[Samba] W2K SP4, Samba 3.0.0beta2 and Profiles

MH - Entwicklung entwicklung at heubach-edv.de
Tue Jul 22 12:31:36 GMT 2003


Hello,

now I still have a problem with my Samba installation. Userprofiles don't work under W2K SP4. They work fine with Windows NT 4. When loggin on for the first time the user profile directory is created. After loggin off however no data is written to the profile directory on the Samba PDC.

My smb.conf looks like this:

=====>
# Samba config file created using SWAT
# from 192.168.0.1 (192.168.0.1)
# Date: 2003/07/22 12:24:13

# Global parameters
[global]
        debug level = 4
        unix charset = ISO-8859-15
        workgroup = DVS
        server string = %h server (Samba %v)
        obey pam restrictions = Yes
        passdb backend = tdbsam, guest
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        logon path = \\samba\profiles\%u
        logon drive = h:
        logon home = \\samba\%u
        domain logons = Yes
        os level = 64
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        ldap ssl = no
        panic action = /usr/share/samba/panic-action %d
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        invalid users = root
        admin users = administrator

[homes]
        comment = Home Directories
        read only = No
        create mask = 0700
        directory mask = 0700
        browseable = No

[netlogon]
        path = /var/exports/data/netlogon
        write list = domainadmins

[profiles]
        path = /var/exports/data/profiles
        read only = No
        create mask = 0600
        directory mask = 0700
        profile acls = yes

[gl]
        path = /var/exports/data/gl
        valid users = @gl, @domainadmins
        force group = @gl
        read only = No
        create mask = 0660
        directory mask = 0770

[ma]
        path = /var/exports/data/ma
        valid users = @ma, @domainadmins
        force group = @ma
        read only = No
        create mask = 0660
        directory mask = 0770
<=====


the profile directory looks like this:

drwxrwxrwx    2 root     domainusers     4096 Jul 22 13:35 profiles
(777 permissions are for testing, they will become 770 again)


When logging on there ist the following activity in the logs (log.pc1):

=====>
[2003/07/22 14:11:41, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1351)
  failed to decode PDU
[2003/07/22 14:11:41, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
  process_request_pdu: failed to do schannel processing.
[2003/07/22 14:11:42, 1] smbd/service.c:make_connection_snum(692)
  pc1 (192.168.0.1) connect to service netlogon initially as user test (uid=1006, gid=1006) (pid 823)
[2003/07/22 14:11:42, 1] smbd/service.c:make_connection_snum(692)
  pc1 (192.168.0.1) connect to service test initially as user test (uid=1006, gid=1006) (pid 823)
[2003/07/22 14:11:43, 1] smbd/service.c:make_connection_snum(692)
  pc1 (192.168.0.1) connect to service test initially as user test (uid=1006, gid=1006) (pid 823)
<=====

When logging off there is just this:

[2003/07/22 14:13:50, 1] smbd/service.c:close_cnum(873)
  pc1 (192.168.0.1) closed connection to service test


If I log on at a Windows NT 4 Workstation the log is different (log.heu2):

======>
[2003/07/22 14:17:19, 1] smbd/service.c:make_connection_snum(692)
  heu2 (192.168.0.2) connect to service profiles initially as user test (uid=1006, gid=1006) (pid 846)
[2003/07/22 14:17:20, 1] smbd/service.c:make_connection_snum(692)
  heu2 (192.168.0.2) connect to service netlogon initially as user test (uid=1006, gid=1006) (pid 846)
[2003/07/22 14:17:20, 1] smbd/service.c:make_connection_snum(692)
  heu2 (192.168.0.2) connect to service test initially as user test (uid=1006, gid=1006) (pid 846)
[2003/07/22 14:17:20, 0] smbd/nttrans.c:call_nt_transact_ioctl(1831)
  call_nt_transact_ioctl(0x90028): Currently not implemented.
<======

In the logs I can see that W2K SP4 doesn't connect to the profiles share instead there are some errors in the log (failed to do schannel processing, failed to decode PDU).

Logging off from the W2K workstation takes about 1 1/2 minutes. W2K writes the following to the eventlog (german log):

=====>
Die Registrierungsdatei konnte nicht entfernt werden. Ihre Einstellungen werden nicht repliziert, falls Sie ein servergspeichertes Profil haben. Wenden Sie sich an den Administrator.  

DETAIL - Zugriff verweigert , Buildnummer ((2195)). 
<=====

Samba is only logging that the connection to home share is closed:


--

manfred heubach edv und neue medien
Hindenburgstr. 47
D-73728 Esslingen

Tel. +49 711 9315824
Fax  +49 711 9315825
www.heubach-edv.de


Informationstechnologie und Telekommunikation für Unternehmen





More information about the samba mailing list