Posts by kitru870

    Hi so I added in sssd.conf:


    ldap_search_base = my domain
    ldap_user_search_base = my user OU

    ldap_group_search_base = my group OU

    ldap_search_timeout = 120

    ldap_enumeration_search_timeout =180


    and in login.defs:

    UID_MAX 999999999
    GID_MAX 999999999


    then getent passwd returns the local users and the 200 AD users remaining after filtering.

    Though OMV GUI still doesn't show the users and return the error (communication failure) after 60 seconds.
    Do you know what OMV is checking the users against and how ?

    does it need a cache, and if so how should I check it ?

    Hi donh ,
    I have followed the instructions in the thread guide-to-omv-4-active-directory-integration

    you participated in.

    I use OMV 5.6.23.1.
    my AD domain is more than 50K users.
    I tried:

    id first.last
    it takes a long time but I get the user information.

    getent passwd first.last
    doesn't return anything

    Then

    getent passwd first.last@domain.tld

    does return information


    then running:

    getent passwd

    shows the local users and the only AD user: first.last


    but I don't see the 50K users...

    Then in the OMV GUI, Users... Loading it takes time and shows communication failure

    Any idea on this ?
    By the way where can I find the script you mentionned ?

    Thanks

    no it's not facing the internet. But it's not a reason not to protect.
    I also tried to allow other ports as given in the plex documentation but it didn't help.

    Again docker dynamically opens the required ports for the containers it's running.

    The firewall settings only allow http and ssh.
    Well actually that's what in the GUI.
    Because I also have smb and nfs access which don't show here.

    Also port 32400alllwed by docker for the plex container don't show either.


    Of course on the internet a firewall is a requirement, but security always matters and I want to be able to select what can be reached or blocked.


    Here is the iptables rules:

    Here I can see docker related rules and the GUI rules. But no smb nor nfs which make sense since filtering is made in the conf files of these 2 protocols. Just surprised not to see the ports open for any in iptables then filtered by the conf files.
    On the other way docker rules must be dynamic to allow 32400.

    The firewall settings only allow http and ssh.
    Well actually that's what in the GUI.
    Because I also have smb and nfs access which don't show here.

    Also port 32400alllwed by docker for the plex container don't show either.


    Of course on the internet a firewall is a requirement, but security always matters and I want to be able to select what can be reached or blocked.


    Here is the iptables rules:

    Here I can see docker related rules and the GUI rules. But no smb nor nfs which make sense since filtering is made in the conf files of these 2 protocols. Just surprised not to see the ports open for any in iptables then filtered by the conf files.
    On the other way docker rules must be dynamic to allow 32400.

    Please find the logs attached.

    When enabling the firewall I start to get messages like this one :

    Code
    kernel: [2593411.461625] IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=283 TOS=0x00 PREC=0x00 TTL=64 ID=5211 DF PROTO=UDP SPT=32414 DPT=35595 LEN=263

    If I disable the firewall it stops printing these messages.

    Files

    • messages.txt

      (993.06 kB, downloaded 151 times, last: )

    Hello,

    I have installed the docker package linuxserver/plex for a plex server on my OMV 5.3.4-1.

    I noticed that if the OMV firewall is running I can still access the plex server portal on port 32400, but I get "Server settings are unavailable." when trying to reach any of the settings pages.

    Also the behaviour is altered on the client, missing covers, cannot start playing.

    I have checked with wireshark and no other port than 32400 is used from the client.

    So I'm expecting some kind of traffic between the container and the OMV host being blocked by the firewall.

    Have you noticed this kind of issue when using a host firewall ?

    How can I get it fixed ?

    Thank you for your help

    Thank you for your feedback.
    I suppose I also need to reapply owner/rights/shares/permissions... once everything is copied over.
    Not complicated but still take some time.
    Maybe OMV 5 comes with this migration configuration backup feature

    Hi,
    I'm planning to move my OMV install (4.1.22-1) to a new hardware (new motherboard, new larger disks...).



    I was considering OMV 4 as it's the current stable release, but OMV 5 seems stable enough from what I read.
    It looks like there is no way to back up configuration (network, plugins, services, users...). Do I need to do it manually (not difficult but better if a couple of clicks)
    Then data. I can do a rsync between both. But I'm wondering how to migrate permissions/owners simply.
    I don't feel the available plugins can do this.



    But it seems OMV 5 supports configuration backups. When is it expected to be released as stable ?
    Or I could upgrade to OMV 5 and use the config backup feature.



    How would you do it simply ?
    Thank you for your advices.