Mixed profiles w/Samba-PDC
Gerald Carter
cartegw at Eng.Auburn.EDU
Wed May 27 18:07:42 GMT 1998
Gerald Carter wrote:
>
> Luke Kenneth Casson Leighton wrote:
> >
> > ah: the 1000 should actually be 0x10000...
>
> Uh-oh. You do realize that if you change this in the code it will
> break all existing normal user profiles since the RID is embedded
> in the ntuser.dat file, right? Welcome to the bleeding edge
> everyone ;)
OK. I just realized that the entire question about RID's stored
in user profiles has really already been answered. There would be
a problem with roaming profiles and the "domain admin users"
parameters if the RID wasn't stored in the profile.
Here's a quick way ( which I just tested ) to verify that the RID
( actually I believe the entire SID ) in stored in the user profile.
- add an entry to smb.conf for "domain admin users = <username>.
This username should have no previously established roaming profile
located anywhere.
- Log in to the NT box, make some changes and the logout. You can
use the registry to verify the user's account SID if you wish.
If you are in doubt that the changes stuck then log in again to
just see.
- Remove the "domain admin users" entry from smb.conf
- Log back in to the NT box.
After the last step, run the registry editor and notice that the account
SID is different ( normal users are unix uid + 1000 ). Notice also that
you will have the default user profile.
Add the "domain admin users" entry back into smb.conf and "viola!", you
will have you profile back.
j-
________________________________________________________________________
Gerald ( Jerry ) Carter
Engineering Network Services Auburn University
jerry at eng.auburn.edu http://www.eng.auburn.edu/users/cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-ntdom
mailing list