Shared roaming profiles for all users (XP)?
abartlet at samba.org
Sat Nov 23 05:13:01 GMT 2002
On Sat, 2002-11-23 at 15:57, John H Terpstra wrote:
> On Sat, 23 Nov 2002, xfesty wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > Hiya.
> > Is there anyway to make non changable roaming profiles for all users
> > with XP workstations, and Samba 3.0HEAD from CVS acting as a PDC?
> I documented the exact process for you earlier today. Please refer to the
> expressly clear instructions given for creating a mandatory profile for
> Windows XP.
> If you do not follow this process you will not achieve what you need.
> A mandatory profile is precisely what you need - a profile that no user
> can change. It can not be read-only, but it is not writable. To be
> writable NTUser needs to ba a .DAT file, the .MAN extension blocks
> writability. To be usable by a group of users the profile needs to be set
> so that the ACE includes that group. The group can either be a global
> group, or the global/local group called "Everyone".
I'm interested in how this lot works - the .man stops NT uploading the
changes - but does it still need write permissions or not? I'm just
worried about users deliberately messing with their profiles.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20021123/f6881713/attachment.bin
More information about the samba-technical