Roaming Profiles
Luke Kenneth Casson Leighton
lkcl at samba.org
Sat Jan 8 17:09:07 GMT 2000
yeah, profiles are a bit of a pain to get set up propermy, particularly
due to a bug in nt clients which we haven't been able to work-around all
the time.
WINLOGON.EXE is responsible for setting up the interactive user *prior* to
exec'ing explorer.exe so they get a pretty-front-end.
unfortunately, WINLOGON.EXE doesn't disconnect all shares (e.g
\\SAMBA_PDC\homes) when the interactive user session terminates. it gets
reused. hence the problems associated with an smbd process with a
connection to [homes] set to the previous interactive user's home
directory.
a comparative netmon trace is really needed to sort this out, and someone
to sit down and go through it to find out _exactly_ how nt srvreacts in
the same situation.
On Sun, 9 Jan 2000, Keith Lynn wrote:
> I'm not sure, but a guess would be that it may be a permissions problem on
> your profile directories.
> Keith Lynn
>
> On Sun, 9 Jan 2000 JTait at wyrddreams.demon.co.uk wrote:
>
> > Hi all,
> >
> > I've been reading this list so long I realy should know the answer to
> > this, but evidently I've got messed up somewhere. Samba 2.0.6, acting as
> > PDC. Domain logins work great, haven't tried logon scipts. The problem I
> > have is with roaming profiles - I can't get them to work.
> >
> > I've looked through everything I can think of, plus as much documentation
> > as I can (but it's a bit scatty at the moment), but I can't figure it out.
> > Nothing ever gets written to my profile.
> >
> > wyrddreams{JTait}501: ls -l /usr/local/samba
> > total 7
> > drwxr-xr-x 2 root root 1024 Dec 9 23:37 bin/
> > drwxr-xr-x 3 root root 1024 Dec 21 00:28 lib/
> > drwxr-xr-x 6 root root 1024 Dec 9 23:37 man/
> > drwxr-xr-x 2 root root 1024 Dec 9 23:54 private/
> > drwxrwxrwx 5 root root 1024 Dec 21 01:22 profiles/
> > drwxr-xr-x 5 root root 1024 Dec 9 23:37 swat/
> > drwxr-xr-x 4 root root 1024 Dec 28 11:07 var/
> > wyrddreams{JTait}502: ls -l /usr/local/samba/profiles
> > total 3
> > drwx------ 15 JATait users 1024 Dec 21 00:56 JATait/
> > drwx------ 16 JTait users 1024 Dec 21 00:55 JTait/
> > drwx------ 15 RJTait users 1024 Dec 21 00:55 RJTait/
> > wyrddreams{JTait}503: cat /etc/smbusers
> > # Username maps for SAMBA
> >
> > JTait = jtait Administrator
> > RJTait = RJTait
> > JATait = JATait jatait
> > wyrddreams{JTait}504: cat /usr/local/samba/lib/smb.conf
> > #
> > # This is a working PDC config for samba 2.0.5a
> > # by Christoph Christ, mailto:christoph at christ.wol.at
> > #
> > # it implements a primary domain controller for
> > # Windows 98 Clients. It works with WinNT 4.0 too, but
> > # you cannot setup the nt-client for domain logons (this is a
> > # little bit different from domain logons under Win9X)
> > #
> > #
> > # Global parameters
> > [global]
> > # this is my local windows workgroup
> > workgroup = wyrddreams
> >
> > # the netbios name of my samba server is different from
> > # the real internet address
> > netbios name = cloudnine
> >
> > # please answer only on my local network, don't answer on the
> > # internet device
> > interfaces = 192.168.1.1/24 127.0.0.1
> > bind interfaces only = Yes
> >
> > # We want our windows clients to access samba without
> > # patching the windows registry
> > # you don't have to change anything on the windows client
> > encrypt passwords = Yes
> > update encrypted = Yes
> >
> > # all unknown users will be mapped to guest
> > map to guest = Bad User
> > username map = /etc/smbusers
> > security = user
> >
> > # change the unix password with smbpasswd
> > passwd chat = *new*password* %n\n *new*password* %n\n *changed*
> > passwd chat debug = Yes
> > unix password sync = Yes
> > passwd program = /usr/bin/passwd
> >
> > # answer time requests from my clients
> > time server = Yes
> > keepalive = 30
> > socket options = TCP_NODELAY
> >
> > # map file name characters to latin-1
> > character set = ISO8859-1
> >
> > # this will be \\rooty\netlogon\startup.bat
> > logon script = startup.bat
> >
> > # map the netlogon share as drive h: from windows
> > logon drive = h:
> >
> > # allow pdc stuff
> > domain logons = Yes
> > #domain admin users = JTait,root
> > domain admin group = JTait,root
> > #,wheel,smbadm
> >
> > # allow roaming profiles
> > logon path = \\%L\profiles\%U
> > logon home = \\%L\%U
> >
> > # make me win against all windows versions
> > os level = 100
> > preferred master = Yes
> > domain master = Yes
> >
> > # let samba be too a wins-server
> > wins support = Yes
> >
> > debug level = 3
> >
> > # this makes the user's home directory available as \\servername\username
> > [homes]
> > comment = home directory
> > read only = No
> > create mask = 0750
> > # don't show all user diretories
> > browseable = No
> >
> > [profiles]
> > comment = User Profiles Directory
> > path = /usr/local/samba/profiles
> > writable = yes
> > create mode = 0600
> > directory mode = 0700
> >
> > # make all in /etc/printcap defined printers
> > [printers]
> > comment = All Printers
> > path = /tmp
> > create mask = 0700
> > print ok = Yes
> > browseable = No
> >
> > # this is a public share where all users have read+write perms
> > [tmp]
> > comment = Temporary File Space
> > path = /backup/dadspc
> > read only = No
> > create mask = 0777
> > force create mode = 0666
> > directory mask = 0777
> > force directory mode = 0777
> >
> > [C-Drive]
> > comment = James' DOS/Winnt Drive
> > path = /dos
> > public = Yes
> > only guest = yes
> > printable = no
> >
> > # this is the most important share for domain logons - when this share
> > # is not available or is inaccessibe win98 cannot find the domain
> > controller
> > # in this directory you have put a batch file, that sets up the shares on
> > your
> > # windows client
> > [netlogon]
> > comment = Logon Scripts
> > path = /usr/local/samba/var/netlogon
> >
> > If anyone can help I'd greatly appreciate it.
> >
> > Thanks,
> >
> > -------------------------------------+------------------------------------
> > James Tait, BSc | ICQ# 17834893
> > MUD Programmer and Linux advocate | Mobile: +44 (0)956 652763
> > -------------------------------------+------------------------------------
> >
> >
>
More information about the samba-ntdom
mailing list