Moving from Zentyal 3.4 DC to NS7 DC (AD) at a medical institution

I´ll try. As usual it´s always much more work then thought. Yesterday we needed more then 6 hours (!!!) to upgrade our VM-Ware on the 2 Servers from 5.5 and 6.0 to 6.5 until everything again was online.
So Database is moved now, Shares are moved (we had to work yesterday and today at the medical record, so we had to resync everything again (easy with rsync).
So we still have to do a further test and then we will backup the mail accounts- for which will will now use IMAPsize ( http://www.broobles.com/imapsize/ ) much faster then Outlook/PST.

Indeed! Very interesting for us and as Robb already said a full guide would be AWESOME! :slight_smile:
Again, thanks for your sharings :stuck_out_tongue_winking_eye:

Next point - we could´nt take a client into the domain in our test environment.So what we found out- you have to configure the virtual network-card in VM-Ware to accept the second IP the DC needs.

Hi - did you see Zentyal released version 5 a couple of days ago :slight_smile:

I’m in the same boat - my Zentyal server kept mounting all disks as read only, and as I was tired of waiting for Zentyal to release an upgrade, installed Nethserver instead. I’ve had NS running on a virtual machine to try out before - just wasn’t quite ready to do an install a couple of days before New Year.

I also had Nextcloud running on my Zentyal box - the web interface to Sogo does look nice, but I don’t know if you’d need both Sogo and Nextcloud. Nextcloud lets you share calendars, tasks, contact info etc. The only thing it does not do that I’d like it to do is subscribe to external calendars - Google calendars, for example. Or it didn’t - there is probably a new version by now. I haven’t used Sogo as my day to day mail/calendar, though.

I have installed CalDAV-sync and CardDav-sync from Marten Gajda (https://play.google.com/store/apps/details?id=org.dmfs.caldav.lib&hl=en) on my Android devices and it works well. Nextcloud recommends DavDroid, and I put that on my wife’s new phone, and it is okay. I think I prefer the first two, but not by much.

Anyway - I’ve set up my machine, and am about to enable the Samba AD. Before I press the button and pray, is there anything specific I should make sure I’ve done first? And is there a way to get back to a snapshot of the present system - should it all go bad?

If it does go bad, can I just install the OpenLDAP server over the top and have it work? I don’t really need AD, just like to be able to say ‘oh, my linux box can do that … what is that license management you speak of?’

Take a look at this:
http://docs.nethserver.org/en/v7rc/accounts.html#account-providers

Anyway, please open a new topic if you need further help :wink:

Does anybody has a clue how to make a share “executable”?- because on at least 3 we do have files that must be executable for our software to run.

It’s exec by default, unless you did custom modifications to partitioning and/or fstab.

You´re absolutely right- it´s obviously a windows shit- can I manage group policies somewere and were´s the netlogon.bat?
_

Mmh, I think I’ve to answer “in the netlogon share”. :slight_smile:
The linux path is /var/lib/nethserver/netlogon/netlogon.bat.

Leaving the office in a few minutes, happy new year everybody.

We´ll stay :innocent:- thank you so much!
Also happy new year to everyone.

Last update: We extracted the Mails. Switched of the Zentyal. Changed the NS IP to the one of Zentyals. Started the PDC/AD and it worked perfect out of the box.
Windows Clients are easily integrated- Linux still not finished (pbis-open). AD administration with RAST perfect- only the roaming profiles didn´t work as I wanted to.
We had a big problem with exec. files on the shares not working under Windows- obviously a known problem
https://forge.univention.org/bugzilla/show_bug.cgi?id=33785
solves that- Uff.
Enough for today- :sunglasses:

Sorry- looks like not existing at our NS7 installation- any other ideas?

netlogon.bat build our self- http://wiki.robotz.com/index.php/Network_Logon_Scripts

This is an option that’s not documented in the /etc/samba/smb.conf file, but that’s where it goes:

# Allow Windows machines to execute things that don't have
# the execute bit set
acl allow execute always = True

Thanks to forge.univention.org/bugzilla/show_bug.cgi?id=33785 for the info!

1 Like

So another problem- that’s working until you change something in the samba configuration e.g. creating a new share- then during the update process that change is overwritten and the trouble starts again- is there a template for the smb.conf that is used for this process, and could we place our necessary changes there?
By the way this is http://community.nethserver.org/users/nikolaus.herrmann/activity our genius technician who solved so many of our problems- and we’re already in production- so we will have a little rest and then I’m going to try to give you a sum up of the whole process.

4 Likes

I didn’t try this, but you may create a custom template:

mkdir -p /etc/e-smith/templates-custom/etc/samba/smb.conf/
vi /etc/e-smith/templates-custom/etc/samba/smb.conf/11globalexecfix

Paste the smb settings and save the file:

# Allow Windows machines to execute things that don't have
# the execute bit set
acl allow execute always = True

Then apply the changes:

signal-event nethserver-samba-update

I think it will work but if possible better to test it before on a virtual machine or test server.

2 Likes

We´ll do :yum:

I have tested this sniplet, it is working finne in testlab.
so we can do it in prodsys

3 Likes

@iglqut and @nikolaus.herrmann your speaking out loud definitely helped many people here, please keep us in touch with your achievements! I’m your huge fan, absolutely. :heart_eyes:

3 Likes

I also have been watching this thread with great interest!

3 Likes