Separate profiles (solution? comments please)

Len Laughridge llaughridge at
Tue Oct 29 15:33:22 GMT 2002

Hello, Group:

I'm not a developer at all, but I follow the list pretty closely to get useful 
tips and insight for my samba installations.

Some time ago I saw a question from a list member which was something I had 
been wondering myself.  There were no responses to that question (I checked 
with the poster directly, too), so I set about seeing if I could solve it.  
Here's my concept, and I may wind up testing this tonight to solve some 
serious problems we've been having.

KA-1 is a Solaris 8/Samba 2.2.5 server & PDC.
KA-2 is an NT4TSE/Citrix server, configured as member-server.  It serves 
published apps to the Solaris workstations (36 of them).  
KA is the netbios domain.

There are some PC workstations in the company as well.  Executives & 
secretaries have notebooks & desktops, and the rest of the Sun users 
frequently log in at 2 'open' stations to run some specialised software that 
can't be done reasonably through Citrix.  ALL OF THESE are WindowsXP.

When people log into the Citrix server, they DO need access to their home 
directory on h:\ and other shared volumes.  They DO NOT need any other 
aspects of their Windows profile.

If you have a Windows profile that is 'pure' XP, when you log into the citrix 
session everything is a mess, especially printer drivers.  If you have an XP 
profile, and log into the NT4 Citrix server, it messes up your XP profile 
(e.g. non-functional shortcuts in the start menu, 'My Briefcase' icon that's 
non-functional under XP, email settings get overwritten, or mail & documents 
get lost, etc.)

I want separate profiles for each.  I want the NT4/Citrix profiles to be small 
(no cached email, etc.) and I want to be able to delete them on a whim 
without it messing up the XP profiles.  The problem is that Samba does not 
support having a separate 'terminal profile' path.

In going through the mailing list archives and the smb.conf manual, I came up 
with this idea (untested, as of yet):

In smb.conf:

netbios name = KA-1
netbios aliases = KA-1-TSE
domain logons = Yes
logon drive = h:
logon path = \\%L\profiles\%L\%U
logon home = \\%L\%U\profile
logon script = logon.bat

Then, on the terminal server, DISABLE any WINS lookups by deleting the ip 
address of the primary WINS (the samba box).  Check the box for 'enable 
LMHOSTS lookup', and import an LMHOSTS file like below:

# Force the SaMBa PDC to be called by an alias    KA-1-TSE
# Other things we need to browse, since WINS is disabled...

Lastly, in the logon.bat file, you need some logic to say that if you are 
logging on at the Citrix box, then you need to map drives using the alias 
name, since that's all this machine understands, and if you're logging on at 
any other machine, map drives using the 'real' NETBIOS name from WINS like in 
this abbreviated sample:

if '%COMPUTERNAME%'=='KA-2' goto :nt4tse
if not '%COMPUTERNAME%'=='KA-2' goto :winxp
goto :end
net use f: \\ka-1-tse\Private /yes
net use g: \\ka-1-tse\Public /yes
net use h: /home /yes
net use i: \\ka-1-tse\Archive /yes
net use f: \\ka-1\Private /yes
net use g: \\ka-1\Public /yes
net use h: /home /yes
net use i: \\ka-1\Archive /yes

What do you think?  If this works, should this be added to a HOWTO so that 
others can learn/improve/extend/submit improvments?


Len Laughridge, Director of Information Technology
Kitchen & Associates Architectural Services, PA
Architecture - Planning - Interior Design
856.854.1880 x101

More information about the samba-technical mailing list