis': Directory not empty
Setting up zentyal-core (5.0.14) ...
Installing new version of config file /etc/cron.daily/zentyal ...
Installing new version of config file /etc/logrotate.d/zentyal-core ...
Configuration file '/etc/zentyal/core.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
==> Keeping old config file as default.
Configuration file '/etc/zentyal/hooks/template.postsetconf'
==> Deleted (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
==> Keeping old config file as default.
Installing new version of config file /etc/zentyal/zentyal.conf ...
Could not connect to Redis server at 127.0.0.1:6379: Connection refused at /usr/share/perl5/EBox/Config/Redis.pm line 511.
dpkg: error processing package zentyal-core (--configure):
subprocess installed post-installation script returned error exit status 111
Whatever is causing this is preveting the smooth 4.x->5.x upgrade. I tried to start the redis server manually same way as it was started at 4.0 (sudo -u ebox redis-server /var/lib/zentyal/conf/redis.conf) but the dpkg --configure -a is stuck forever, the zentyal GUI is unreachable as it is not configured/working.
13
Installation and Upgrades / Re: Interval for sending a service alert
« on: February 27, 2015, 05:08:06 pm »
I've found
SCANNING_INTERVAL = 60
EVENT_FOLDING_INTERVAL = 30 * 60
in EventDaemon.pm hardcoded.
I am just surprised zentyal is sending me a mail every 60s but it looks like it should send it every 30minutes but check every 60s.
SCANNING_INTERVAL = 60
EVENT_FOLDING_INTERVAL = 30 * 60
in EventDaemon.pm hardcoded.
I am just surprised zentyal is sending me a mail every 60s but it looks like it should send it every 30minutes but check every 60s.
14
Installation and Upgrades / Interval for sending a service alert
« on: February 27, 2015, 03:03:56 pm »
Is it somewhere possible to set an interval in which is Zentyal checking the events and sending alerts? Mainly checking its own services as it seems it checks it every minute, generating an email every minute when something is wrong. This merely causes s DoS on mailbox...
15
Installation and Upgrades / Re: Z3.5 - Cannot delete File Sharing directly created on a Group
« on: December 04, 2014, 12:41:19 pm »
OK, here is the answer:
https://forum.zentyal.org/index.php/topic,20981.msg91206.html#msg91206
https://forum.zentyal.org/index.php/topic,20981.msg91206.html#msg91206
Pages: [1] 2