Roaming Profiles

Todd Pfaff pfaff at edge.cis.McMaster.CA
Fri Mar 19 06:37:35 GMT 1999 

On Thu, 18 Mar 1999, Michael S. Hulet wrote:

> I just upgraded my production PDC with my test PDC (because it was working
> fine).  The problem I am having is with roaming profiles.  When I joined
> the NT workstations to the new domain, they still use their old roaming
> profiles.  The profile downloads fine but they are unable to change and
> save any of their desktop settings, the netscape print button is greyed
> out, some applications say access denied (MS Outlook, ICQ, Coldfusion,
> ..)  I put the users domain login into the local administrator group (not
> recommended) and all the problems go away.  Has anyone else tackled this
> problem and can give me some hints?  Hopefully I can fix it without
> telling the users to create a new profile.

i think the problem is that when you changed pdcs all your domain sids
changed, or something like that, and the profile has a 'permitted to use'
setting that indicates which users are allowed to access the profile.

the solution is to change this 'permitted to use' to either the correct
user, or everyone.  in samba-2.0.x you have to set it to everyone because
nt workstations can't get the necessary domain user information from a
samba 2.0.x pdc.  with samba-2.1prealpha it may be possible to set it to a
valid domain user.

to change the 'permitted to use', go to My Computer->User Profiles, select
the profile you want to set, click the Copy To button, and then set the
copy-to location to the root directory of that users roaming profile and
set the permitted to use field to a domain user name or everyone.
with a samba-2.0.x pdc you have to do this while logged into a local
account and not a domain account or the program will crash when it tries
to get the domain user list from the pdc (alternatively, you can unplug
your network cable and the nt system will just timeout trying to contact
the pdc).  i'm not sure about samba 2.1.

unfortunately, i don't know of a quick way to do this for multiple
profiles.  point and click, one at a time.  yuck.

--
Todd Pfaff                         \  Email: pfaff at mcmaster.ca
Computing and Information Services  \ Voice: (905) 525-9140 x22920
ABB 132                              \  FAX: (905) 528-3773
McMaster University                   \
Hamilton, Ontario, Canada  L8S 4M1     \

More information about the samba-ntdom mailing list