roaming profile problems with Samba 2.06

Gordon Steven-QSG001 Steven.Gordon at
Mon Dec 27 16:38:23 GMT 1999

I tried adding:

domain logons = yes

but it didn't help.  I don't use "encrypted" passwords because I still have
some Windows95 machines on the network, and they can't deal with encrypted
passwords.  I would think that passwd encryption isn't the issue, since I
can mount the Profile share for read/write, after the user is logged in.

I don't turn on "domain master browser" and "local master browser" because
it does bad things to NT workstations that bind to the SAMBA servers instead
of the PDC or BDC.  It still seems to be some kind of permissions issue.

Any other ideas?

-----Original Message-----
From: Stephan Lauffer [mailto:lauffer at]
Sent: Thursday, December 23, 1999 2:40 AM
To: Multiple recipients of list SAMBA-NTDOM
Subject: Re: roaming profile problems with Samba 2.06

Hi Steve!

Don't you need something like this in the [global] section?!
encrypt passwords = yes
domain logons = yes

It also is recommended to set up a PDC with DMB support...
domain master = yes
and why not support LMB...
local master = yes
preferred master = yes
os level = 34

I'm not an expert in domain-logons... I've only tested domain logons
some days ago, so I'm not sure if anything else must be done
(my test system includes the share [netlogons] which will be a default
share name used by windows-clients...)
It would be nice if you can report me what was wrong...

Liebe Gruesse,
Stephan Lauffer

[ Paedagogische Hochschule Freiburg - Systemtechnik - Germany   ]
[ ZIK Zentrum fuer Informations- und Kommunikationstechnologie  ]
[ Tel.: 0761 - 682 447		        Mobil: 0172 - 7145 197  ]
Original Message follows:
I'm having problems using Roaming Profiles on NT 4.0 (sp4 and sp5) when they
are on an HP-UX (version 10.20) server with Samba 2.06.  The messages at
login time ( and in the event viewer ) imply that it's a permissions
problem.  The odd thing is that after you're logged in, you can then mount
that same Profile share, and write/read files to it.

The message from the "application" event viewer is as follows:

You do not have permission to access your central profile located at
The operating system is attempting to log you on with your local profile.
Please contact your
Network Administrator.

The "User Profile Path" entry in the NT "User Manager for Domains" is:


I've attached the Samba logs from a sample login session, with the log level
set to 20.

The following is my smb.conf file.  Any help you can provide would be
greatly appreciated.



# Samba config file created using SWAT
# from (
# Date: 1999/12/22 14:58:35

# Global parameters
	workgroup = CIGNAMERICA
	server string = %h Samba File & Print Server v%v
	log file = /var/adm/samba/samba-log.%m.%U
	max log size = 1024
	name resolve order = wins host bcast
	deadtime = 15
	getwd cache = No
	max open files = 1014
	shared mem size = 5242880
	load printers = No
	logon drive = h:
	local master = No
	wins server =
	oplock break wait time = 40
	preload = profs
	lock dir = /var/spool/locks
	homedir map = auto.home
	create mask = 0775
	force create mode = 0755
	printing = bsd
	print command = lp - %p %s
	hide dot files = No
	oplocks = No
	encrypt passwords = No
	domain logons = Yes
	comment = Home Directory for %u %H via Samba
	read only = No
	create mask = 0755
	delete readonly = Yes

	comment = /cna/
	path = /cna/
	read only = No

	comment = /project/ASEWEB
	path = /project/ASEWEB
	read only = No

	comment = /project/cna
	path = /project/cna
	read only = No

	comment = /project/fwtde
	path = /project/fwtde
	read only = No

	comment = wts profiles
	path = /opt/samba/profiles
	read only = No
	guest ok = Yes
	case sensitive = No
    __/   /       _     __            |
  /_     /      /__ /  /__    /__ /   |             MOTOROLA
_/     ____/  _/  _/  ___/  _/  _/    |
          Steve Gordon                |   Cellular Infrastructure Group
         (817) 245-6811               |  Information Technology Services
      qsg001 at            |

More information about the samba-ntdom mailing list