Working on LDAP support in HEAD
Inge-Håvard Hunstad
inge at cc.uit.no
Fri May 12 22:42:49 GMT 2000
Gerald Carter wrote:
>
> Inge-Håvard Hunstad wrote:
> >
> > I have been working on this matter for some time. It
> > seems that in my setup, with mandatory profiles and a
> > reg hack to delete local profiles, the rid is of no
> > importance. I even tried to change the rid of a machine
> > in the domain and it still was logging in the users. So
> > If you have this setup you can just assign a rid to the user:)
>
> This doesn't sounds right to me....[thinks a bit]...ok
> I can see how the machine rid can be unimportant. Have you
> tried this with non mandatory profiles. Are you user's sharing a common
> mandatory profile?
>
Yes they are. All users that log on to the domain gets this mandatory
profile. If you call the directory containing the profile some_name.man
you also prevents user from logging in if the profile server is gone.
When you copy the mandatory profile to the samba server using "control
panel->system->user profiles" you have to make sure the "everyone" can
use the profile. If you don't do this then the profile wont work for
anyone else than the original owner. This tells me that the rid is
stored inside the user profile (most likely inside the
NTUser.dat/Ntuser.man).
I just wanted to say that those who where using my setup where *lucky*
because they didn't have to worry, because I did a lot of this. But I
see the point that those who have users with local files on the NTws,
and roaming profiles have a problem if the rid is changed.
I'm not sure though, why I can change the rid of a NT-machine in the
domain and still have no problem. I even changed the grouprid of the
machine and still no problem. So if there are some Samba or NT gurus out
there that will comment on this I would be very happy:-)
Cheers,
Inge-Håvard
More information about the samba-technical
mailing list