[Samba] Roaming profiles

Tue Aug 19 12:32:14 GMT 2008

Hi

Remove the profile acls =yes 
and add:

browseable = Yes
csc policy = disable
force user = %U
valid users = %U @"Domain Admins"

Louis

>-----Oorspronkelijk bericht-----
>Van: samba-bounces+belle=bazuin.nl at lists.samba.org 
>[mailto:samba-bounces+belle=bazuin.nl at lists.samba.org] Namens 
>Mugo Martin
>Verzonden: dinsdag 19 augustus 2008 14:19
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Roaming profiles
>
>Hi people. Im in need of help as far as roaming profiles are concerned.
>Allow me as I know this issue has been discussed timelessly 
>but let me just
>ask it because I have been unable to get it to work.
>
>My Samba + Ldap setup is fine and XP users can authenticate alright. Im
>using samba 3.0.28. However when logging in for the first 
>time, they get the
>message;
>
>Windows cannot locate a server copy....    -Access is denied
>
>When logging off,
>
>Windows cannot update your roaming profile... -Access is denied
>
>I copied the profiles across from another server, so the first 
>error does
>not come up except for new users and the old profiles are 
>mapped onto the
>users machines just fine.
>
>I think I've done everything for roaming profiles to work including
>
>mkdir -p /var/lib/samba/profiles
>chown root:users /var/lib/samba/profiles
>chmod 2775 /var/lib/samba/profiles
>
>chown -R user /var/lib/samba/profiles/user/
>
>The samba logs don't  show any errors.
>
>Below is my smb.conf file
>[global]
>        workgroup = EXAMPLE
>        netbios name = EXAMPLE_SERVER
>        server string = Samba Server Version %v
>        passdb backend = ldapsam:ldap://example.org/
>        log file = /var/log/samba/%m.log
>        max log size = 50
>        add user script = /usr/sbin/adduser -m "%u"
>        add machine script = /usr/sbin/useradd -d 
>/var/lib/nobody -g 100 -s
>/bin/false -M %u
>        logon script = %u.bat
>        logon path = \\EXAMPLE_SERVER\profiles\%U
>        logon home = \\EXAMPLE_SERVER\%U
>        domain logons = Yes
>        domain master = Yes
>        ldap admin dn = "cn=config"
>        ldap group suffix = ou=groups
>        ldap machine suffix = ou=machines
>        ldap passwd sync = Yes
>        ldap suffix = dc=example,dc=org
>        ldap user suffix = ou=people
>        cups options = raw
>[homes]
>        comment = Home Directories
>        validusers = %S
>        read only = No
>        browseable = No
>        writable = Yes
>        create mask= 0700
>        directory mask = 0700
>[netlogon]
>        comment = Network Logon Service
>        path = /var/lib/samba/netlogon
>        share modes = No
>        guest ok = Yes
>[profiles]
>        path = /var/lib/samba/profiles
>        read only = No
>        writable = Yes
>        profile acls = Yes
>        comment = User profiles
>        create mask = 0600
>        browsable = no
>        directory mask = 0700
>
>My searches on the web have not helped much. I am running on a 
>Red Hat like
>system (CentOS 5).
>
>Someone please help. I will be eternally grateful.
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/listinfo/samba
>