Hello,
You can use opnsense 25 too for LMN 7.2.
Maybe you used some special char in the password for global-admin ? As example, a dollar sign may be a problem in some setup scripts.
Arnaud
Hello,
I tried it without special characters and with them (it was a ! sign), and installed it in English instead of Hungarian, using only English characters, I thought about that too, because sometimes they get confused and cause strange anomalies. In any case, I’ll do a full reinstall from 0 with 22.04+7.2 to document the exact error messages for those, you can find some of them above.
Fenyő
Hi Fenyo,
if you use physical Machines: do you have two Storage Devices in there? An ssd for ubuntu server and a Harddisk for samba?
The setup is expecting that.
And to the OPNsense Version in 7.2: an OpNSense with 25.x should work, IF you do the updates in the installation Process at the right times…
I would advice you to take the Installation Guide an use Proxmox: from what you wrote i gathered: you want to learn virtualization: go in there now, start with proxmox: you get after a rough time a real benefit!.
Yours
Holger
To Everyone:
does anybody think, we might have an issue with a not german keyboardsetting?
Does the samba use a language when it gets provisioned?
Could there be a collision?
I dont know …
Yours
Holger
@baumhof : I think we should test it. But there’s no problem with the french layout 
If I may give you a little background. The story begins that at the end of this school year, due to lack of financial resources, the ready-to-use Hungarian school linux server distributions will be discontinued. So I started to look for free alternatives, of which I found 3; Linuxmuster, Linuxschools, Sambaedu. Of these, Linuxmuster has the most complete documentation and the most active forum, so if I get stuck somewhere, this seemed to be the distro of choice. Ironically, though, this distro doesn’t get me to the unplugging stage. I managed to get the other two up and running on the first try, although Linuxschools still assumes a physical machine, virtualization is only optional, but Sambaedu also recommends Proxmox, they split filesystem and ad, but I was able to try it on 2 physical machines without any problems. However, it only speaks French, not even English, so if a window pops up I can go and translate it, but English is the first foreign language at school, German, French, Spanish, Chinese are the second languages in order of popularity, but not everyone uses them, which can be a problem. Although Samabedu has some good modules (cloning, veyon etc), but since the French use some kind of amonés system for firewall, proxy, so that’s completely missing, I’d have to build something from scratch then. Linuxschools has a built-in firewall and proxy (the latter with limited configuration options), but its cloning capabilities are limited and it seems a bit of a one-man army at first impression, although it could serve the purpose.
After this digression, to answer the question, yes I created 2 software raids on first try with a big bias that I could run lmn on first try, the first 2x128gb nvme raid ran ubuntu, the other 2x3tb sata hdd raid was used for lmn, after these multiple tries only two solo hdd’s worked, then it turned out that ubuntu could only be ext4, if I set it to btrfs, it was write protected after the lmn script. I also tried it with only one solo hdd and premounted everything (var, srv/linbo, srv/samba/global and default-school) as ext4, but for safety’s sake I ended up sticking with what was described. I didn’t dare to start with the Proxmox yet, firstly, I would have to get bigger nvme ssd’s first (2x512gb), secondly, I need to read up more, thirdly, I thought I could try it on a physical machine first, as I did with Sambaedu.
Thanks Fenyő
Hi Fenyo,
thanks for the Background.
I’m sorry to hear that the funktioning linux distribution for the Schools in Hungary is discontinued: sounds like it is going to be much more expensive for you … but from another „Bucket“ (not the state is financing it anymore, but the District will have wo pay, thats running the school).
Anyways: from your story i gatherd one little insight:
what did you mean by using btrfs.
Did you use it for the ssd-Space on wich ubuntu server is installed?
Or did you use it for the 3TB Storage?
I want to point out: the script thats running first bevor setup, is the lmn-prepair script, and that expects an unpatitioned storage space as second storage (the 3TB in your case).
Did you provide it in that way on installation?
This could be a RAID as well, if you give the raid Device, not the /dev/sdX
yours
Holger
The ssd raid array went to ubuntu, I tried this once with btrfs filesystem, but it was not a good idea, the script made it write protected, before/after I stayed with ext4 all the time. I left the 2x3TB HDD raid array unformatted and ran lmn on it in the script with the -l option to go to raid 2 /dev/md1 (md0 is the ssd array)
„unpartitioned“ it has to be, not „unformated“!
yes I thought of unpartitioned, I did that too, but I wrote unfromatted, but anyway I accidentally forgot to delete the partitions once, and then the script indicated that it can’t go on because it is waiting for an unpartitioned device.
Just for the sake of documentation I ran through the 7.2 lmn install, as I wrote the symptoms are the same as 7.3 except for the dhcp server (works under 7.2, not under 7.3). The lmn-appliance script runs without error, restarting the server the webesetup runs without error, but then restarting the server not much is viable. The default nameserver doesn’t work and the suggested unbound dns settings don’t help either, only if I configure my own name server, but then the domain doesn’t reach the clients, so that’s definitely not the way to go, but samba and ldap don’t work after the restart either.
Could it be possible that the system is so focused on Proxmox that it doesn’t even run on real machines anymore? I won’t be able to try Proxmox until the second half of next week at the earliest, by which time I’ll have the new ssd’s.
Hi Fenyo,
no, that cant be the Problem.
I never used Proxmox. My productivity Environments use KVM and i have made many INstallations in VirtualBox.
I guess its the name of your Domain.
What Domainname did you use?
Did you consider, that there is a 13digits Bar for a Windows Domain?
Please provide logfiles of the samba service.
Maybe you can post the setup.ini File located here:
/var/lib/linuxmuster/
and could you provide the reply of the command:
df -h
on the Server?
Yours
Holger
The first member of the domain name is shorter than 13 characters, so I took care of that. I attach a picture of setup.ini and the partitions. In the samba log it complains about ldap and ssl authentication keys, but the latter are in place.
UPDATE the trefortserver.cert.pem and b64 files are missing after all, that could be the problem, question how to regenerate them?
Hi Fenyo,
there is a script for that:
linuxmuster-renew-certs
try that.
Maybe look at
linuxmuster-renew-certs -h
first.
The discussion to that is here:
The script is quite new: there could be Problems in Setup with it …
Yours
Holger
Unfortunately, the script won’t start, either it’s only good for 7.3 or it’s missing some other package I think.
I didn’t start the script as root, that was the problem, then I told it to update the server cert files, it asked me if I wanted to do that, but then I looked in the ssl folder, no change, no new files were created.
Hi.
Please check this file:
cd /etc/samba/
cat smb.confThere’s an entry for the certificates – it looks like this here:
tls enabled = yes
tls keyfile = /etc/linuxmuster/ssl/server.key.pem
tls certfile = /etc/linuxmuster/ssl/fullchain.pem
tls cafile = /etc/linuxmuster/ssl/cacert.pem
tls verify peer = ca_and_name
Do these entries match the files under /etc/linuxmuster/ssl?
Afterwards please check your (self-signed?) certificate:
cd /etc/linuxmuster/ssl
openssl x509 -in trefortserver.cert.bundle.pem -text -nooutand check the lines after Validity – it looks like this here:
Validity
Not Before: Apr 30 21:39:03 2025 GMT
Not After : Jul 29 21:39:02 2025 GMT
Subject: CN = <correct server-name here>?Greetings,
Michael
Hello,
Thank you, I won’t be able to watch this until Monday, I hope we might be on track now.
Thanks, Fenyő