ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Did you ever try NethServer ?

    Scheduled Pinned Locked Moved IT Discussion
    linuxnethservernethserver 7
    92 Posts 12 Posters 17.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • triple9T
      triple9 @alefattorini
      last edited by triple9

      @alefattorini I tried NethServer, it seems really nice, very polished. I liked OpenVPN part a lot, though I would like to see self-service portal for end users, where they could download ovpn file (or have I missed it?)
      I had one problem, not sure if I'm to blame. I wanted to setup server as AD DC, and things went really bad. Installation was stuck in the middle, and I could not stop it or do anything with it. I didn't have time to investigate what happened, but I plan to do it later.

      travisdh1T alefattoriniA 2 Replies Last reply Reply Quote 2
      • travisdh1T
        travisdh1 @triple9
        last edited by

        @triple9 I gave setting up an AD DC on Nethserver a shot tonight myself. Had some issues right off the bat. From the documentation page:

        Samba machine needs an IP address in a green network, different from the machine one. It also requires a bridge on the green interface. If needed, this bridge is created automatically.

        I could do one manually on CentOS with less hassle than this 😞

        alefattoriniA 1 Reply Last reply Reply Quote 0
        • alefattoriniA
          alefattorini @travisdh1
          last edited by

          @travisdh1 I can't get your point, you're able to setup a Samba4 DC on CentOS, managed by webinterface with one click?

          @triple9 did you check your connectivity? Check the log to look up some errors

          triple9T scottalanmillerS travisdh1T 4 Replies Last reply Reply Quote 0
          • triple9T
            triple9 @alefattorini
            last edited by

            @alefattorini the problems started when I tried to add bridge. Server lost connectivity, and I had to remove bridge manually to get it back online. I'll try with fresh install and see if it happens again.

            1 Reply Last reply Reply Quote 0
            • triple9T
              triple9 @alefattorini
              last edited by

              @alefattorini what's more funny, I could update system, and perform other tasks. But AD DC installation was stuck at nearly 50% and would not move from that point

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @alefattorini
                last edited by

                @alefattorini said in Did you ever try NethServer ?:

                @travisdh1 I can't get your point, you're able to setup a Samba4 DC on CentOS, managed by webinterface with one click?

                I've not had luck getting that working on NethServer either. I ran into the bridge problem, now into this one:

                0_1489051183564_Screenshot from 2017-03-09 10-19-09.png

                What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

                alefattoriniA 1 Reply Last reply Reply Quote 1
                • alefattoriniA
                  alefattorini @triple9
                  last edited by

                  @triple9 said in Did you ever try NethServer ?:

                  where they could download ovpn file (or have I missed it?)

                  You're right, we have to improve that part enabling users to download config file independently

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller
                    last edited by

                    Giving this bit a try now. The bridging bit, I think, should either be removed or done transparently as part of a base setup rather than having users be faced with it later. It's confusing. Even as a senior engineer on both Linux and Windows, I'm unclear why this is needed or even a good idea. If it is going to be required, I think the target audience should not be faced with it as a choice. Make the first interface green, and make it a bridge if you need - but keep it automatic.

                    0_1489051721980_Screenshot from 2017-03-09 10-27-29.png

                    1 Reply Last reply Reply Quote 1
                    • alefattoriniA
                      alefattorini @scottalanmiller
                      last edited by

                      I'm sorry for that guys, where are you running NethServer? VPS?

                      @scottalanmiller said in Did you ever try NethServer ?:

                      What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

                      Here we tried to answer all the questions about samba container.
                      http://community.nethserver.org/t/i-still-dont-get-why-samba-has-to-be-run-in-a-container/4878
                      Suggestions are welcome!

                      scottalanmillerS 1 Reply Last reply Reply Quote 1
                      • scottalanmillerS
                        scottalanmiller @alefattorini
                        last edited by

                        @alefattorini said in Did you ever try NethServer ?:

                        I'm sorry for that guys, where are you running NethServer? VPS?

                        @scottalanmiller said in Did you ever try NethServer ?:

                        What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

                        Here we tried to answer all the questions about samba container.
                        http://community.nethserver.org/t/i-still-dont-get-why-samba-has-to-be-run-in-a-container/4878
                        Suggestions are welcome!

                        Ah, I see, the bridge is to support the container? Then that makes sense, but my "you need to automate that" part still remains. Maybe notify the user in a "just so you know" way, but don't make them be involved. Your target audience is scared of Linux and doesn't know what a bridge is.

                        alefattoriniA 1 Reply Last reply Reply Quote 1
                        • scottalanmillerS
                          scottalanmiller
                          last edited by

                          Quote from the above link:

                          The default file server in Samba 4.0 is our smbd file server from Samba
                          3.x, simply updated with the latest work from that line of
                          development.

                          No matter if you are running an AD DC, or a file server as a member
                          server, we use the same code for file server operations. However, some
                          support infrastructure varies between the operating modes, and some
                          options are forced on in the AD DC, so as to emulate NT ACLs in the way
                          we must for the SYSVOL share. We also use a different winbind
                          implementation.

                          For smaller sites, where there is just one server, using the AD DC as
                          the file server is perfectly fine and supported. It will work well.

                          For other (generally larger) sites, the knowledge that the file server
                          and DC can be configured, upgraded and replicated independently will be
                          far more important, and so follow our advise to separate these roles.
                          Andrew Bartlett

                          1 Reply Last reply Reply Quote 0
                          • alefattoriniA
                            alefattorini @scottalanmiller
                            last edited by

                            @scottalanmiller said in Did you ever try NethServer ?:

                            Your target audience is scared of Linux and doesn't know what a bridge is.

                            Good point, thanks for that. We're working on getting rid of it and adding a free IP checker for container 🙂

                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @triple9
                              last edited by

                              @triple9 said in Did you ever try NethServer ?:

                              @alefattorini what's more funny, I could update system, and perform other tasks. But AD DC installation was stuck at nearly 50% and would not move from that point

                              Is this where you got stuck?

                              0_1489052045317_Screenshot from 2017-03-09 10-33-47.png

                              triple9T 1 Reply Last reply Reply Quote 1
                              • scottalanmillerS
                                scottalanmiller @alefattorini
                                last edited by

                                @alefattorini said in Did you ever try NethServer ?:

                                @scottalanmiller said in Did you ever try NethServer ?:

                                Your target audience is scared of Linux and doesn't know what a bridge is.

                                Good point, thanks for that. We're working on getting rid of it and adding a free IP checker for container 🙂

                                Knowing that this is a container, I now believe that I know why two of us have gotten stuck and where the GUI is wrong. Look at this...

                                0_1489052134800_Screenshot from 2017-03-09 10-34-54.png

                                Nowhere am I told about the container or get any explanation. So as a well versed IT pro, I'm not given the info needed to figure out what is wrong. That's fine. This isn't meant for me. BUT, let's look at it from the directions point of view...

                                1. IP must be in the range of the green network. Check, it is.
                                2. Green Network must be a bridge. You force me there, so that's definitely done correctly. Check.
                                3. The IP address must not be used by any OTHER machine. Check. Followed the directions perfectly. I supplied the IP address of THIS machine, definitely not used by any OTHER machine. 192.168.88.228 is the IP address of the machine I am working on, the only IP address that I have for this machine. But wait, had I known that this was a container and was getting its own IP address, I instantly knew that this was wrong. But without being told that we were virtualizing this workload, and with the instructions telling me to obviously pick this IP address (otherwise it would say ANY machine not OTHER machine) and since the IP Address field is populated only with an asterisk.... this is where we end up.

                                That wording needs to be fixed. I think that those instructions are leading directly to a problem as they are incorrect.

                                alefattoriniA 2 Replies Last reply Reply Quote 1
                                • alefattoriniA
                                  alefattorini @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in Did you ever try NethServer ?:

                                  That wording needs to be fixed.

                                  I guess you're right, so you have filled out this field with the IP address of the machine you're working on.
                                  Sorry for that, sometimes a different perspective is very useful 🙂

                                  alefattoriniA scottalanmillerS 2 Replies Last reply Reply Quote 0
                                  • alefattoriniA
                                    alefattorini @alefattorini
                                    last edited by

                                    Recently we came to the same conclusion, we need to improve and automatize that panel. Thanks for pointing it out

                                    1 Reply Last reply Reply Quote 0
                                    • alefattoriniA
                                      alefattorini @scottalanmiller
                                      last edited by

                                      @scottalanmiller What would you write on that page? And which choices should be avoided for you?

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @alefattorini
                                        last edited by

                                        @alefattorini said in Did you ever try NethServer ?:

                                        @scottalanmiller said in Did you ever try NethServer ?:

                                        That wording needs to be fixed.

                                        I guess you're right, so you have filled out this field with the IP address of the machine you're working on.
                                        Sorry for that, sometimes a different perspective is very useful 🙂

                                        Yeah, I followed the instructions to the tee. My machine had one IP assigned to it, no other machine used it, it was green. Seemed like the obvious choice. But knowing that there is a container involved makes it obvious why that's a problem. Without knowing that there is a container being created, it's not even suggestive that a second IP would be even possible.

                                        1 Reply Last reply Reply Quote 1
                                        • scottalanmillerS
                                          scottalanmiller
                                          last edited by

                                          Using a different IP address now for the container, it does run but I get this...

                                          0_1489054052204_Screenshot from 2017-03-09 11-07-08.png

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @alefattorini
                                            last edited by

                                            @alefattorini said in Did you ever try NethServer ?:

                                            @scottalanmiller What would you write on that page? And which choices should be avoided for you?

                                            So what we have now...

                                            0_1489054164543_Screenshot from 2017-03-09 11-09-01.png

                                            Domain Controller configuration

                                            Set a new IP address for the Domain Controller function.

                                            The chosen IP address must satisfy all of the below conditions:

                                            • The IP address must be in the same subnet range of the green network. (Show this range.)
                                            • The IP address must be unused currently.

                                            IP address - before doing unused detection, start by blocking the IP addresses of known things like the green interface itself and the gateway.


                                            Then in a sidebar have a note: "To provide full Samba Active Directory Domain Controller (AD DC) functionality, this feature is implemented in a container and requires its own IP address. The green interface will be added to a bridge to accommodate this function automatically.

                                            alefattoriniA 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 4 / 5
                                            • First post
                                              Last post