[Samba] Samba3 PDC + WinXP --> profile not found

Thu Mar 25 14:28:23 GMT 2004

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tolmacs Mark írta:
| Hi!
|
| Sorry for asking that, because I think this error is very frequent, but
| I can't solve it. I searched over the Google and mostly the samba
| mailing list archives, but I couldn't find anything useful about it.
|
|    Here is the situation: We are using A Samba3 server with LDAP
| password backend, configured as WINS and PDC server. We're also using
| roaming profiles. And here is the problem! Sometimes users got this
| error message from WinXP below. The logon finishes correctly except
| that the profile wasn't coped back to the server.
|
| ======
|
| Windows cannot locate the server copy of your roaming profile and is
| attempting to log you on with your local profile. Changes to the profile
| will not be copied to the server when you logoff. Possible causes of this
| error include network problems or insufficient security rights. If this
| problem persists, contact your network administrator.
|
| DETAIL - The network name cannot be found.
| ==========
| if I am right, the network name for Windows means NetBIOS name. But I
| can resolve the NetBIOS name of the server every time it is needed. The
| other I thought about is that the network name is the user name in the
| domain. So I checked my config(below), but I think the logon parameters
| are OK. So I don't know what happened, and this error is very annoying.
| Every help is appreciated!
|
| Thanks,
|     Mark Tolmacs
|
| Ps.: http://home.sch.bme.hu/~tolmika/samba  <== Here you can read a
| level 10 log when a user log in, and got that annoying message. And the
| -2.log file contains the full log, with logging out and doing nothing
| else. Thanks again!
|
- 
-----------------------------------------------------------------------------------

|
| /etc/init.d/samba/smb.conf:
| --------------------------
| [global]
| netbios name = SALETROM
| workgroup = INTRANET
| encrypt password = Yes
| passdb backend = ldapsam:ldap://192.168.0.3
| log file = /var/log/samba/log.%m
| max log size = 100000
| os level = 33
| preferred master = yes
| domain master = yes
| local master = yes
| security = user
| log level = 10
| domain logons = yes
| logon path = \\%N\profiles\%U
| logon drive = H:
| wins support = Yes
| ldap suffix = dc=intranet
| ldap machine suffix = ou=Computers
| ldap user suffix = ou=Users
| ldap group suffix = ou=Groups
| ldap idmap suffix = ou=Users
| ldap admin dn = cn=admin,dc=intranet
| ldap ssl = no
| ldap passwd sync = No
| profile acls = Yes
| nt acl support = Yes
|
| [homes]
| read only = No
| browseable = No
|
| [netlogon]
| path = /var/lib/samba/netlogon
| read only = yes
| write list = ntadmin
|
| [profiles]
| path = /var/lib/samba/profiles
| read only = no
| create mask = 0600
| directory mask = 0700

Move your
profile acls = Yes
from the global section to the profiles share definition
It worked for me.

Cheers

Geza
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAYuyH/PxuIn+i1pIRApd+AJ4m+FXR4XpqffuZku+GB/Vovx5F/ACfbxZe
vj68famV5Zlx8ojgoD8DzR4=
=vjm/
-----END PGP SIGNATURE-----