Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Trigger config backup from command line
« on: March 21, 2014, 12:32:42 pm »
I like the Duplicity backup that's included with Zentyal, but I prefer the transparency of rsync so am switching to a snapshotted rsync backup via cron. But I'd also like to schedule a backup of the Zentyal config to the same destination (USB drive).
Is there a way to trigger the config backup from the command line - and ideally specify the destination?
Is there a way to trigger the config backup from the command line - and ideally specify the destination?
2
Installation and Upgrades / Send email from the command line
« on: March 21, 2014, 12:30:34 pm »
I'm running a cron script which I want to email the results from. Normally I'd install eg mailutils and just use the 'mail' command.
Is this OK to do on a Zentyal install - I don't want to tread on the toes of Zentyal's own MTA etc (I'm not using groupware - just the standard mail server) - and/or is there a built in way to do a very simple mail send from the command line with what's installed in Zentyal?
Is this OK to do on a Zentyal install - I don't want to tread on the toes of Zentyal's own MTA etc (I'm not using groupware - just the standard mail server) - and/or is there a built in way to do a very simple mail send from the command line with what's installed in Zentyal?
3
Installation and Upgrades / 3.3 upgrade - dovecot allows any password from localhost (eg webmail)
« on: January 05, 2014, 05:14:33 pm »
Just recently upgraded to 3.2 (which broke my smb) then to 3.3 (which loosely fixed it - will try to figure out how/why and post elsewhere). I just discovered that in webmail (I have a separate Roundcube installed, not the Zentyal one) that you could log in with any password to any user account. Not ideal!
Traced it to: /usr/share/zentyal/stubs/mail/dovecot.conf.mas - which contains this:
This seems to do, well, exactly that - allow any password when connecting from localhost (ie using webmail). I commented out this section and that seems to fix it. Looking at git, this arrived in 3.2... although I can't imagine why. Am I missing something - is this deliberate, or a bug?
Traced it to: /usr/share/zentyal/stubs/mail/dovecot.conf.mas - which contains this:
Code: [Select]
passdb {
driver = static
args = nopassword=y allow_nets=127.0.0.1/32
}
This seems to do, well, exactly that - allow any password when connecting from localhost (ie using webmail). I commented out this section and that seems to fix it. Looking at git, this arrived in 3.2... although I can't imagine why. Am I missing something - is this deliberate, or a bug?
4
Installation and Upgrades / How to stop/forward queries for hosts on same domain
« on: April 03, 2013, 01:54:09 pm »
I have a public webserver, www.mydomain.com, which serves DNS for the domain mydomain.com. That all works fine. I have set up my zentyal server - to serve mail, smb, etc, on my internal network as office.mydomain.com (host office on domain mydomain.com). I don't particularly need DNS services on it, but the other services require it.
Problem is now that my Zentyal server cannot resolve eg www.mydomain.com and news.mydomain.com - it claims ownership of mydomain.com and because these hosts are not set in it's own DNS, it cannot resolve them. My DNS records are a little tricky to replicate on Zentyal, so I would ideally like it to forward requests to eg my internal router, which will handle searching elsewhere for them.
Think I might have planned wrong here somewhere by using mydomain.com as the domain of my computer :| But any ideas much appreciated...
Problem is now that my Zentyal server cannot resolve eg www.mydomain.com and news.mydomain.com - it claims ownership of mydomain.com and because these hosts are not set in it's own DNS, it cannot resolve them. My DNS records are a little tricky to replicate on Zentyal, so I would ideally like it to forward requests to eg my internal router, which will handle searching elsewhere for them.
Think I might have planned wrong here somewhere by using mydomain.com as the domain of my computer :| But any ideas much appreciated...
5
Installation and Upgrades / Safest way to add FTP support for one user
« on: April 01, 2013, 02:04:06 am »
I need to allow FTP access for only one user - it is for an incoming automated backup from a remote server, so I have some flexibility in how I set it up.
I see the PAM option, but it seems all-or-nothing and I would rather not enable FTP access for all users as it is not needed and
another security concern. OTOH, I could create a regular, non-zentyal system user, which would presumably get FTP access without involving Zentyal (other than using it to configure the FTP server itself) - but another system user could potentially be an SSH security issue.
What's the easiest and/or safest way of doing this?
I see the PAM option, but it seems all-or-nothing and I would rather not enable FTP access for all users as it is not needed and
another security concern. OTOH, I could create a regular, non-zentyal system user, which would presumably get FTP access without involving Zentyal (other than using it to configure the FTP server itself) - but another system user could potentially be an SSH security issue.
What's the easiest and/or safest way of doing this?
6
Installation and Upgrades / Change password via LDAP or command line
« on: March 29, 2013, 03:27:31 pm »
I'm trying to let users change passwords other than through the user corner (in this case, doing so via the roundcube password plugin).
I can get it working via LDAP, connecting on port 390 - but that only changes the password for mail etc, it does not change the SMB password. (I found other references to this on the forum but no resolution). If I try the same method on port 389, it fails to connect.
So, is it possible to:
Either should enable me to adjust the RC password plugin to work with Zentyal.
I can get it working via LDAP, connecting on port 390 - but that only changes the password for mail etc, it does not change the SMB password. (I found other references to this on the forum but no resolution). If I try the same method on port 389, it fails to connect.
So, is it possible to:
- Change the samba password via LDAP; or
- Change a user's password via the command line?
Either should enable me to adjust the RC password plugin to work with Zentyal.
7
Installation and Upgrades / Administrator vs administrator
« on: March 28, 2013, 09:06:57 pm »
This may be a daft question - but Zentyal seems to create two users:
When I SSH into the box, I do so as administrator; I am unable to do so as Administrator. But when I tried to connect via SMB, I was not able to do so as either - until I went to the user module and changed/set the password for Administrator. But I still cannot SMB as administrator.
If there is a straightforward answer, I'd love to know the difference
- Administrator - appears in the standard users module
- administrator doesn't but seems to be a standard system user
When I SSH into the box, I do so as administrator; I am unable to do so as Administrator. But when I tried to connect via SMB, I was not able to do so as either - until I went to the user module and changed/set the password for Administrator. But I still cannot SMB as administrator.
If there is a straightforward answer, I'd love to know the difference
8
Installation and Upgrades / Is Samba secure?
« on: March 20, 2013, 11:49:33 am »
A fairly basic question but I couldn't find a clear answer anywhere... just setting up certs etc but there are no security options for file sharing. Is Samba intrinsically secure/encrypted - both for the initial password exchange and subsequent transfer activity?
If not, is there a way for it to be so - I don't really want to set up the VPN but perhaps that's the only answer?
If not, is there a way for it to be so - I don't really want to set up the VPN but perhaps that's the only answer?
9
Installation and Upgrades / Configure multiple full daily backups
« on: March 18, 2013, 12:55:43 pm »
I need to organise backup of my Zentyal server - it will have maybe 500GB data so a remote backup isn't really feasible, so I will be doing it to USB drives.
Being a bit paranoid about backups, the way I have always backed up important servers is to maintain 5 backup disks, one for each (working) day. The correct disk is connected each day and I maintain a full backup on each one. The others are kept elsewhere - so this way I have multiple off-site backups, and even if something disastrous happened on-site, I should only lose a day.
From what I can tell, the built in backup on Zentyal will not support this - just a single backup destination. Is there any way of persuading it to support multiples? Or does anyone have a suggestion for a different solution?
Being a bit paranoid about backups, the way I have always backed up important servers is to maintain 5 backup disks, one for each (working) day. The correct disk is connected each day and I maintain a full backup on each one. The others are kept elsewhere - so this way I have multiple off-site backups, and even if something disastrous happened on-site, I should only lose a day.
From what I can tell, the built in backup on Zentyal will not support this - just a single backup destination. Is there any way of persuading it to support multiples? Or does anyone have a suggestion for a different solution?
10
Installation and Upgrades / Zentyal over Mac OS for file/mail/groupware/web/wiki services
« on: March 04, 2012, 12:01:03 pm »
I run a Mac-based network and am due to migrate my server setup, where I run different web, file and mail servers, for something LDAP-based where I can have shared authentication for them all.
I was all set to go with Lion server, but keep reading how inconsistent, poorly-documented, buggy, etc it is, which is making me think twice - also I would rather have something where I can do all admin web-based (with some CLI) rather than needing actual GUI apps. I'm also a web developer and run a few Plesk-based servers, so although I'm not a Linux expert, this isn't too far outside my comfort zone.
Zentyal looks like just the thing, especially the integrated mail/groupware, but it would be great if anyone offer me a few pointers:
I was all set to go with Lion server, but keep reading how inconsistent, poorly-documented, buggy, etc it is, which is making me think twice - also I would rather have something where I can do all admin web-based (with some CLI) rather than needing actual GUI apps. I'm also a web developer and run a few Plesk-based servers, so although I'm not a Linux expert, this isn't too far outside my comfort zone.
Zentyal looks like just the thing, especially the integrated mail/groupware, but it would be great if anyone offer me a few pointers:
- File services: I could live with SMB but would rather have AFP too. Is it doable to offer AFP, integrated with the OpenLDAP authentication?
- Web/Wiki: I'm used to installing and using Wiki servers, but does anyone know any that can again integrate with OpenLDAP?
- Backup: (of the entire server) is the biggest one. Time Machine on Mac OS is great, and the thing I would miss. I like to keep 5 complete daily backups - that is, I have a Monday drive that first gets a complete backup, then every Monday gets an incremental backup overnight. Same again for Tuesday etc. Is this sort of thing manageable from within Zentyal? And how easy to restore an entire machine?
Pages: [1]