As soon as Samba4 is integrated, this will be replacing all of my Zentyal deployments. The environments I manage are just too diverse to not have AD/GPO capability. This is a great product! Keep it up!
3 Likes
I just made the move from Zentyal to Nethserver and Iām very pleased. Zentyal 4.1 has abandoned the gateway functions that I needed; Nethserver has those functions, including transparent proxy, web filtering, traffic shaping, firewall rules and multi-wan. This site has about 100 clients on two local networks, blue and green, and Nethserver manages that traffic to and from a 100Mb Internet connection.
I really appreciate the integration of Ntopng. Zentyal didnāt have any built-in traffic analysis tool, so I usually added Ntopng to my servers, but updates often clobbered my installs. Iām used to the idea of green, blue, orange and red interfaces from using IPCop ā I use all 4 types on my network ā so I like the way that model is used throughout NS.
I have a blacklist filter source that I have used, but I find that the included blacklists that come with NS work very well, and itās a nice addition that they are automatically updated.
I have found that traffic moves through my NS gateway about 5-10% faster than it did through Zentyal, suggesting that your design is very efficient.
There are a few things about Zentyal that might make useful additions to NethServer.
Upload blacklist from file: Zentyal has no built-in recommended blacklists, but it does allow you to import a blacklist of your own from a tar.gz file.
Export/import confg backups. The NS automatic backup to USB drive is very nice. Zentyal only supported downloading a config backup to a local computer, which would be a useful addition to the current backup scheme. I keep a hot spare gateway running and attempt to keep the primary and backup machines configured identically, so that I can quickly swap them if I have a hardware failure. I found that I could clone the main server to the spare by moving my backup hard drive from one to the other and doing a restore, but the process would be simpler if I could just upload and restore a config file.
In doing the above cloning, I discovered that the server certificate was not part of the backup and did not copy from my main server to my hot spare. Creating a true clone machine would require moving that certificate manually. It would be nice if this could be changed.
Zentyal has a dashboard notification of updates to installed software, which was nice. It seemed like updates came out daily for either Zentyal or the underlying Ubuntu linux. I havenāt seen many updates for NS, and perhaps they are less frequent. (Also, both of my machines are having issues with the software center, so perhaps Iām not seeing them.)
Zentyal used the L7 filter and then dropped it. L7 is a very nice concept but is woefully out of date and really didnāt work well. If there is a better system for packet analysis and traffic shaping based on classes of services (libprotoident looks interesting), that would be a very useful future addition.
A final comment. I could not have moved to NS so quickly without the help of your excellent user docs and a very responsive user/developer community. The resources for learning about NethServer and the quick responses to questions are far better than anything I experienced when using Zentyal. Thanks!
7 Likes
Certificates added manually have to be added to the /etc/backup-config.d/custom.include.
Hereās mine as an example:
/etc/pki/tls/private/nethesis.key
/etc/pki/tls/certs/nethesis_2015-17.crt
The interface still misses a page to upload the backup, youāll need to use scp to copy it prior to restore.
Updates are released almost daily, I think you should debug your problems with the software center.
Start with:
yum repolist
You should have:
centos-base
centos-updates
nethserver-base
nethserver-updates
Then a:
yum update
should offer updates or no errors.
l7-filter development seems to have stopped, maybe libprotoident is also stopped.
A promising tool we are evaluating is nDPI (http://www.ntop.org/products/deep-packet-inspection/ndpi/).
Whoa, good point 
happy to hear this
Like it, please add a new feature request about. You can use āReply as linked topic functionā on left side
Are you speaking about this?
Please create a new topic on Feature category
New software center has already this functionality, check:
http://www.nethserver.org/nethserver-6-6-released/
Thank you so much friend, this kind of feedback tell us that weāre on the right way!
Alessio: Blacklists are installed in Zentyal from the UI by uploading a blacklist file. NethServerās approach is a better one, having blacklists built-in. You can always SSH in and add your own blacklists if you wanted something different, and NS does let you create custom categories from the UI, but I was referring to allowing a user to upload an entire list from the UI. Not a big deal.
Filippo: Yes, as soon as I get some time I want to try to find out what is killing the software center. Iāll report back.
Filippo: I donāt want to hijack this thread, but when I do yum update I get the following error:
Loaded plugins: changelog, fastestmirror, nethserver_events, presto
Setting up Update Process
Determining fastest mirrors
YumRepo Error: All mirror URLs are not using ftp, http[s] or file. Eg. Invalid release/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/centos-base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: centos-base
For some reason the mirrorlist.txt files are missing from centos-base and centos-updates, but they are both there for nethserver-base and nethserver-updates. Any thoughts on what might have deleted those files?
Helloā¦ I see thereās many users have move from Zentyal to Nethserver (or are looking for an alternative).
In fact, thatās why I came up to hereā¦ Iām a Zentyal user, since version 2.0, about five years ago I guess.
Since then, Iāve installed almost 30 servers, but now, we need to go away, and migrate (or not) some things.
The basic problem is that the gateway functions has been removed from the server, and also, the performance of the 3.5 and above versions are bad (in some aspescts).
For example, the proxy server is a turtle server. And now, thereās no more proxy.
Itās sad for us to leave, 'cause weāre have invested a lot of hours, and we have many clients that use Zentyal, but itās a taken decition. What we are watching out, is the new server.
Nethserver is very interesting; however, Samba4 is not a part of the server, and thereās a few of samba4 implementations that would be necesary to migrate, and right now, itās not possible.
In all the other things, Iām absilutely shure that we will give a try!
(sorry for my english!!)
4 Likes
Samba4 is kinda bloatware 
and still is not considered stable enough.
Also, if you want to implement Samba 4 you need to implement a huge number of workarounds to mess with MS stuff.
Itās a really really big effort: Zentyal had to leave behind all other modules to focus on Samba 4.
We do not want to do this for now. Please search the forum for other articles related to Samba 4.
The only viable option is a dedicated virtual machine or container but also this solution requires too much resources.
But, if anyone has a strong know-how on this and want to share ideas (and a good/solid implementation), Iām ready to help!
1 Like
I know that Samba4 is still under development, and that also Red Hat doesnāt take it yet.
I donāt know if Zentyal leaved the other modules because of that, anyway, thatās a fatc right now.
May be, we can work with both servers in parallel, and, once the samba4 is incorporated, see the migratin effort.
I think that, in the future, Samba4 will be a āmust haveā, but the time will tell. In my opinion, itās important in corporate enviroments, that can be moving from MS WS AD to Linux (Nethserver!).
Cheers
Just wanted to add my 2 pence as another Zentyal refugee looking for a new home.
I reluctantly upgraded to 3.5 despite it removing a couple of features that I used, but thankfully were easy to replace with native Ubuntu versions. However, the direction that Zentyal has taken since before 3.5 to move away from a network gateway server to be a Micro$haft Exchange replacement has forced me to look for alternatives. All Iām looking for, is the sharp front end for an internal network to connect to the ābig bad interwebā, which is what Zentyal are shying away from now.
Iām not really interested in what version Samba is installed, as long as it does what Samba was designed for: To integrate Windows sharing technology in Linux.
And to a couple of replies earlier in this thread, with Zentyal 3.5, or at least what Iām seeing, is that the automatic notification of updates has gone away. You have to go to the Dashboard and select the components option to see if there are any.
As soon as my ESXi server is back on-line, Iāll be running some serious testing to enable me to leave the Zentyal world to be the Exchange fan-boi they aspire to be. Good luck to them in that arena.
Cheers.
2 Likes
Ehi @EddieA hanks for sharing your story and welcome aboard! Please, could you describe yourself here?
Someone else would like to update us on his attempts to move from Zentyal?
Hallo,
most of arguments Iāve reading on this page I found the same
Iām a new nethserver-user - but no LINUX-greenhorn I hope.
Used LINUX since ~2000 first suse, then change 2004 to ubuntu > debian. Cause of this way Iām testing Zentyal since Version 2. And now I though, time is ripe to use it in productive environment (craft producer elektro). But at first Iā ve seen no backup-tool in actual zentyal 4.0/4.1. Thats why using 3.5. But the same problems like other users:
A little feature was tricky (sent email with Blackberry10), but not to find a way out of this.
Searching for a better complete SBS-LINUX-Server and found nethserver6.6 with all features I need.
A little downer:
- no debian-base , , but the most of all looks similar.
- no GUI on server ā¦ GUI=itās better to administrate in āworking officeā
I will try with EPEL (or so - source handling is new for me) ā¦ then login > startx > midori > https://localhost:980 or so -
bye-bye zentyal ā¦
good morning nethserver
1 Like
I wrote about x-windows installation here:
1 Like
Hi @rowihei , happy to see you here.
could you please introduce yourself replying to the topic below? Who you are? What youāre working on? where you are from?
Your favorite thing to do when youāre not at work. Thanks
Can I ask why you need a GUI? WebUI is not enough?
Like this, we should push this aspect: NethServer as a real SBS linux server alternative.