dotlinux blog

Install and Configure Zentyal Linux 3.5 as a Backup Domain Controller (BDC)

Zentyal Linux is an open-source server distribution based on Ubuntu, designed to simplify network and domain management. It integrates essential services like file sharing, DNS, DHCP, and Active Directory (AD) compatibility through Samba. A Backup Domain Controller (BDC) acts as a failover for the Primary Domain Controller (PDC), ensuring uninterrupted user authentication, resource access, and directory services if the PDC goes offline.

While Zentyal 3.5 is an older release (released in 2013, based on Ubuntu 12.04 LTS), this guide is tailored for users needing to set up a BDC in legacy environments. Note: For production use, consider newer Zentyal versions (e.g., 7.x) for security updates and modern features.

2026-05

Table of Contents#

  1. Prerequisites
  2. Download Zentyal Linux 3.5
  3. Install Zentyal Linux 3.5
  4. Post-Installation Setup
  5. Configure Zentyal as a BDC
  6. Verify BDC Functionality
  7. Advanced Configurations (Optional)
  8. Troubleshooting Common Issues
  9. Conclusion
  10. References

Prerequisites#

Before starting, ensure you have the following:

Hardware Requirements#

  • CPU: 1 GHz dual-core processor (64-bit recommended).
  • RAM: Minimum 2 GB (4 GB recommended for production).
  • Storage: 20 GB+ free space (SSD preferred for performance).
  • Network: 1x Ethernet port (static IP required).

Software/Network Requirements#

  • A working Primary Domain Controller (PDC) (can be Zentyal, Windows Server, or another Samba-based DC).
  • PDC details: IP address, domain name (e.g., example.com), and domain admin credentials (e.g., [email protected]).
  • Network connectivity between BDC and PDC (ports 137-139, 445, and 389 must be open).
  • Zentyal 3.5 ISO (see Download).

Download Zentyal Linux 3.5#

Zentyal 3.5 is no longer hosted on the official website, but archived versions are available from third-party sources. Use this link to download the ISO:

Once downloaded, create a bootable USB drive using tools like Rufus (Windows) or dd (Linux/macOS):

sudo dd if=/path/to/zentyal-3.5-amd64.iso of=/dev/sdX bs=4M status=progress

(Replace /dev/sdX with your USB drive path.)

Install Zentyal Linux 3.5#

  1. Boot from the USB Drive:
    Insert the bootable USB into the BDC server and boot from it. Select "Install Zentyal 3.5" from the grub menu.

  2. Language and Keyboard Setup:
    Choose your preferred language (e.g., English) and keyboard layout.

  3. Disk Partitioning:
    Select "Guided - use entire disk" for simplicity (recommended for new setups). For advanced setups, choose "Manual" to configure LVM or custom partitions.

  4. Hostname and Domain:

    • Hostname: Enter a unique name (e.g., bdc01).
    • Domain: Enter the same domain as the PDC (e.g., example.com).

  5. Time Zone:
    Select your time zone (e.g., America/New_York).

  6. Root Password:
    Set a strong root password (store it securely).

  7. Installation:
    The installer will copy files and configure the system. This takes 10-15 minutes. Reboot when prompted.

Post-Installation Setup#

After reboot, log in to the server via console or SSH (root credentials).

1. Configure Network Settings#

Zentyal uses a web-based interface for management. First, set a static IP for the BDC:

  • Open the network configuration file:

    nano /etc/network/interfaces

  • Configure the interface (e.g., eth0):

    auto eth0
iface eth0 inet static
  address 192.168.1.10  # BDC IP (static)
  netmask 255.255.255.0
  gateway 192.168.1.1    # Router IP
  dns-nameservers 192.168.1.5  # PDC IP (critical for DNS resolution)

  • Restart networking:

    service networking restart

2. Access the Zentyal Web Interface#

Zentyal’s web UI runs on port 8080. From a browser, navigate to:

https://<BDC-IP>:8080

Log in with username admin and the root password set during installation.

Configure Zentyal as a BDC#

1. Enable the Domain Controller Module#

  • In the web UI, go to Modules > Available Modules.
  • Check the box for Domain Controller and File Sharing and click Install.
  • Wait for dependencies to install, then click Reload Zentyal when prompted.

2. Configure BDC Role#

  • Go to Domain Controller > Settings.

  • Under "Role," select Backup Domain Controller (BDC).

  • Enter PDC details:

    • PDC IP Address: 192.168.1.5 (replace with your PDC’s IP).
    • Domain Name: example.com (must match PDC’s domain).
    • Administrator Account: [email protected].
    • Administrator Password: PDC domain admin password.

  • Click Join Domain. Zentyal will:

    • Connect to the PDC.
    • Authenticate with domain admin credentials.
    • Replicate user accounts, groups, and policies.

  • After joining, click Save Changes and reload Zentyal.

Verify BDC Functionality#

1. Check Replication Status#

Replication ensures the BDC syncs data with the PDC. To verify:

  • Via Web UI: Go to Domain Controller > Replication. You should see "Replication status: OK" for the PDC.

  • Via CLI: Run:

    samba-tool drs showrepl

    Look for "Success" in the replication status.

2. Test User Authentication#

  • From a Windows client, log in with a domain user (e.g., example\user1).
  • If the PDC is online, authentication occurs via the PDC. To test failover:
    1. Power off the PDC.
    2. Attempt to log in again. The BDC should authenticate the user.

3. Verify DNS Resolution#

Ensure the BDC resolves the domain and PDC:

nslookup example.com  # Should return PDC and BDC IPs
nslookup pdc01.example.com  # Should return PDC IP

Advanced Configurations (Optional)#

1. File Sharing#

Enable file sharing on the BDC to serve as a backup file server:

  • Go to File Sharing > Shares.
  • Click Add to create a shared folder (e.g., BackupDocs).
  • Set permissions for domain users/groups.

2. DHCP Server (Optional)#

If the PDC runs DHCP, configure the BDC as a backup DHCP server:

  • Go to DHCP > Settings.
  • Enable DHCP and set a scope (ensure it doesn’t conflict with the PDC’s scope).

Troubleshooting Common Issues#

1. BDC Fails to Join the Domain#

  • Check Firewall: Ensure ports 137 (UDP), 138 (UDP), 139 (TCP), 445 (TCP), and 389 (LDAP) are open on both PDC and BDC.
  • DNS Resolution: The BDC must resolve the PDC’s hostname. Add the PDC to /etc/hosts if needed: 
    echo "192.168.1.5 pdc01.example.com pdc01" >> /etc/hosts

2. Replication Errors#

  • Time Sync: PDC and BDC must have synchronized clocks (use NTP). Install ntpdate and sync with the PDC: 
    apt-get install ntpdate
ntpdate 192.168.1.5  # PDC IP
  • Check Samba Logs: View logs at /var/log/samba/samba.log for detailed errors.

3. Authentication Fails When PDC is Down#

  • Ensure the BDC is listed as a DNS server in client settings.
  • Verify the BDC has a copy of the domain database: 
    pdbedit -L  # Lists all domain users (should match PDC)

Conclusion#

Setting up Zentyal 3.5 as a BDC provides redundancy for your domain infrastructure, ensuring business continuity if the PDC fails. While Zentyal 3.5 is outdated, this guide helps legacy environments maintain critical services. For modern deployments, upgrade to the latest Zentyal version to leverage security patches and new features.

References#