Beiträge von ZJohnAsZ

donh,
Would it be better if I create a new thread with my posts combined and also referring this thread to have more chances of someone seeing it regarding my couple of questions? By the way, I totally understand you not having much time, it is ok, it is already nice that you took the time to share your procedure with OMV6.

donh

Ok, thank you. I will try to find infos on other threads. Yours came first when I was searching the web. I found it was the most detailed when based on omv. I joined other debian/ubuntu machines to domains, but never with the omv on top of debian. I could probably modify the omv script which generates the command or whatever does, but after if I update it would probably reset those modifications. It really is just about the command taking the username/groupname literally instead of adding another one "\".

Zitat von ZJohnAsZ

My Testing Setup:
Server: Proxmox VE
VM with Windows Server 2022 as AD DC.
VM with OMV 7.4.7-1, Kernel: Linux 6.8.12-1-pve

I did use the Web-UI to set the Linux Basic Permissions and ACLs. I used the ACL button when you select a Shared Folder like in the image I provided in my second post.
I have a question regarding this parameter:
winbind use default domain = Yes

I wanted to set it to NO because it would've made more sense for me to have users and groups from the domain to show as EXAMPLE\username and EXAMPLE\groupname. The Web-UI though bugs, when I do that because the commands that are generated don't take into account that there should be "\\" instead of only "\" to not escape the character. What would be the easiest way to fix this issue without altering too much to not have problems later on updating OMV and having to redo the fix?

QUESTION 4 Regarding SAMBA behaviors when controlling access to shares with SAMBA.

=I have 2 domain groups: files-admins (rwx), files-users (rx)

=I have a share called apps$.

I did not touch the Permissions section for the shared folder but only the ACL one.

Since I want to keep some local control when I am connecting with a sudo user or root with ssh, or also when connecting to the web-ui with admin capable users, I think I should set owner:root (rwx). Then I set the group:files-admins (rwx) which is a domain group. Because I plan on giving access guest access (requiring no password), I set others (rx).

Linux Basic Permissions

owner:root (rwx)

group:files-admins (rwx)

others (rx)

ACL

group:files-users(rx)

I thought that by controlling the permissions like this I could achieve what I wanted without having to rely on samba parameters like valid users, write list, read list, but it's like samba only sees the basic permissions I set and not the ACL at all.

What I mean is that if I use valid users: files-users it gives RWX to files-users group and then I have to limit it using read list. If I don't use valid users at all, then files-users group ACL setup is not seen at all. Only the other:rx is considered to give access. Why?

I came up with this to achieve what I wanted, but I think there is probably something I am missing in the way to setup samba parameters to have it rely on Linux Basic Permissions + ACL without having to rely on samba access control. Is there?

Hi,
Thank you for the TUTO!

Also thank's to everyone who contributed to this Thread, it helped me greatly to understand what I had to do. I can see the users and groups of my example.int domain in omv web-ui and also using getent.
My Testing Setup:
Server: Proxmox VE
VM with Windows Server 2022 as AD DC.
VM with OMV 7.4.7-1, Kernel: Linux 6.8.12-1-pve

This is the order I came up with going through the Thread and reading documentation.

*SSH as root to the OMV machine

-apt update

-apt dist-upgrade

-reboot

*In OMV Web-UI.

- System > Date & Time > Use NTP Server checked

- System > Date & Time > Time Servers: dc1.example.int (domain time server, setup on Windows Server 2022 VM)

- System > Date & Time > Time zone: Canada/Eastern (same as domain time server)

*SSH as root to the OMV machine again

-apt install realmd policykit-1

-realm discover example.int (test if domain can be reach)

-apt install sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin packagekit-tools

-before joining the realm (domain), micro /etc/krb5.conf 

-realm join example.int -U donadmin (join the domain, sssd.conf auto-generated)

-systemctl status sssd (Should report "Active: active (running)")

-apt install libsss-simpleifp0 libsss-sudo

-sssctl domain-list (Should show your domain)

-id donadmin@example.com (Should show info about user)

-sssctl domain-status example.int *QUESTION 1: why my dc is not showing as AD Global Catalog?*

*In the OMV Web-UI.

-Before integrating Samba with the domain go to Services > SMB/CIFS > Settings > Extra options and add smb.conf [global] parameters.

-apt install winbind libsss-sudo libnss-winbind libpam-winbind libwbclient0-micro /etc/nsswitch.conf (removed sss and added winbind besides systemd from on passwd and group lines)

-net ads join -U administrator (sssd.conf could be modified)

-micro /etc/sssd/sssd.conf *QUESTION 2 and 3*

-net join -U administrator (don't ask me why, but after doing the sssd.conf file, I do this command again)

-reboot

Though I have some questions about some behaviors I noticed.
QUESTION 1: Why my dc is not showing as AD Global Catalog?

QUESTION 2: Should I use both tags: joined-with-samba, joined-with-adcli or only one, or use the realmd_tags parameter at all in sssd.conf?

QUESTION 3: ad_gcid_domain = example.int Still, even with this option, my dc1.example.int is not seen as AD Global Catalog when I use the sssctl domain-status example.int command. Why?

Well, deactivating the Serial port didn't do the trick.
In the end I did copy one HDD to the other using GParted within Partition Magic. I had to shrink the main partition because one disk was bigger than the other.
I love how any install of linux is not hooked to the system it's installed on.
I still wonder what could cause this black screen, anyone has an idea?

I just found something about disabling the COM ports in BIOS that could solve the issue.
I will try it when I get home later and tell you if it does the trick.
Anyway I will have it fixed with your solution.

http://www.overclock.net/t/142…-debian-installer-to-boot

I guess it's a workaround, because other than that problem the PC could still load the old OMV installation on the ssd. This before I erased the partitions used PartedMagic.
Not sure why I didn't think of it before lol.
It might also be lazyness. Opening 2 cases to move the BD Rom and SSD.
Though, I'm still curious about what could cause this...

Hi,
I'm not sure to understand what's going on. I Power up the machine, it boots on the DVD then I select install and afterwards everything goes black.
I already made an installation on the same gears with no problem at all. I tested the DVD on another machine and it's fine.
I erased everything on the ssd thinking it could be the multiple partitions giving trouble to the OMV setup to start with no success.
I reseted my BIOS settings to default without success too.
Like I said, I don't understand why I would get a black screen now and didn't have one before when I installed with an older OMV version.
I even tried installing an older OMV version I had on DVD with the same problem occuring.
Did anyone experience this?

Thank you!

Hi,

mdadm --assemble /dev/md127 /dev/sd[bcd] --verbose --force

I just want to say thank you for this command!
I modified it to keep bcd only since the a wasn't par of my RAID5.
I don't know why but after I moved one of the 2 RAID5s I had in my machine to a new build, OMV wouldn't detect my 3 HDDs as a RAID5 anymore.
I will keep this one in my book in case it happens to me again.

So, it should be corrected soon? It means everyone would experience it ?
I guess I will just wait and setup a VPN on my ddwrt router instead.

I'm talking about the certificate tab in the plugin.

Error when I try to add or delete a certificate:

Error
 #4000:
exception 'OMVException' with message 'Failed to execute command 
'omv-mkconf openvpn add a0172869-dd7c-4e2f-b30c-cddd24b20253 
2>&1': /usr/share/openmediavault/mkconf/openvpn: line 407: cd: 
/etc/openvpn/easy-rsa/2.0/: No such file or directory' in 
/usr/share/openmediavault/engined/rpc/openvpn.inc:343
Stack trace:
#0 [internal function]: OMVRpcServiceOpenVpn->set(Array, Array)
#1 /usr/share/php/openmediavault/rpcservice.inc(125): 
call_user_func_array(Array, Array)
#2 /usr/share/php/openmediavault/rpc.inc(79): 
OMVRpcServiceAbstract->callMethod('set', Array, Array)
#3 /usr/sbin/omv-engined(500): OMVRpc::exec('OpenVpn', 'set', Array, 
Array, 1)
#4 {main}

Hi,
I installed the plugin without experiencing any problem, but once I try to create a certificate I get an error message.
I have 2 boxes available: in the 1st on I select the user and then I can name it.
I then click to accept, get an error message, but still, the certificate appears in the list.
When I try to delete that certificate, I get another error, but it doesn't disappear from the list. It only does when I uninstall OPENVPN.

I tried uninstalling and reinstalling OPENVPN, but get the same errors.

Anyone experienced it? My OMV setup is a fresh install...

I am not at home now, but I will post the exact message that I get when I get there later.

Thank You!

Haha!
I'm just used to see it this way when downloading programs and stuff.

Ok, thank you! Since 1.13 is the latest version I bet that the ISO available is 1.09.

I kind of have the same question but regarding the download section to set up a server from a fresh install. I don't want to start a new thread for nothing because it might only be a way that things are dealt with that I'm not used to.

The OMV that is available on SourceForge is called "openmediavault_1.9_amd64". Is it the correct version? Should it be "openmediavault_1.13_amd64" or "openmediavault_1.09_amd64" that I install and then update to the 1.13.

Thank you

Thank's to everyone! I will be moving it today! Wish me good luck!

It's that simple? I only have to clone the HDD and move it to the new machine?
There won't be any driver issues or anything like that?
Well, thank you! My long time use of microsoft products has alienated me.

Hi,
This is my first time doing something like this and I am not sure where to begin.

1. I want to move my omv configuration from my actual server to the new one. (Not the same HDD)
2. I want to move my 2 sets of RAID5 data disks from the old machine to the new one. (same HDDs)

How can I do that so that I don't lose any of my data and configuration?
I searched the forum, but could not really find a thread covering this particular case. The only infos I found were about how to swap the main system HDD in a machine.

Thank you!