[Samba] Problem with roaming profiles
Tilo Lutz
TiloLutz at gmx.de
Sun Sep 7 13:23:07 GMT 2003
Hi
After changing from samba 2.2.7 to 3.0.rc2 I can't get roaming profiles
work. Clients Are W2K and XP.
I've also switched from smbpasswd backend to ldap. Logon path is only
set in smb.conf, not in ldap.
Storing of profiles is working but it takes very long.
I've tried logon path = \\wilma2\profile\Win2K and \\wilma2\profile.
But the clients are always storing profile in \\wilma2\profile\Win2K.
Is it possible windows is caching home path anywere?
Loading of profiles dowsn't work I get the old "security permission"
error, but I've set use profile acls in profile share. I've also set
to option on client side not to check security settings on above
folders.
I'Ve attached relevant parts of smb.conf, log.smbd and ldif of user.
I hope anybody can help me.
relevant part of log.smbd
[2003/09/06 11:18:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(460)
Entry found for user: tilo
[2003/09/06 11:18:36, 2] [2003/09/06 11:18:36, 2]
auth/auth.c:check_ntlm_password(302)
check_ntlm_password: authentication for user [tilo] -> [tilo] ->
[tilo] succeeded
b111-pc16 (192.168.83.16) connect to service profile initially as user
tilo (uid=1546, gid=106) (pid 17106)
[2003/09/06 11:18:36, 2] smbd/open.c:open_file(250)
tilo opened file Win2K/NTUSER.DAT read=Yes write=No (numopen=1)
[2003/09/06 11:18:36, 2] lib/smbldap.c:smbldap_search_suffix(1068)
smbldap_search_suffix: searching
for:[(&(sambaSID=S-1-5-21-3371203057-3264423045-2392767973-3092)(objectclass=sambaSamAccou
nt))]
[2003/09/06 11:18:36, 2] smbd/open.c:open_file(250)
tilo opened file Win2K/NTUSER.INI read=Yes write=No (numopen=2)
[2003/09/06 11:18:46, 2] smbd/close.c:close_normal_file(228)
tilo closed file Win2K/NTUSER.INI (numopen=1)
[2003/09/06 11:19:52, 0] lib/util_sock.c:read_socket_data(342)
read_socket_data: recv failure for 4. Error = Die Verbindung wurde vom
Kommunikationspartner zurückgesetzt
[2003/09/06 11:19:52, 2] smbd/server.c:exit_server(558)
Closing connections
[2003/09/06 11:19:52, 1] smbd/service.c:close_cnum(874)
b111-pc16 (192.168.83.16) closed connection to service profile
[2003/09/06 11:19:52, 2] smbd/close.c:close_normal_file(228)
tilo closed file Win2K/NTUSER.DAT (numopen=0)
[2003/09/06 11:19:52, 2] smbd/utmp.c:sys_utmp_update(419)
utmp_update: uname:/var/run/utmp wname:/var/log/wtmp
[2003/09/06 11:20:21, 2] lib/smbldap.c:smbldap_search_domain_info(1297)
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=WMS-NET))]
[2003/09/06 11:20:21, 2] lib/smbldap.c:smbldap_search_suffix(1068)
smbldap_search_suffix: searching
for:[(&(objectClass=sambaDomain)(sambaDomainName=WMS-NET))]
[2003/09/06 11:20:21, 2] lib/smbldap.c:smbldap_open_connection(625)
smbldap_open_connection: connection opened
[2003/09/06 11:20:21, 2] smbd/reply.c:reply_special(93)
netbios connect: name1=WILMA2 name2=B111-PC16
[2003/09/06 11:20:21, 2] smbd/reply.c:reply_special(100)
netbios connect: local=wilma2 remote=b111-pc16, name type = 0
[2003/09/06 11:20:21, 2] smbd/sesssetup.c:setup_new_vc_session(535)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2003/09/06 11:20:21, 2] smbd/sesssetup.c:setup_new_vc_session(535)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2003/09/06 11:20:21, 2] lib/smbldap.c:smbldap_search_suffix(1068)
smbldap_search_suffix: searching
for:[(&(sambaSID=S-1-5-21-3371203057-3264423045-2392767973-501)(objectclass=sambaSamAccoun
t))]
relevant part of smb.conf:
[global] # Globale Einstellungen
netbios name = Wilma2
workgroup = WMS-NET
os level = 255
local master = yes
bind interfaces only = true
interfaces = 192.168.0.7/16 127.0.0.1
security = user
encrypt passwords = yes
domain logons = yes
preferred master = yes
domain master = yes
logon script = %I.bat
logon drive = h:
#logon path = "\\WILMA2\profile\Win2K"
logon path = "\\192.168.0.7\profile"
wins support = yes
time server = yes
dead time = 15
kernel oplocks = yes
mangle case = yes
case sensitive = no
default case = lower
preserve case = yes
short preserve case = yes
name resolve order = wins bcast host lmhosts
#veto files = /.*/
printing = cups
load printers = yes
username map = /etc/samba/smbusers
nt acl support = yes
log level = 2
max log size = 100000
use sendfile = yes
large readwrite = yes
socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192
SO_RCVBUF=8192
utmp = yes
passdb backend = ldapsam:ldap://localhost guest
algorithmic rid base = 1000
printing = cups
printcap name = cups
load printers = yes
unix charset = UTF8
unicode = yes
display charset = UTF8
dos charset = ASCII
unix extensions = yes
ldap admin dn = uid=wilma2,dc=wms-hn,dc=de
ldap suffix = dc=wms-hn,dc=de
ldap machine suffix = ou=machines
ldap group suffix = ou=groups
ldap idmap suffix =
ldap user suffix = ou=people
ldap passwd sync = yes
[netlogon]
comment = The domain logon service
veto files = //
path = /samba/netlogon
create mode = 0600
directory mode = 0700
public = no
writeable = no
browseable = no
root preexec = /samba/netlogon/findgroup %I %u %L
#root postexec = rm /samba/netlogon/%I.bat
oplocks = no
level2 oplocks = no
use sendfile = no
[homes]
comment = Hier werden private Daten gespeichert.
include = /samba/prefs/home
create mask = 777
guest ok = yes
public = no
veto files =/public_html/Maildir/profile/
create mode = 0600
directory mode = 0700
writeable = yes
follow symlinks = yes
browseable = no
[profile]
comment = Hier wird das Benutzerprofil gespeichert
create mask = 777
guest ok = no
public = no
create mode = 0600
directory mode = 0700
writeable = yes
browseable = no
follow symlinks = no
path = /home/%G/%U/profile
#path = /tmp
nt acl support = no
profile acls = yes
hide files = /desktop.ini/
#csc policy = disable
Relevant part of user entry as ldif:
# tilo, lehrer, people, wms-hn.de
dn: uid=tilo,ou=lehrer,ou=people,dc=wms-hn,dc=de
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: person
objectClass: organizationalPerson
objectClass: top
objectClass: sambaSamAccount
cn: tilo
sn: tilo
uid: tilo
gidNumber: 106
homeDirectory: /home/lehrer/tilo
uidNumber: 1546
gecos: tilo
loginShell: /bin/bash
shadowLastChange: 12056
shadowMin: 0
shadowMax: 99999
sambaLMPassword: XXX
sambaNTPassword: XXX
sambaPwdLastSet: 1060192824
sambaSID: S-1-5-21-3371203057-3264423045-2392767973-3092
sambaPrimaryGroupSID: S-1-5-21-3371203057-3264423045-2392767973-213
shadowExpire: 21915
givenName: tilo
sambaHomeDrive: H:
userPassword:: XXX
sambaPwdCanChange: 1060279200
sambaPwdMustChange: 1895022847
sambaAcctFlags: [UX ]
sambaDomainName: WMS-NET
Regards, Tilo
More information about the samba
mailing list