Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - dzidek23

Pages: [1] 2 3
1
Hi afranca,

If you edit default Linux config files, Zentyal will overwrite them on reboot.

Use Hooks and Stubs to create persistent configuration

please look at https://doc.zentyal.org/en/appendix-c.html#stubs and https://doc.zentyal.org/en/appendix-c.html#hooks

Cheerio

2
News and Announcements / Re: Zentyal 7.0 available!
« on: March 10, 2023, 01:14:31 pm »
Read this:
https://github.com/zentyal/zentyal/issues/2085

Zentyal 8 will either be released around May or not at all :-\

3
https://github.com/zentyal/zentyal/compare/master...Deslack:zentyal:patch-1#diff-ff17a008852abbbb52bac92e18e00a344324e3dd95f7778f5d2173bae417e44b

Great idea Deslack however, I suspect this will never get merged.. Look at https://github.com/zentyal/zentyal/pulls?q=is%3Apr+is%3Aclosed

Last accepted PR was late 2020 so we are now waiting for Zentyal 8 (supposedly to be released around May)

More importantly, Thank you @markus.neubauer and @Deslack

4
Other modules / DNS not recognizing static name allocation
« on: February 28, 2023, 03:31:19 pm »
So I have two machines I'd like to have static IP issued by the server.

Some time ago I created "Objects ❱ Static_Workstation" which included Laptop1, IP, MAC. This was working fine, my domain joined laptop (Laptop1) does get static IP and I can ping it via name on the network.

In the last few days I've added another device (same thing Laptop2, IP, MAC). The device does get the allocated IP but DNS doesn't seem to recognize the name. If I ping Laptop2 all I'm getting is "Ping request could not find host Laptop2. Please check the name and try again."; ping with IP works just fine.

What could I be doing wrong? I've restarted server (probably number of times already) DNS and DHCP; Laptop was restarted many times too.

Typing this, I realized that the only difference between Laptop1 and Laptop2 was that the latter was pre-created in the AD. I created an object called Laptop2 in where I want it to exist. I then joined the laptop and it worked (apart the DNS allocation).

Any suggestions would be greatly received,


5
German / Re: when Zentyal 8.0 will be released?
« on: February 06, 2023, 12:31:57 pm »
Halo prossik,

I agree with your question about next zentyal release, it's been a while since there was any announcement or bigger patch.

However, subject of this thread is rather incorrect. Ubuntu 20.04LTS will be getting standard support until April 2025 so there's no need to panic just yet. https://ubuntu.com/about/release-cycle

Bitte entschuldigen Sie die englische Sprache im deutschen Forum :)

6
Directory and Authentication / Re: PAM User to sudoers
« on: January 18, 2023, 05:50:52 pm »
So I found a way to allow user to use sudo..

Edit the /etc/sudoers and add:

Code: [Select]
domain\\username   ALL=(ALL:ALL) ALLnote "\\" between domain and the username

user must also be in the sudo group

Quote
sudo usermod -aG sudo username

That still leaves me wit allowing only some users access to PAM.

7
Directory and Authentication / PAM User to sudoers
« on: January 17, 2023, 12:00:41 pm »
I understand that it is possible (and easy) to allow AD users to login to the server via ssh; PAM settings under "Users and Computers" -> LDAP Settings.

However this allows all users to have a system account.

Could anyone suggest how can I enable shell for one or some of the AD users?

Also I'm trying to figure out how to add an AD user to system sudoers?
I tried

Code: [Select]
sudo usermod -aG sudo username
adding

Code: [Select]
username      ALL=(ALL:ALL) ALL
and/or
domain\username       ALL=(ALL:ALL) ALL
to the /etc/sudoers

Neither allows me to escalate privilages and I get "Domain\Username is not in the sudoers file.  This incident will be reported."

8
This is a very old post!

my suggestion to the LAB software would be to check DNS settings for the client machine. I would expect your computer does not know where your .com domain is.

You can add it manually to C:\Windows\System32\drivers\etc\hosts and later replace by your network DNS configuration

Also, using the Administrator account for AD queries isn't the best idea.

9
Directory and Authentication / Re: Unauthenticated LDAP Bind
« on: January 17, 2023, 11:41:24 am »
Hi,

not sure what to suggest, maybe apart from configuring firewall.

You could also raise an issue on https://github.com/zentyal/zentyal/issues if you can provide more details, this might be looked at by the developers.

10
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 16, 2022, 03:01:24 pm »
Quote
i installed it with no webGUI
hmm, doesn't this answer your question?

I think you've decided not to install Window Manager in which case you will only be able to access the server via SSH/noVNC command line or webadmin (https://ip:8443).

You won't get graphical user login without Window manager installed.

11
Other modules / smbd_audit fails
« on: December 15, 2022, 03:14:25 pm »
I created an AD user for and network enabled scanner to use (scan_user) and there is a network share with Read/Write permissions for that user (networkscan)

If I run journalctl -xe I get this:

Code: [Select]
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|security.NTACL
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|security.NTACL
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|getxattr|fail (No data available)|/home/samba/shares/networkscan|user.DOSATTRIB
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|get_dos_attributes|fail (No data available)|/home/samba/shares/networkscan
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|get_shadow_copy_data|fail (Function not implemented)|
Dec 15 14:00:10 dc01 smbd_audit[219339]: domain\scan_user|x.x.x.x|fsctl|fail (Function not implemented)|

It does NOT affect operation and users can scan to the share but why am I getting the smbd_audit fails?

12
Directory and Authentication / Radius Authentication Issues
« on: December 15, 2022, 02:48:44 pm »
In my system I use Cisco Catalyst 802.1x for wireless authentication. AP -> Switch -> Zentyal (Radius) -> yes/no
Windows, Android etc, all are working well and users can access network without problems.

However, a HP plotter has some limited settings and trips RADUIS authentication.

With WPA-Enterprise LEAP I get
Code: [Select]
Auth: (1600) Login incorrect (eap_leap: No Cleartext-Password or NT-Password configured for this user): [hp_user]

with WPA-Enterprise PEAP:
Code: [Select]
(1812) Login incorrect (eap_peap: TLS Alert write:fatal:protocol version): [hp_user] (from client x.x.x.x/32 port 60000 cli 40-A8-F0-88-xx-xx)
Thu Dec 15 12:49:06 2022 : ERROR: (1815) eap_peap: ERROR: TLS Alert write:fatal:protocol version

My guess would be ERROR: TLS Alert write:fatal:protocol version TLS version.

Can someone tell me how do I force RADIUS to log used protocol&version or how to enable all TLS so I can at least pin point which version to use?

13
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 14, 2022, 04:56:22 pm »
proxmox with noVNC

It happens sometime that my setup goes to tty1 (for whatever reason)

expand the noVNC side menu, toggle ALT and press F7 on your keyboard. Does work for me..

like here:
https://imgur.com/a/v29gyOe

14
Quote

Also, keep in mind that Zentyal only displays in the GUI the DNS records created by hand in the GUI itself, the rest of the records must be queried using the CLI.

* https://wiki.samba.org/index.php/DNS_Administration#Listing_zone_records

good point, all is working but the lack of sync between GUI's is confusing :)

15
Installation and Upgrades / Re: Odd issue from updating 6.2 to 7
« on: December 08, 2022, 03:45:24 pm »
now that's a better screen :)

you can clearly see that you are on the command-line console (tty1 to tty6), tty7 is what you need.

You don't explain what hypervisor you are using so try to figure yourself how to change console. Use this as a hint https://askubuntu.com/questions/1138357/how-to-enable-switch-back-to-running-gui-from-tty-in-18-04.

Alt+F7 or Ctrl+Alt+F7 does normally work.

Pages: [1] 2 3