ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Did you ever try NethServer ?

    Scheduled Pinned Locked Moved IT Discussion
    linuxnethservernethserver 7
    92 Posts 12 Posters 17.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • alefattoriniA
      alefattorini @travisdh1
      last edited by

      @travisdh1 I can't get your point, you're able to setup a Samba4 DC on CentOS, managed by webinterface with one click?

      @triple9 did you check your connectivity? Check the log to look up some errors

      triple9T scottalanmillerS travisdh1T 4 Replies Last reply Reply Quote 0
      • triple9T
        triple9 @alefattorini
        last edited by

        @alefattorini the problems started when I tried to add bridge. Server lost connectivity, and I had to remove bridge manually to get it back online. I'll try with fresh install and see if it happens again.

        1 Reply Last reply Reply Quote 0
        • triple9T
          triple9 @alefattorini
          last edited by

          @alefattorini what's more funny, I could update system, and perform other tasks. But AD DC installation was stuck at nearly 50% and would not move from that point

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @alefattorini
            last edited by

            @alefattorini said in Did you ever try NethServer ?:

            @travisdh1 I can't get your point, you're able to setup a Samba4 DC on CentOS, managed by webinterface with one click?

            I've not had luck getting that working on NethServer either. I ran into the bridge problem, now into this one:

            0_1489051183564_Screenshot from 2017-03-09 10-19-09.png

            What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

            alefattoriniA 1 Reply Last reply Reply Quote 1
            • alefattoriniA
              alefattorini @triple9
              last edited by

              @triple9 said in Did you ever try NethServer ?:

              where they could download ovpn file (or have I missed it?)

              You're right, we have to improve that part enabling users to download config file independently

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller
                last edited by

                Giving this bit a try now. The bridging bit, I think, should either be removed or done transparently as part of a base setup rather than having users be faced with it later. It's confusing. Even as a senior engineer on both Linux and Windows, I'm unclear why this is needed or even a good idea. If it is going to be required, I think the target audience should not be faced with it as a choice. Make the first interface green, and make it a bridge if you need - but keep it automatic.

                0_1489051721980_Screenshot from 2017-03-09 10-27-29.png

                1 Reply Last reply Reply Quote 1
                • alefattoriniA
                  alefattorini @scottalanmiller
                  last edited by

                  I'm sorry for that guys, where are you running NethServer? VPS?

                  @scottalanmiller said in Did you ever try NethServer ?:

                  What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

                  Here we tried to answer all the questions about samba container.
                  http://community.nethserver.org/t/i-still-dont-get-why-samba-has-to-be-run-in-a-container/4878
                  Suggestions are welcome!

                  scottalanmillerS 1 Reply Last reply Reply Quote 1
                  • scottalanmillerS
                    scottalanmiller @alefattorini
                    last edited by

                    @alefattorini said in Did you ever try NethServer ?:

                    I'm sorry for that guys, where are you running NethServer? VPS?

                    @scottalanmiller said in Did you ever try NethServer ?:

                    What's the reason for the green interface requirement? This seems like an unnecessary complication, there should never be any interface except the green interface on a server. What assumption is being made here?

                    Here we tried to answer all the questions about samba container.
                    http://community.nethserver.org/t/i-still-dont-get-why-samba-has-to-be-run-in-a-container/4878
                    Suggestions are welcome!

                    Ah, I see, the bridge is to support the container? Then that makes sense, but my "you need to automate that" part still remains. Maybe notify the user in a "just so you know" way, but don't make them be involved. Your target audience is scared of Linux and doesn't know what a bridge is.

                    alefattoriniA 1 Reply Last reply Reply Quote 1
                    • scottalanmillerS
                      scottalanmiller
                      last edited by

                      Quote from the above link:

                      The default file server in Samba 4.0 is our smbd file server from Samba
                      3.x, simply updated with the latest work from that line of
                      development.

                      No matter if you are running an AD DC, or a file server as a member
                      server, we use the same code for file server operations. However, some
                      support infrastructure varies between the operating modes, and some
                      options are forced on in the AD DC, so as to emulate NT ACLs in the way
                      we must for the SYSVOL share. We also use a different winbind
                      implementation.

                      For smaller sites, where there is just one server, using the AD DC as
                      the file server is perfectly fine and supported. It will work well.

                      For other (generally larger) sites, the knowledge that the file server
                      and DC can be configured, upgraded and replicated independently will be
                      far more important, and so follow our advise to separate these roles.
                      Andrew Bartlett

                      1 Reply Last reply Reply Quote 0
                      • alefattoriniA
                        alefattorini @scottalanmiller
                        last edited by

                        @scottalanmiller said in Did you ever try NethServer ?:

                        Your target audience is scared of Linux and doesn't know what a bridge is.

                        Good point, thanks for that. We're working on getting rid of it and adding a free IP checker for container 🙂

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @triple9
                          last edited by

                          @triple9 said in Did you ever try NethServer ?:

                          @alefattorini what's more funny, I could update system, and perform other tasks. But AD DC installation was stuck at nearly 50% and would not move from that point

                          Is this where you got stuck?

                          0_1489052045317_Screenshot from 2017-03-09 10-33-47.png

                          triple9T 1 Reply Last reply Reply Quote 1
                          • scottalanmillerS
                            scottalanmiller @alefattorini
                            last edited by

                            @alefattorini said in Did you ever try NethServer ?:

                            @scottalanmiller said in Did you ever try NethServer ?:

                            Your target audience is scared of Linux and doesn't know what a bridge is.

                            Good point, thanks for that. We're working on getting rid of it and adding a free IP checker for container 🙂

                            Knowing that this is a container, I now believe that I know why two of us have gotten stuck and where the GUI is wrong. Look at this...

                            0_1489052134800_Screenshot from 2017-03-09 10-34-54.png

                            Nowhere am I told about the container or get any explanation. So as a well versed IT pro, I'm not given the info needed to figure out what is wrong. That's fine. This isn't meant for me. BUT, let's look at it from the directions point of view...

                            1. IP must be in the range of the green network. Check, it is.
                            2. Green Network must be a bridge. You force me there, so that's definitely done correctly. Check.
                            3. The IP address must not be used by any OTHER machine. Check. Followed the directions perfectly. I supplied the IP address of THIS machine, definitely not used by any OTHER machine. 192.168.88.228 is the IP address of the machine I am working on, the only IP address that I have for this machine. But wait, had I known that this was a container and was getting its own IP address, I instantly knew that this was wrong. But without being told that we were virtualizing this workload, and with the instructions telling me to obviously pick this IP address (otherwise it would say ANY machine not OTHER machine) and since the IP Address field is populated only with an asterisk.... this is where we end up.

                            That wording needs to be fixed. I think that those instructions are leading directly to a problem as they are incorrect.

                            alefattoriniA 2 Replies Last reply Reply Quote 1
                            • alefattoriniA
                              alefattorini @scottalanmiller
                              last edited by

                              @scottalanmiller said in Did you ever try NethServer ?:

                              That wording needs to be fixed.

                              I guess you're right, so you have filled out this field with the IP address of the machine you're working on.
                              Sorry for that, sometimes a different perspective is very useful 🙂

                              alefattoriniA scottalanmillerS 2 Replies Last reply Reply Quote 0
                              • alefattoriniA
                                alefattorini @alefattorini
                                last edited by

                                Recently we came to the same conclusion, we need to improve and automatize that panel. Thanks for pointing it out

                                1 Reply Last reply Reply Quote 0
                                • alefattoriniA
                                  alefattorini @scottalanmiller
                                  last edited by

                                  @scottalanmiller What would you write on that page? And which choices should be avoided for you?

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @alefattorini
                                    last edited by

                                    @alefattorini said in Did you ever try NethServer ?:

                                    @scottalanmiller said in Did you ever try NethServer ?:

                                    That wording needs to be fixed.

                                    I guess you're right, so you have filled out this field with the IP address of the machine you're working on.
                                    Sorry for that, sometimes a different perspective is very useful 🙂

                                    Yeah, I followed the instructions to the tee. My machine had one IP assigned to it, no other machine used it, it was green. Seemed like the obvious choice. But knowing that there is a container involved makes it obvious why that's a problem. Without knowing that there is a container being created, it's not even suggestive that a second IP would be even possible.

                                    1 Reply Last reply Reply Quote 1
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      Using a different IP address now for the container, it does run but I get this...

                                      0_1489054052204_Screenshot from 2017-03-09 11-07-08.png

                                      1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @alefattorini
                                        last edited by

                                        @alefattorini said in Did you ever try NethServer ?:

                                        @scottalanmiller What would you write on that page? And which choices should be avoided for you?

                                        So what we have now...

                                        0_1489054164543_Screenshot from 2017-03-09 11-09-01.png

                                        Domain Controller configuration

                                        Set a new IP address for the Domain Controller function.

                                        The chosen IP address must satisfy all of the below conditions:

                                        • The IP address must be in the same subnet range of the green network. (Show this range.)
                                        • The IP address must be unused currently.

                                        IP address - before doing unused detection, start by blocking the IP addresses of known things like the green interface itself and the gateway.


                                        Then in a sidebar have a note: "To provide full Samba Active Directory Domain Controller (AD DC) functionality, this feature is implemented in a container and requires its own IP address. The green interface will be added to a bridge to accommodate this function automatically.

                                        alefattoriniA 1 Reply Last reply Reply Quote 1
                                        • scottalanmillerS
                                          scottalanmiller
                                          last edited by

                                          I just realized, forcing a second IP address for the AD DC means that NethServer is very hard to use in a hosted environment where traditionally only a single IP address would be available. Of course, you don't normally use AD there and, if you do, you make a "behind the scenes LAN", so adding a ZeroTier type product there and making that the green network would work fine.

                                          1 Reply Last reply Reply Quote 1
                                          • triple9T
                                            triple9 @scottalanmiller
                                            last edited by

                                            @scottalanmiller exactly. However, if I remember correctly, I did use other IP address. It was clear to me that I need NEW IP address for DC.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 5 / 5
                                            • First post
                                              Last post