This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Directory and Authentication / Re: ldbsearch -H /var/lib/samba/private/sam.ldb -s base 'dn' --debug-stderr
« on: March 12, 2023, 12:49:09 am »Thank you all for working to fix this issue promptly.
2
Directory and Authentication / Re: ldbsearch -H /var/lib/samba/private/sam.ldb -s base 'dn' --debug-stderr
« on: March 10, 2023, 01:19:00 pm »https://github.com/zentyal/zentyal/compare/master...Deslack:zentyal:patch-1#diff-ff17a008852abbbb52bac92e18e00a344324e3dd95f7778f5d2173bae417e44b
Great idea Deslack however, I suspect this will never get merged.. Look at https://github.com/zentyal/zentyal/pulls?q=is%3Apr+is%3Aclosed
Last accepted PR was late 2020 so we are now waiting for Zentyal 8 (supposedly to be released around May)
Well at least it's out there.
4
Installation and Upgrades / Re: Zentyal 7.0 Install on a LXC Container
« on: August 15, 2021, 12:29:22 pm »
Hello Daniel,
I apologize for reverting back after so long.
I used a Ubuntu LTS 20.04 LXC Container Template in Proxmox installation. I realize that after running the zentyal_installer.sh script, I haven't got gnupg2 installed, so I installed it afterwards, then re-ran the zentyal-installer.sh script. Since the script already found the line inside /etc/apt/sources.list, it won't proceed with the apt-key.
Maybe either check for gnupg2 before apt-key, or use another way to determine whether the key is already installed?
I apologize for reverting back after so long.
I used a Ubuntu LTS 20.04 LXC Container Template in Proxmox installation. I realize that after running the zentyal_installer.sh script, I haven't got gnupg2 installed, so I installed it afterwards, then re-ran the zentyal-installer.sh script. Since the script already found the line inside /etc/apt/sources.list, it won't proceed with the apt-key.
Maybe either check for gnupg2 before apt-key, or use another way to determine whether the key is already installed?
5
Installation and Upgrades / Zentyal 7.0 Install on a LXC Container
« on: July 16, 2021, 04:10:57 pm »Hello guys,
Just installed Zentyal 7.0 on a Ubuntu 20.04 LTS using the install script as highlighted here:
https://doc.zentyal.org/en/installation.html#installation-on-top-of-ubuntu-20-04-lts-server-or-desktop
I tried it and got it running with a minor kink as follow
Code: [Select]
# ./zentyal_installer.sh
Do you want to install the Zentyal Graphical environment? (n|y) n
- Checking Ubuntu version...
...OK
- Checking for broken packages...
...OK
- Checking for available disk space...
...OK
- Checking if the system is up-to-date...
W: GPG error: http://ppa.launchpad.net/oisf/suricata-stable/ubuntu focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY D7F87B2966EB736F
E: The repository 'http://ppa.launchpad.net/oisf/suricata-stable/ubuntu focal InRelease' is not signed.
Which I remedied with:
Code: [Select]
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D7F87B2966EB736F
to add the suricata's pubkey to the repository. After that, ./zentyal-installer.sh ran fine.
Just a heads up for you guys.
6
Installation and Upgrades / Re: Zentyal 7.0 - Temporary failure in name resolution
« on: March 31, 2021, 11:01:53 am »
Hello,
I had the same problem as Gabriel, and got it fixed after applying the stub fix.
Think this should be included as an official patch.
I had the same problem as Gabriel, and got it fixed after applying the stub fix.
Think this should be included as an official patch.
7
Installation and Upgrades / Re: Webadmin unable to start after upgrading from 6,2 to 7.0
« on: March 30, 2021, 01:24:40 pm »Quote
root@kekwa:~# ./postUpgradeProcedure.sh
- Regenerating Nginx cert...
SSL directory /conf/ssl does not exist, we will create it
New key file generated: '/conf/ssl/ssl.key'
New certificate file generated: '/conf/ssl/ssl.cert'
New PEM file generated: '/conf/ssl/ssl.pem'
All server's certificate files in place
ln: failed to create symbolic link '/sbin/iptables': File exists
ln: failed to create symbolic link '/usr/bin/bash': File exists
- Creating the new DNS directory for Samba DLZ...
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Reading domain information
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
DNS accounts already exist
No zone file /var/lib/samba/bind-dns/dns/ZENTYAL-DOMAIN.LOCAL.zone
/usr/sbin/samba_upgradedns:338: DeprecationWarning: The 'warn' method is deprecated, use 'warning' instead
logger.warn("DNS records will be automatically created")
DNS records will be automatically created
DNS partitions already exist
dns-kekwa account already exists
BIND version unknown, please modify /var/lib/samba/bind-dns/named.conf manually.
ATTENTION: The BIND configuration and keytab has been moved to: /var/lib/samba/bind-dns Please update your BIND configuration accordingly.
Finished upgrading DNS
zentyal-ca was already set to manually installed.
zentyal-core was already set to manually installed.
zentyal-dhcp was already set to manually installed.
zentyal-dns was already set to manually installed.
zentyal-firewall was already set to manually installed.
zentyal-network was already set to manually installed.
zentyal-ntp was already set to manually installed.
zentyal-samba was already set to manually installed.
zentyal-software was already set to manually installed.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
./postUpgradeProcedure.sh: line 54: checkBrokenPackages: command not found
*** Zentyal upgrade finished! Please restart your server now.
After moving /conf/ssl/* properly to /var/lib/zentyal, everything works fine now. Maybe I upgraded to 7.0 a bit too soon. Thank you!
8
Installation and Upgrades / Webadmin unable to start after upgrading from 6,2 to 7.0
« on: March 29, 2021, 03:42:37 pm »
Hello,
After upgrading from 6.2 to 7.0, I ran into problems not able to access the webadmin. Checking the status via
zs webadmin status with it returning stopped, then I attempt to start it via zs webadmin start. Though I got some entries in /var/log/syslog as follows:
After upgrading from 6.2 to 7.0, I ran into problems not able to access the webadmin. Checking the status via
zs webadmin status with it returning stopped, then I attempt to start it via zs webadmin start. Though I got some entries in /var/log/syslog as follows:
Code: [Select]
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Scheduled restart job, restart counter is at 4.
Mar 29 21:37:52 kekwa systemd[1]: Stopped Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa systemd[1]: Started Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa nginx[21964]: nginx: [emerg] SSL_CTX_use_certificate("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Main process exited, code=exited, status=1/FAILURE
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Failed with result 'exit-code'.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Scheduled restart job, restart counter is at 5.
Mar 29 21:37:52 kekwa systemd[1]: Stopped Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa systemd[1]: Started Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa nginx[21977]: nginx: [emerg] SSL_CTX_use_certificate("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Main process exited, code=exited, status=1/FAILURE
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Failed with result 'exit-code'.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Scheduled restart job, restart counter is at 6.
Mar 29 21:37:52 kekwa systemd[1]: Stopped Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa systemd[1]: Started Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa nginx[21979]: nginx: [emerg] SSL_CTX_use_certificate("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Main process exited, code=exited, status=1/FAILURE
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Failed with result 'exit-code'.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Scheduled restart job, restart counter is at 7.
Mar 29 21:37:52 kekwa systemd[1]: Stopped Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa systemd[1]: Started Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa nginx[21981]: nginx: [emerg] SSL_CTX_use_certificate("/var/lib/zentyal/conf/ssl/ssl.pem") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Main process exited, code=exited, status=1/FAILURE
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Failed with result 'exit-code'.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Scheduled restart job, restart counter is at 8.
Mar 29 21:37:52 kekwa systemd[1]: Stopped Nginx http daemon for Zentyal web admin.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Start request repeated too quickly.
Mar 29 21:37:52 kekwa systemd[1]: zentyal.webadmin-nginx.service: Failed with result 'exit-code'.
Mar 29 21:37:52 kekwa systemd[1]: Failed to start Nginx http daemon for Zentyal web admin.
9
Installation and Upgrades / Using .lan or other generic top-level domains are not in best practice
« on: September 17, 2014, 07:50:44 am »
In the Network Configuration with Zentyal documentation, I noticed the naming convention suggested (https://wiki.zentyal.org/wiki/En/3.5/First_steps_with_Zentyal#Network_configuration_with_Zentyal)
It was suggested that the domain be something like zentyal.home.lan, which is contrary to the suggested naming practices of a Active Directory forest. Here's a quote from an article I have read http://blog.varonis.com/active-directory-domain-naming-best-practices/
So I would suggest that Zentyal update its documentation to reflect this best practice.
Quote
Hostname:It is possible to change the hostname or the domain, for example zentyal.home.lan. The hostname will be used as a A register (hostname) of the local DNS domain.
You have to be careful if you intend to change the machine host name or local domain after the installation, the authentication subsystems (Kerberos) will be automatically reconfigured. It's recommended to reboot the machine after this operation, so all the daemons are aware of the change.
It was suggested that the domain be something like zentyal.home.lan, which is contrary to the suggested naming practices of a Active Directory forest. Here's a quote from an article I have read http://blog.varonis.com/active-directory-domain-naming-best-practices/
Quote
Before we discuss current best practices, here are two popular practices that are no longer recommended:
Generic top-level domains like .local, .lan, .corp, etc, are now being sold by ICANN, so the domain you’re using internally today – company.local could potentially become another company’s property tomorrow. If you’re still not convinced, here are some more reasons why you shouldn’t use .local in your AD domain name (http://www.mdmarra.com/2012/11/why-you-shouldnt-use-local-in-your.html)
If you use an external public domain name like company.com, you should avoid using the same domain as your internal AD name because you’ll end up with a split DNS. Split DNS is when you have two separate DNS servers managing the exact same DNS Forward Lookup Zone, increasing the administrative burden.
So I would suggest that Zentyal update its documentation to reflect this best practice.
10
Installation and Upgrades / Re: DNS fails to restart after setting up Domain Controller
« on: April 19, 2012, 02:40:55 pm »
What I did to get by is to delete the example.com domain inside DNS. It would be wonderful if the Samba4 Zentyal module checks whether the PDC domain already exists inside the DNS.
If not yet exist, offer to create it and provision it, and then later add into the DNS Zentyal module.
If already exist, provision it using existing DNS Zentyal entries.
In both cases, we would be able to add Aliases, or do other things with the domain as if it's a normal DNS domain (add host, aliases, SRV, TXT, and whatnots)
If not yet exist, offer to create it and provision it, and then later add into the DNS Zentyal module.
If already exist, provision it using existing DNS Zentyal entries.
In both cases, we would be able to add Aliases, or do other things with the domain as if it's a normal DNS domain (add host, aliases, SRV, TXT, and whatnots)
11
Installation and Upgrades / DNS fails to restart after setting up Domain Controller
« on: April 19, 2012, 12:51:18 pm »
Hello,
I find that the File Sharing adds a line to /etc/bind/named.conf.local whenever I configured Samba as a PDC:
include "/var/lib/samba/private/named.conf";
which contains the DNS entry of the PDC.
Let's assume the domain for the PDC is example.com. I have already set up DNS entry for example.com, and later I install the File Sharing module, configured it and activated it. This results the Bind server complaining of duplicate entry for example.com.
Since my peeking into the entries added by provision.pl is rather comprehensive, could there be some way that the existing DNS entry be merged to the one generated by provision.pl?
I find that the File Sharing adds a line to /etc/bind/named.conf.local whenever I configured Samba as a PDC:
include "/var/lib/samba/private/named.conf";
which contains the DNS entry of the PDC.
Let's assume the domain for the PDC is example.com. I have already set up DNS entry for example.com, and later I install the File Sharing module, configured it and activated it. This results the Bind server complaining of duplicate entry for example.com.
Since my peeking into the entries added by provision.pl is rather comprehensive, could there be some way that the existing DNS entry be merged to the one generated by provision.pl?
12
Installation and Upgrades / Zarafa no longer bundled with Zentyal 2.3/3?
« on: April 05, 2012, 03:53:49 pm »
Greetings fellow beta-testers,
I am wondering whether Zentyal has ceased to offer Zarafa groupware solution in 2.3/3.0, or should I expect it to be in final release?
Thanks.
I am wondering whether Zentyal has ceased to offer Zarafa groupware solution in 2.3/3.0, or should I expect it to be in final release?
Thanks.
Pages: [1]