network shortcuts in profiles 'loose magic' and some more questions

Martin Thomas mthomas at rhrk.uni-kl.de
Thu Mar 15 17:03:37 GMT 2001 

Hello,

I've set up a samba box with roaming profiles. So far
everything works (login, profile up- and download, startup script).
with Samba 2.2 cvs from  14.3.2001 and Windows 2000 clients.

But there is still one thing that should work but I can not find 
out why it doesn't: If I try to add a shortcut to the network neighbourhood
('Netzwerkumgebung' here,  we are using W2K/german. 
I use 'shortcut' for the german term 'Verknuepfung') everything 
works as long as the users does not log off and log on again.
After the profile is downloaded from the server the 
shortcut (to a share or to a computer) isn't a shortcut anymore but
acts like a normal directory with the files desktop.ini and 
target.lnk in it. Selecting target.lnk leads to the place where the 
orignial shortcut pointed to (but: one level to deep in the dir-tree,
wrong name).

To reproduce the problem:
- log in as a domain user, download his/her profile from the server
- open the window 'Network neighbourhood' or 'Netzwerkumgebung' in german
- open a second window 'Network neighbourhood' (shift+double-click on the icon)
- select a computer or a share on a server in one of the windows and drag and drop
  it in the 'Network neighb.' Window: You will see a Computer or network-directory
  icon in the 'Computers near me' window 
- (sometimes windows 'caches' the last opened network shares (smb and ftp) in
  the neighbourhood automaticly - this is how I found out that something is wrong)
- try the shortcut icon - it will open the share, show the files in it or view the 
  browseable shares on a server if the shortcut points to a computer 
- logoff the user and let windows upload his/her profile to the server
- login again (same machine, same username), let windows download the profile
- open the Neighbourhood window, now I see (and you too?) that 
  the shortcut looks like a directory (at least it uses the icon), in the
  directory are 2 files from these the file target.lnk points to the same place
  as the original shortcut.

In the filesystem a working shortcut (before up- and download of the profile)
is also a directory: Its name is 'Shotcut to [sharename] on [computername]'
(e.g. 'Verknüpfung mit Archiv auf smbserver' in the german windows version)
and it has the ms-dos attribute R (read-only) in the directory are the files
desktop.ini with the attributes H (hidden) and S (system) and target.lnk.
After up- and download of the profile the shortcut is a normal directory 
I tried to reproduce the dos-attibutes using mask hidden and mask system
without success, see my smb.conf below.

BTW: two more questions:
(1) how can I create and edit Windows 2000 policies (ntconfig.pol), not group
policies as they seem to be unsupported in Samba 2.2. A W2K book I have
here states, that I have to use poledit.exe form the W2K server CD (have it)
and adm-file from W2K prof (have them) but if I try to open the adm-
files with poledit there is a message, that the adm files can not be shown.
(2) the 'Computers near me' icon is not visible in the network neighbourhood
after a client joined a domain - tried a registry setting HideComputerNearMe (??) = 0
but the icon is still not there. So one has to browse to a server in his/her
domain through the complete network (gesamtes Netzwerk) - with is not very
comfortable (o.k. net use x: \\... might solve this but 20 or more driveletters...)
Links/shortcuts to shares and servers in the 'network neighbourhood' would 
be a nice solution but ... o.k. you get the point.

Some additional information - I know, this mail is to long...:
* The add user script line in the pdc-howto is very systems/distribution
dependend, the one mentioned there didn't work - the one shown below 
works on a debian box and should work with SuSE-Linux
* the 'macros' %N and %u do not work from a windows 2000 client,
the comment in the temp-share in the smb.conf below results in 
"Temp auf %N (Arch: Win2k User: %u)" and to 
"Temp auf smbdomct (Arch: Samba User: mthomas) with
smbclient -L smbdomct -U mthomas from a linux box.

Hope someone can help, thank you
Martin


*** parts from the smb.conf ***

[global]
debug level = 2
netbios name = smbdomct
workgroup = swwgroup
security = user 
domain logons = yes 
encrypt passwords = yes 
status=yes
os level = 65 
; domain and local master is a samba 2.0.7 box, it's also the wins server
wins server = 131.246.xxx.xxx
time server = yes 

logon script = scripts\default.bat 
logon drive = R: 
logon home = \\%N\%U
logon path = \\%N\profile\%U

domain admin group = @smbadm
add user script = /usr/sbin/useradd -g machines -c RechnerAccount -d /dev/null -s /bin/false %m$

guest account = nobody
## dont do in man smb.conf, do in pdc-howto ?? ## share modes = no

interfaces = 131.246.xxx.xxx/255.255.255.0 127.0.0.1/255.255.255.0
socket options = TCP_NODELAY
bind interfaces only=True
name resolve order = host wins lmhosts bcast

allow hosts = 127.0.0.1 131.246.xxx.xxx ... ... (many more)
printer admin = pcadmin

[homes]
   comment = %Ss privates Heimatverzeichnis
   browseable = no
   read only = no
   guest ok = no
   create mask = 0600
   directory mask = 0700
# oplocks on or off ??
   oplocks = false
#   veto files = /.*/Desktop/
#   hide dot files = yes
   locking = no

[netlogon] 
path = /home/smbdata/netlogon 
writable = no 
guest ok = no 
comment = PDC netlogon share
## pruefen ?? muesste wohl nicht browseable sein, vorerst:
browseable = yes 

[temp]
comment = Temp auf %N (Arch: %a User: %u)
path = /home/smbdata/temp
read only = no
# public = yes
force group = smbusers
create mode = 0660
directory mode = 0770

#von TNG-doc: to create automatic subdirs for the different users
#chmod 1777 /home/smbdata/profile 
[profile]
path = /home/smbdata/profile
writeable = yes
#create mask = 0771
#directory mask = 0771
create mask = 711
directory mask = 711
map hidden = yes
map system = yes
force group = smbusers
# ?? oplocks ? locking? 
oplocks=false
browseable=false
#locking=no

[ps]
   public = no
   print command = lpr -r -P%p %s
   lpq command = lpq -P%p 
   lprm command = lprm -P%p %j
   comment = Laser A4 doppelseitig RHRK
   printable = yes
   writable = no
   create mode = 0700
#   path = /var/tmp/smbspool

[print$]
   path=/usr/local/samba/printer
   #guest ok=yes
   browseable=yes
   read only=yes
   write list=pcadmin


*** file listing of the profile subdirectory ***

/home/smbdata/profile/mthomas# ls -lR Netzwerkumgebung/
Netzwerkumgebung/:
total 12
drwx--x--x    2 mthomas  smbusers     4096 Mar 15 17:40 Verkn?pfung mit archiv a
uf Miraculix
drwx--x--x    2 mthomas  smbusers     4096 Mar 15 17:40 Verkn?pfung mit projekte au
f Miraculix

Netzwerkumgebung/Verkn?pfung mit archiv auf Miraculix:
total 8
-rwx------    1 mthomas  smbusers       92 Mar 14 18:50 Desktop.ini
-rwx------    1 mthomas  smbusers      396 Mar 14 18:50 target.lnk

Netzwerkumgebung/Verkn?pfung mit projekte auf Miraculix:
total 8
-rwx------    1 mthomas  smbusers       92 Mar 15 16:37 Desktop.ini
-rwx------    1 mthomas  smbusers      388 Mar 15 16:37 target.lnk

More information about the samba-ntdom mailing list