[Samba] roaming profil problem
fabrice.tz at eikonex.net
Mon Jun 7 14:37:07 GMT 2004
it works !
I finally found that the problem deals with the UserSID. The NTUSER.DAT
file in the profile directory is available only for the local
administrator and for the old UserSID.
I have to upgrade the perms of the NTUSER.DAT files to match with the
this can be done with this simple script :
for USER in `ls $PROFILES_DIR`; do
echo "utilisateur : $USER"
SIDvieux=`profiles $PROFILES_DIR/$USER/NTUSER.DAT | grep -m 1 Perms |
grep 1-5-21 | cut -f 3 -d ':' | sed "s/ //g"`
SIDnouveau=`pdbedit -v $USER | grep User | grep S-1-5 | cut -d ':' -f 2
| sed "s/ //g"`
echo "Ancien SID : $SIDvieux, nouvel SID : $SIDnouveau"
echo "Mettre à jour ? [o/n]"
if [ $CHOIX = "o" ]; then
profiles -c $SIDvieux -n $SIDnouveau $PROFILES_DIR/$USER/NTUSER.DAT
echo "Mise à jour de $USER"
echo "Pas de mise à jour de $USER"
thanks for your help,
Le lun 07/06/2004 à 10:45, Fabrice Tereszkiewicz a écrit :
> I've changed the UNIX perms, still the same problem.
> Le sam 05/06/2004 à 03:48, Greg Folkert a écrit :
> > On Fri, 2004-06-04 at 12:31, Fabrice Tereszkiewicz wrote:
> > > It didn't work. A user without local administrator's rights can't use
> > > his old roaming profile. I've changed the samba SID to fit with the one
> > > in the NTUSER.dat file, didn't work anymore.
> > >
> > > any other ideas ?
> > I have fixed it by using UNIX perms as well.
> > chown -R username.sambadomainadmingroup /dir/where/profiles/are/username
> > chomd -R 750 /dir/where/profiles/are/username
> > That usually takes care of it also. Did and does for me. The
> > samdadomainadmingroup is the group that is the equiv of the NT
> > domain-admins.
More information about the samba