[Samba] Re: Profile privelege problem **Solved**
Bill.Light at kp.org
Bill.Light at kp.org
Tue Dec 16 17:50:39 GMT 2003
> ...
> I used the latest and greatest SuSE 9.0 Professional...
> I then installed all the latest patches via YaST. That
> gives me a kernel of 2.4.21 (-144 in SuSE speak) and
> Samba 2.2.8a
>
> I had the configuration backed up on another box, so I
> used that as the base for Samba 2.2.8a. I have tried
> chmod, chown of various directories, making profile
> world readable, writeable, executeable, all to no avail.
> have tried commenting out various lines as suggested by
> other posts...also to no avail.
>
> W2K reports it can not find roaming profile, and then
> also reports it can not find a local profile, and signs
> the user (any user) on with a "temp" profile. All drive
> mappings are available, just no profiles, recent lists, etc...
>
> Samba log is showing: api_samr_set_userinfo: Unable to
> unmarshall SAMR_SET_Q_USERINFO
>
> bumping the samba log level, verifies that I am going after
> the user profile and I am "dying" because of lack of
> priveleges....yet I can ssh into the box as a user and read
> or touch or execute anything I want !?
Must be something trivial, but whoever wants to help you will
need your smb.conf to see how you set it up. I can suggest
relevant options how I handle the profiles:
[global]
...
logon path = \\p90.p1.n.d.d\profiles\%U
domain logons = Yes
create mask = 0664
directory mask = 0775
...
[profiles]
path = /local/profiles
valid users = %U
read only = No
inherit permissions = No
security mask = 0777
directory security mask = 0777
browseable = No
csc policy = disable
My Samba server is a PDC for the domain with wins and all.
It runs SuSE 8.2 (kernel 2.4.20-86) but that shouldn't matter.
The permissions on user profile directories are all "drwx--S--".
All directories belong to individual users, group "users".
If you can't recognize what your problem is, enclose smb.conf
next time.
==============================================================
Thanks Dragan !
It got me looking again...if I deleted the profile, and re-declared it,
the user works OK. After declaring a new user, logging off and then back
on again - it works great ?! After digging again, I found that in the
samba/profiles directory are two files, ntuser.dat and ntuser.dat.log that
must contain some sort of SID for the machine.
I guess the "key" was, the fact that I had an existing installation and
had copied too much "stuff" from the backups. So, the remedy ended up
being just deleting those two "ntuser" files for each user. They lose
their precious desktop for W2K, but everthing else is intact.
Thanks again !
- Bill
More information about the samba
mailing list