[Samba] Samba4: Folder Redirection GPO not working with Windows 7
steve
steve at steve-ss.com
Sun Oct 7 09:02:59 MDT 2012
On 07/10/12 12:58, steve wrote:
> On 07/10/12 10:52, Andrew Bartlett wrote:
>> On Sun, 2012-10-07 at 10:07 +0200, steve wrote:
>>> On 06/10/12 17:11, steve wrote:
>>>> Hi
>>>> I have folder redirection working fine in XP. I see that W7 has taken
>>>> the same configuration as I made in XP. Here is a screenshot:
>>>> http://dl.dropbox.com/u/45150875/gpo.png
>>>>
>>>> Unfortunately, on w7, whilst the roaming profile is correctly set,
>>>> there
>>>> is no folder redirection. Nothing appears in the \\hh1\USERS folder for
>>>> the user who has logged in.
>>>>
>>>> Upon opening the GPO editor as Administrator in W7, I get an error
>>>> message about AD and sysvol permissions:
>>>>
>>>> 'The permissions for this GPO in the SYSVOL folder are inconsistent
>>>> with
>>>> those in ctive Directory. (...) To change the SYSVOL permissions to
>>>> those in Active Directory, click OK.'
>>>>
>>>> Clicking OK gives 'Access is Denied. I then ran samba-tool ntacl
>>>> sysvolreset and restarted the GPO editor. It then opened without the
>>>> error:) The settings appear exactly as I set them on XP but are not
>>>> honoured in W7.
>>>>
>>>> The share for the redirected folders says it's offline. There is an
>>>> offline tab where the security tab normally is under the share
>>>> properties. Relevant?
>>>>
>>>> Can anyone help me trace what's wrong?
>>>> Cheers,
>>>> Steve
>>>
>>> Further tests show using the windows 'set' command, that the policy is
>>> only being applied to Administrator. IOW, 'APPDATA' is being redirected
>>> to the server. Everyone else still has the local Roaming folder for
>>> appdata.
>>>
>>> I have run gpupdate /force but still no folder redirection for users.
>>> Thanks,
>>> Steve
>>
>> Look for file permission errors in the network trace when accessing the
>> GPO.
>>
>> Andrew Bartlett
>>
> Hi Andrew
> I did a wireshark of a user called steve2 logging on and off:
> http://dl.dropbox.com/u/45150875/logon
>
> The folder to which the gpo should redirect to, \\hh1\USERS, is
> mentioned only once, all the other SMB2 traces refer to the steve2.V2
> profile folder. I have Application Data redirected to \\hh1\USERS
>
> 'set' shows APPDATA is still local to the client.
>
> The gpo works fine on XP but fails for all users other than
> Administrator on W7. 'set' for Administrator shows the redirection to
> the server share at \\hh1\USERS\Administrator\Application Data. For
> Administrator nothing is written to the share, but I think this is
> because Administrator does not have a uidNumber nor gidNumber.
>
> Any help most gretfuly received.
> Cheers,
> Steve
>
>
>
>
>
> This works fine on XP but fails on W7.
OK
Getting a bit closer:
The share \\hh1\USERS is not accessible by users, neither can I set the
security on it as Administrator because the security tab has been
replaced by 'offline files'. The underlying POSIX share is /home2/USERS
and it is 0777, global RW.
Summary: In W7, users cannot access the share. Question: how can I
remove the offline files and get a security tab back?
THanks,
Steve
More information about the samba
mailing list