W2K and samba PDC logon and remote home
Toomas Soome
tsoome at ut.ee
Mon Oct 8 06:04:03 GMT 2001
Samuli A Valo wrote:
>
> We have the same problem. Our enviroment consist of W2k domain in native
> mode (w2k sp2 server) and samba 2.2 fileserver, which shares users home
> directorys. Profiles are located in each users home directory. Everything
> works fine as long as client machine is not w2k sp2.
>
> I have not yet find any way to get sp2 working in this configuration.
> Problem seems to be something like that: when user logon to the domain,
> client machine tries to copy profile to 'c:\documents and settings\username',
> which fails, if same user has previously logged to same computer.
>
> W2k tries to write profile to the same directory. This fails because the
> directory is owned by unknown SID (w2k can not translate it to name, and
> it does not match that of loggin user).
>
> Anyone has any ideas or suggestion? I'm willing to debug this problem
> further, but I'm currently out of ideas...
I was able to apply workaround and user can login now, but w2k will not
remove profile (mandated by policy -- ntpolicy + w2k local group polcy),
and every new login will create new copy of profile.....
>
> On Wed, 3 Oct 2001, Toomas Soome wrote:
>
> > I investigated the problem and found that user home was on another
> > server -- and profile as well. so the (temporary?) workaround was simple
> > -- I had to set up profile path for user to use the logon server name.
> > this solved profile permission problem for w2k. there is no problem
> > AFAIK with nt4...
>
> So you have two servers, for example LOGON_SERVER and HOMEDIR_SERVER, and
> your profile was on \\HOMEDIR_SERVER\somedir, and you set it to
> \\LOGON_SERVER\somedir?
>
> hmm.. That solution might be hard for me to use, because we want domain
> logon to be done on 'real' w2k server, but have policy of no windows
> hosted filesharing (not to even mention IIS)...
>
sure. in our case I can use nfs mounts for this workaround. so user home
will be mounted to logon server with nfs, samba will share profile with
smb and home itself with smb from home server.
your case -- is your samba based file server joined to domain? My first
idea was to suspect non-joined samba server -- we share smbpasswd with
nis+, logon server is in pdc mode and home server is "domain member" --
but without sam account, smbpasswd failed to create it....
toomas
--
The reader this message encounters not failing to understand is
cursed.
More information about the samba-technical
mailing list