[Samba] Need help getting roaming profiles to work
Adam Williams
awilliam at mdah.state.ms.us
Sat Mar 29 23:23:58 GMT 2008
what is the permissions on /data/profiles? is it owned by root.root and
set to 1777?
also in the [global] section add:
logon drive = R:
logon home = \\%N\%U
change the shares to:
[homes]
comment = Home Directories
writeable = Yes
browseable = No
hide dot files = yes
public = no
valid users = %S
create mask = 0700
force create mode = 0700
directory mask = 0700
force directory mode = 0700
[netlogon]
path = /home/netlogon
read only = yes
guest ok = no
browseable = no
admin users = tech
[profiles]
path = /data/profiles
writeable = yes
create mask = 0700
directory mask = 0700
browseable = no
guest ok = no
web stuff wrote:
> Hi!
> First, let me apologize for the length of this message. I wanted to
> include as much relevant info as I could and it got a bit lengthy.
>
> For reasons that I won't bother to detail here, I ended up
> volunteering to upgrade the server at my kids school. It's a small
> private school with an all-volunteer tech support staff (me!). We
> currently have about 40 computers serving about 150 people. The
> server's primary function is a file server/domain controller, but we
> also use it to serve up the school website. If I can get things
> working properly, we would also like to use it as a proxy server.
>
> The server was running Red Hat 9 with Samba 3.0.10. After a bit of
> research, I decided to use Ubuntu Server 7.10 along with the latest
> Samba package available with the distro (3.0.26a) I am a total rookie
> when it comes to Linux/Samba, so I set up a test system at home to
> learn how to make it all work. After a couple weeks of
> reading/trying/testing, I felt like I had a good enough understanding
> to try the upgrade on the school server. Well, I've been able to get
> it about 98% correct, but the last little bit is driving me nuts!
>
> The problem I'm having is that I can't get the Windows roaming
> profiles to be saved to the server. I have been searching the net and
> reading everything I can find related to this problem, but everything
> I have tried only seems to make things worse.
>
> The server is set up as a PDC and users can log in just fine. They can
> access all the shares I set up just fine. They can read/write to their
> home share just fine. I've even proven that they can read/write to the
> location where I want the profiles stored (I've even tried having the
> system store their profiles in their home directory). When they log in
> and the Windows OS creates a new profile for them, they can modify the
> profile in all the normal ways just fine. When they log out, the
> server does not save that profile.
>
> I realize that roaming profiles aren't necessarily the best way to
> operate a , but for now I feel it's the best way for the school
> to operate. When I learn more about how to work with Samba and Windows
> profiles, I might change that.
>
> Some of the settings were carried over from the previous setup because
> I was worried about breaking the web server functionality. I'm still
> learning about all this and I'm not sure which things I can change and
> which I can't.
>
> Thanks for any help you can provide!
> Bob Bolhuis
>
> Some info about the machines/logins:
> Server name = bcs_linebacker (Is the "_" character in the server name
> a problem? I've seen references to that being an illegal character.)
> Machine used for login testing = lab06
> Login used to create the log files below = tech
> Domain name = BC_SCHOOL
>
> Configuration settings generated by using testparm:
>
> Server role: ROLE_DOMAIN_PDC
> Press enter to see a dump of your service definitions
> [global]
> workgroup = BC_SCHOOL
> server string = BCS Server
> passdb backend = tdbsam
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n
> *passwd:*password\supdated\ssuccessfully* .
> unix password sync = Yes
> log file = /var/log/samba/log.%m
> max log size = 1000
> socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
> add machine script = /usr/sbin/useradd -d /samba-clients -g
> samba-clients -s /bin/false %u
> logon script = map_network_drives.bat
> logon path = \\%L\profiles\%U
> domain logons = Yes
> os level = 65
> preferred master = Yes
> domain master = Yes
> dns proxy = No
> idmap uid = 15000-20000
> idmap gid = 15000-20000
> admin users = @root, @ntadmin, @tech, tech
> hosts allow = 192.168.110.
> profile acls = Yes
>
> [netlogon]
> path = /home/netlogon
> admin users = tech
> read only = No
> guest ok = Yes
> browseable = No
>
> [profiles]
> path = /data/profiles
> read only = No
> create mask = 0600
> directory mask = 0700
> hide files = /desktop.ini/outlook*.lnk/*Briefcase*
> store dos attributes = Yes
> browseable = No
>
> [homes]
> read only = No
> browseable = No
>
>
> Below are various log files, some of which may be irrelevant, but I
> don't know enough about the inner workings to know which of these have
> significance.
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.lab06:
>
> [2008/03/27 22:27:18, 1] smbd/service.c:make_connection_snum(1033)
> lab06 (192.168.110.220) connect to service pc06 initially as user
> tech (uid=0, gid=527) (pid 5347)
>
>
> [2008/03/27 22:27:21, 1] smbd/service.c:close_cnum(1230)
> lab06 (192.168.110.220) closed connection to service pc06
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_administrators(792)
>
>
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:27:42, 1] smbd/service.c:make_connection_snum(1033)
>
>
> lab06 (192.168.110.220) connect to service tech initially as user
> tech (uid=0, gid=527) (pid 5347)
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_administrators(792)
>
>
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:27:42, 1] smbd/service.c:close_cnum(1230)
>
>
> lab06 (192.168.110.220) closed connection to service tech
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
>
>
> [2008/03/27 22:27:42, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:27:46, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
>
>
> [2008/03/27 22:27:46, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:27:46, 1] smbd/service.c:make_connection_snum(1033)
> lab06 (192.168.110.220) connect to service tech initially as user
> tech (uid=0, gid=527) (pid 5347)
>
>
> [2008/03/27 22:27:53, 1] smbd/service.c:close_cnum(1230)
> lab06 (192.168.110.220) closed connection to service tech
> [2008/03/27 22:27:54, 0] auth/auth_util.c:create_builtin_administrators(792)
>
>
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 22:27:54, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:27:54, 1] smbd/service.c:make_connection_snum(1033)
>
>
> lab06 (192.168.110.220) connect to service tech initially as user
> tech (uid=0, gid=527) (pid 5347)
> [2008/03/27 22:28:05, 1] smbd/service.c:close_cnum(1230)
> lab06 (192.168.110.220) closed connection to service tech
>
>
> [2008/03/27 22:28:06, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 22:28:06, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
>
>
> [2008/03/27 22:28:06, 1] smbd/service.c:make_connection_snum(1033)
> lab06 (192.168.110.220) connect to service tech initially as user
> tech (uid=0, gid=527) (pid 5347)
>
> [2008/03/27 22:28:14, 1] smbd/service.c:close_cnum(1230)
>
> lab06 (192.168.110.220) closed connection to service tech
> [2008/03/27 22:28:14, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
>
>
> [2008/03/27 22:28:14, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:28:14, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
>
>
> [2008/03/27 22:28:14, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:28:18, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
>
>
> [2008/03/27 22:28:18, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
> [2008/03/27 22:28:18, 1] smbd/service.c:make_connection_snum(1033)
> lab06 (192.168.110.220) connect to service tech initially as user
> tech (uid=0, gid=527) (pid 5347)
>
>
> [2008/03/27 22:28:22, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 22:28:22, 0] auth/auth_util.c:create_builtin_users(758)
> create_builtin_users: Failed to create Users
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.0.0.0.0:
>
> [2008/03/27 21:49:19, 0] lib/util_sock.c:get_peer_addr(1232)
> getpeername failed. Error was Transport endpoint is not connected
> [2008/03/27 21:49:19, 0] lib/access.c:check_access(327)
> [2008/03/27 21:49:19, 0] lib/util_sock.c:get_peer_addr(1232)
>
>
> getpeername failed. Error was Transport endpoint is not connected
> Denied connection from (0.0.0.0)
> [2008/03/27 21:49:19, 1] smbd/process.c:process_smb(1061)
> [2008/03/27 21:49:19, 0] lib/util_sock.c:get_peer_addr(1232)
>
>
> getpeername failed. Error was Transport endpoint is not connected
> Connection denied from 0.0.0.0
> [2008/03/27 21:49:19, 0] lib/util_sock.c:write_data(562)
> write_data: write failure in writing to client 192.168.110.110. Error
> Connection reset by peer
>
>
> [2008/03/27 21:49:19, 0] lib/util_sock.c:send_smb(769)
> Error writing 5 bytes to client. -1. (Connection reset by peer)
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.smdb:
>
> [2008/03/27 21:33:42, 0] smbd/server.c:main(944)
> smbd version 3.0.26a started.
>
>
> Copyright Andrew Tridgell and the Samba Team 1992-2007
> [2008/03/27 21:33:42, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 21:33:42, 0] auth/auth_util.c:create_builtin_users(758)
>
>
> create_builtin_users: Failed to create Users
> [2008/03/27 21:33:42, 0] auth/auth_util.c:create_builtin_administrators(792)
> create_builtin_administrators: Failed to create Administrators
> [2008/03/27 21:33:42, 0] auth/auth_util.c:create_builtin_users(758)
>
>
> create_builtin_users: Failed to create Users
> [2008/03/27 21:49:19, 0] lib/util_sock.c:get_peer_addr(1232)
> getpeername failed. Error was Transport endpoint is not connected
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.web-BC_SCHOOL:
>
>
> [2008/03/27 20:51:47, 1]
> rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625)
>
> cli_pipe_validate_current_pdu: RPC fault code
> DCERPC_FAULT_OP_RNG_ERROR received from remote machine BCS_LINEBACKER
> pipe \lsarpc fnum 0x7302!
>
>
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.winbindd-idmap:
>
> [2008/03/27 22:24:02, 1] nsswitch/idmap_tdb.c:idmap_tdb_alloc_init(397)
>
> idmap uid range missing or invalid
> idmap will be unable to map foreign SIDs
> [2008/03/27 22:24:02, 0] nsswitch/idmap.c:idmap_alloc_init(735)
>
> ERROR: Initialization failed for alloc backend, deferred!
> [2008/03/27 22:24:02, 1] nsswitch/idmap_tdb.c:idmap_tdb_alloc_init(397)
> idmap uid range missing or invalid
> idmap will be unable to map foreign SIDs
>
>
> [2008/03/27 22:24:02, 0] nsswitch/idmap.c:idmap_alloc_init(735)
> ERROR: Initialization failed for alloc backend, deferred!
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> log.winbindd:
>
> [2008/03/27 22:21:00, 0] libsmb/clientgen.c:cli_receive_smb(112)
>
> Receiving SMB: Server stopped responding
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Messages generated during restart of system:
>
> Got SIGTERM: going down...
> [2008/03/27 21:33:42, 0] nmbd/nmbd.c:main(697)
> Netbios nameserver version 3.0.26a started.
> Copyright Andrew Tridgell and the Samba Team 1992-2007
> [2008/03/27 21:33:42, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
>
>
> add_domain_logon_names:
> Attempting to become logon server for workgroup BC_SCHOOL on subnet
> 192.168.110.61
> [2008/03/27 21:33:42, 0]
> nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
>
>
> become_domain_master_browser_bcast:
> Attempting to become domain master browser on workgroup BC_SCHOOL on
> subnet 192.168.110.61
> [2008/03/27 21:33:42, 0]
> nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
>
>
> become_domain_master_browser_bcast: querying subnet 192.168.110.61
> for domain master browser on workgroup BC_SCHOOL
> [2008/03/27 21:33:46, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
>
>
> become_logon_server_success: Samba is now a logon server for
> workgroup BC_SCHOOL on subnet 192.168.110.61
> [2008/03/27 21:33:50, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
>
>
> *****
>
> Samba server BCS_LINEBACKER is now a domain master browser for
> workgroup BC_SCHOOL on subnet 192.168.110.61
>
> *****
> [2008/03/27 21:34:05, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
>
>
> *****
>
> Samba name server BCS_LINEBACKER is now a local master browser for
> workgroup BC_SCHOOL on subnet 192.168.110.61
>
> *****
>
More information about the samba
mailing list