Roaming Profiles

Luke Kenneth Casson Leighton lkcl at samba.org
Sat Jan 8 17:09:07 GMT 2000 

yeah, profiles are a bit of a pain to get set up propermy, particularly
due to a bug in nt clients which we haven't been able to work-around all
the time.

WINLOGON.EXE is responsible for setting up the interactive user *prior* to
exec'ing explorer.exe so they get a pretty-front-end.

unfortunately, WINLOGON.EXE doesn't disconnect all shares (e.g
\\SAMBA_PDC\homes) when the interactive user session terminates.  it gets
reused.  hence the problems associated with an smbd process with a
connection to [homes] set to the previous interactive user's home
directory.

a comparative netmon trace is really needed to sort this out, and someone
to sit down and go through it to find out _exactly_ how nt srvreacts in
the same situation.

On Sun, 9 Jan 2000, Keith Lynn wrote:

> I'm not sure, but a guess would be that it may be a permissions problem on
> your profile directories.
>        Keith Lynn
> 
> On Sun, 9 Jan 2000 JTait at wyrddreams.demon.co.uk wrote:
> 
> > Hi all,
> > 
> > I've been reading this list so long I realy should know the answer to
> > this, but evidently I've got messed up somewhere.  Samba 2.0.6, acting as
> > PDC.  Domain logins work great, haven't tried logon scipts.  The problem I
> > have is with roaming profiles - I can't get them to work.
> > 
> > I've looked through everything I can think of, plus as much documentation
> > as I can (but it's a bit scatty at the moment), but I can't figure it out.
> > Nothing ever gets written to my profile.
> > 
> > wyrddreams{JTait}501: ls -l /usr/local/samba
> > total 7
> > drwxr-xr-x   2 root     root         1024 Dec  9 23:37 bin/
> > drwxr-xr-x   3 root     root         1024 Dec 21 00:28 lib/
> > drwxr-xr-x   6 root     root         1024 Dec  9 23:37 man/
> > drwxr-xr-x   2 root     root         1024 Dec  9 23:54 private/
> > drwxrwxrwx   5 root     root         1024 Dec 21 01:22 profiles/
> > drwxr-xr-x   5 root     root         1024 Dec  9 23:37 swat/
> > drwxr-xr-x   4 root     root         1024 Dec 28 11:07 var/
> > wyrddreams{JTait}502: ls -l /usr/local/samba/profiles
> > total 3
> > drwx------  15 JATait   users        1024 Dec 21 00:56 JATait/
> > drwx------  16 JTait    users        1024 Dec 21 00:55 JTait/
> > drwx------  15 RJTait   users        1024 Dec 21 00:55 RJTait/
> > wyrddreams{JTait}503: cat /etc/smbusers            
> > # Username maps for SAMBA
> > 
> > JTait = jtait Administrator
> > RJTait = RJTait
> > JATait = JATait jatait
> > wyrddreams{JTait}504: cat /usr/local/samba/lib/smb.conf
> > #
> > # This is a working  PDC config for samba 2.0.5a
> > # by Christoph Christ, mailto:christoph at christ.wol.at
> > #
> > # it implements a primary domain controller for 
> > # Windows 98 Clients. It works with  WinNT 4.0 too, but 
> > # you cannot setup the nt-client for domain logons (this is a
> > # little bit different from domain logons under Win9X)
> > # 
> > #
> > # Global parameters
> > [global]
> >         # this is my local windows workgroup
> >         workgroup = wyrddreams
> > 
> >         # the netbios name of my samba server is different from
> >         # the real internet address 
> >         netbios name = cloudnine
> > 
> >         # please answer only on my local network, don't answer on the
> >         # internet device 
> >         interfaces = 192.168.1.1/24 127.0.0.1
> >         bind interfaces only = Yes
> > 
> >         # We want our windows clients to access samba without
> >         # patching the windows registry 
> >         # you don't have to change anything on the windows client
> >         encrypt passwords = Yes
> >         update encrypted = Yes
> > 
> >         # all unknown users will be mapped to guest
> >         map to guest = Bad User
> >         username map = /etc/smbusers
> >         security = user
> > 
> >         # change the unix password with smbpasswd
> >         passwd chat = *new*password* %n\n *new*password* %n\n *changed*
> >         passwd chat debug = Yes
> >         unix password sync = Yes
> >         passwd program = /usr/bin/passwd
> > 
> >         # answer time requests from my clients
> >         time server = Yes
> >         keepalive = 30
> >         socket options = TCP_NODELAY
> > 
> >         # map file name characters to latin-1
> >         character set = ISO8859-1
> > 
> >         # this will be \\rooty\netlogon\startup.bat
> >         logon script = startup.bat
> > 
> >         # map the netlogon share as drive h: from windows  
> >         logon drive = h:
> > 
> >         # allow pdc stuff
> >         domain logons = Yes
> >         #domain admin users = JTait,root
> >         domain admin group = JTait,root
> >         #,wheel,smbadm
> > 
> >         # allow roaming profiles
> >         logon path = \\%L\profiles\%U
> >         logon home = \\%L\%U
> > 
> >         # make me win against all windows versions
> >         os level = 100
> >         preferred master = Yes
> >         domain master = Yes
> > 
> >         # let samba be too a wins-server 
> >         wins support = Yes
> > 
> >         debug level = 3
> > 
> > # this makes the user's home directory available as \\servername\username
> > [homes]
> >         comment = home directory
> >         read only = No
> >         create mask = 0750
> >         # don't show all user diretories
> >         browseable = No
> > 
> > [profiles]
> >         comment = User Profiles Directory
> >         path = /usr/local/samba/profiles
> >         writable = yes
> >         create mode = 0600
> >         directory mode = 0700
> > 
> > # make all in /etc/printcap defined printers 
> > [printers]
> >         comment = All Printers
> >         path = /tmp
> >         create mask = 0700
> >         print ok = Yes
> >         browseable = No
> > 
> > # this is a public share where all users have read+write perms
> > [tmp]
> >         comment = Temporary File Space
> >         path = /backup/dadspc
> >         read only = No
> >         create mask = 0777
> >         force create mode = 0666
> >         directory mask = 0777
> >         force directory mode = 0777
> > 
> > [C-Drive]
> >         comment = James' DOS/Winnt Drive
> >         path = /dos
> >         public = Yes
> >         only guest = yes
> >         printable = no
> > 
> > # this is the most important share for domain logons - when this share
> > # is not available or is inaccessibe win98 cannot find the domain
> > controller
> > # in this directory you have put a batch file, that sets up the shares on
> > your
> > # windows client
> > [netlogon]
> >         comment = Logon Scripts
> >         path = /usr/local/samba/var/netlogon
> > 
> > If anyone can help I'd greatly appreciate it.
> > 
> > Thanks,
> > 
> > -------------------------------------+------------------------------------
> > James Tait, BSc                      |                       ICQ# 17834893
> > MUD Programmer and Linux advocate    |           Mobile: +44 (0)956 652763
> > -------------------------------------+------------------------------------
> > 
> > 
>

More information about the samba-ntdom mailing list