[Samba] PDC roaming profiles and templates

MVWA Stuff info at mvwa.de
Mon Aug 12 05:08:00 GMT 2002


Greetings!

I have configured samba as a PDC.
This works fine so far, I can add users, log in at my Win2k workstations and
use roaming profiles. But now my problem: I want several "template"
profiles. I want to use several different pre-configured base-profiles.

1) I  configure a template-user: configure the corresponding Desktop,
network and printer connections and so on.
2) After this I added another user and copied the hole profile-folder (of
the prevously descibed template)  to the new user.
3) When I log in with this new user, I have my pre-configured profile.

But if I change things like the background-settings or if I delete icons on
the desktop, these settings are reset to the template-profile-value at next
login, and its not saved in the new profile. I expect this has something to
do with the windows-registry or NTUSER.DAT file. A simple copy of this
profile does not work :(

I have tried several things to get rid of that, but nothing worked.
The howtos and faqs dont really cover this.
I can use the "Default User" profile and copy this to my netlogon-folder.
Next I can copy the *.lnk files from any Desktop to the "Deafult
User\Desktop" folder. When I first log in with a new user, windows uses this
default. But I can not configure something like the background-color of my
desktop or the screensaver. I except these values are stored in the registry
(ntuser.dat?!)

I have found a site
http://networking.earthweb.com/netos/article/0,,12083_625291_2,00.html
 explaining how to set up template profiles. So I thing it *should* work. I
dont want mandatory profiles. I furthermore dont want to restrict the access
of my users to the system. So I think the Policy Editor is not the right
way. It would be quite simple for me to manage the template, if I simply can
login and change them.

There is another thing. I have tried the usrmgr.exe from microsoft to
administrate/copy the profiles. But this tools does not work from a
workstation to my samba-PDC. I can see the users, but i am unable to
change/delete any values, even if I am logged in as the root into the
domain. Can I get this tool working somehow?


I will be really happy for hints to get this working. Could somebody please
help me?

M&V Werbeagentur GmbH
Christian Kuhn




I´m using windows 2000 client and a samba-2.2.3a.
And here is my smb.conf:

[global]
 # Basic server settings
 netbios name = fserver
 workgroup = Mvwa1

 # we should act as the domain and local master browser
 os level = 64
 preferred master = yes
 domain master = yes
 local master = yes

 # security settings
 security = user

 # encrypted passowrds are required for a PDC
 encrypt passwords = Yes

 # support domain logons
 domain logons = yes

 # groups, that should be treated as sysadmins on the win-machines
 domain admin group = @root

 # where to store the user profiles
 logon path = \\%N\profiles\%u

 # where is the user home directory and where should it be mounted
 logon drive = H:
 logon home = \\%N\%U\.profiles

 # generic logon script for all users
 logon script = logon.cmd

 guest account = Nobody
 map to guest = Bad User

 # These settings are a suggestion for a local network. Cf. section
 # 'socket options' in the man page of smb.conf and socket(7).
 socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY

 # Please uncomment the following entry and replace the ip number and
 # netmask with the values of your network interface configuration.
 interfaces = 192.168.14.100/255.255.255.0

 # If you want Samba to act as a wins server, please set
 # 'wins support' to yes.
 wins support = No

 # Set these two parameters to your DOS code page and appropriate UNIX
 # character set. These values are for west European languages (Latin-9)
 # UNIX character and MS-DOS Latin 1 code page.
 character set = ISO8859-15
 client code page = 850

# Where to store the logon scripts.
[netlogon]
 comment = Network Logon Service
 path = /var/lib/samba/netlogon
 read only = yes

# Extra share for profiles. Default is the home of the user.
[profiles]
 comment = Network Profiles Service
 path = /mnt/profiles
 read only = no
 create mask = 0600
 directory mask = 0700
 browseable = Yes

[homes]
 comment = Home Directories
 read only = No
 create mask = 0640
 directory mask = 0750
 browseable = Yes






More information about the samba mailing list