Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - fmoreira86

Pages: [1] 2 3
Directory and Authentication / Goal of idmap.ldb and RFC 2307 with zentyal
« on: December 22, 2022, 11:06:54 am »

I've two questions

- One of my installs, idmap.ldb has arround 58 records however I've more AD objects than that. Since Zentyal uses RFC 2307 why do we need idmap.ldb? How is it populated?
- As I said, Zentyal uses RFC 2307, and I can see that it manages uidnumber, gidnumber, etc automatically. Lets supposed that you join zentyal to a domain where some objects already have some uidnumbers and gidnumbers. How does it deal with that?


Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: December 21, 2022, 09:44:22 pm »

I also confirm!

Directory and Authentication / Re: AD Stop Working on Windows 11 22H2
« on: November 05, 2022, 07:12:52 pm »

I just configured my own Ubuntu Servers with Samba 4.17.2.

You have good documentation here:

And if you use Ubuntu Server 22.02 like I do, you can use this repo:

So this is my goodbye to Zentyal as, in fact, I prefer my own configurations and to have a better control.

Thank you everyone!

I didn't have any problem since I made this config.


vfs objects = acl_xattr full_audit

I was trying to do this procedure:

Basically it would allow my firewall to identify the users based on the samba4 logs.

You've to add this:

  syslog = 3
        vfs object = full_audit
        full_audit:success = connect
        full_audit:failure = disconnect
        full_audit:prefix = %u %I | %S
        full_audit:facility = local5

To smb.conf.

I added to /usr/share/zentyal/stubs/samba/smb.conf.mas , rebooted the server and the logs work.

However if I try to create a GPO via RSAT, with this configuration, I get "This security ID may not be assigned as the owner of this object"

Pretty much like this report:

Any hint?

Thank you!

Directory and Authentication / Re: Changing .local to .com Domain
« on: December 28, 2021, 06:42:38 pm »

What about GPOs?

Also, would it be possible to keep the same account settings at workstations after joining the "new" domain?


Directory and Authentication / Changing .local to .com Domain
« on: December 27, 2021, 01:23:41 pm »

Is it possible to change the AD domain from .local to .com (this is purely Zentyal infrastructure)?


Installation and Upgrades / Problems with DNS on 7.0
« on: March 10, 2021, 04:18:19 am »

So I upgraded to 7.0.

Everything looked ok till I found that DNS is not replicating and that my machines can't update their records.
Also found that some external records just won't resolve it's ip's.

If I add a record manually at one DC the record won't replicate to other DC's.

I've 4 DC's (all zentyal 7.0)

Some logs:

Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: ldb: replmd_add: unable to find invocationId
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz:
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: failed to modify DC=XXXDSK04,DC=XXX.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=XXX,DC=local - WERR_GEN_FAILURE
Mar 10 03:16:33 XXXdc01 named[1270]: samba_dlz: cancelling transaction on zone XXX.local

I also have some logs like this:

DNS format error from resolving invalid response

Please help.

EDIT: Also Domain objects are not replicating. If I do a samba-tool drs replicate with  --full-sync it it's synced.
EDIT2: Just reverted to Zentyal 6.2.7. This is not ready for prime time.


On your Windows domain machine do on a CMD ipconfig /registerdns.

A Record will be updated correctly.

Reverse record will NOT.

In my example my workstation is / 24
however in the syslog it shows up this:

client @0x7f2754100c10 updating zone '': update failed: not authoritative for update zone (NOTAUTH)

The correct zone should be I believe.
By the way, my DC's are in different networks than my workstations.

The zone exists. It was created via samba-tool and I also tried via RSAT. Same results.


Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: December 08, 2018, 10:57:17 pm »

Tried that and kill some process at time.

The machine upgraded sucessfully.

I've other machine that is stuck on:

Setting up zentyal-core (6.0.1) ...
Installing new version of config file /etc/cron.daily/zentyal ...

any idea? :(

Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: November 30, 2018, 09:43:10 pm »

Installation and Upgrades / Re: Stuck Upgrading from 5.1.3 to 6.0
« on: November 26, 2018, 10:44:53 am »
You mean stop DNS?

I tried it and it kept stuck.

Installation and Upgrades / Stuck Upgrading from 5.1.3 to 6.0
« on: November 25, 2018, 02:32:55 am »

I'm getting stuck here:

2018/11/25 00:50:47 INFO> EBox::Module::Service::restartService - Restarting service for module: dns
2018/11/25 00:50:48 INFO> EBox::DNS::appArmorProfiles - Setting DNS apparmor profile

Any hint?

When is the button gonna be available?

Pages: [1] 2 3