[Samba] Samba 3 and LDAP - Error loading profiles
Ricardo Nuno
ricardo.nuno at moonlight.pt
Fri May 28 14:18:50 GMT 2004
hi list,
Solved my own problem with:
[profiles]
nt acl support = Yes
regards,
-- RNuno
-----Original Message-----
From: samba-bounces+ricardo.nuno=moonlight.pt at lists.samba.org
[mailto:samba-bounces+ricardo.nuno=moonlight.pt at lists.samba.org]On
Behalf Of Ricardo Nuno
Sent: quarta-feira, 26 de Maio de 2004 13:43
To: samba at lists.samba.org
Subject: [Samba] Samba 3 and LDAP - Error loading profiles
Hi,
I'm setting up Samba with ldap backend and everythin appears to be working
correctly except for profiles.
Using:
samba-3.0.2
openldap-2.1.26
smbldap-tools-0.8.4
When a user 'testa' tries to logon from a Win2K system that has joined the
domain he gets the following error message:
"Windows did not load your roaming profile and is attempting to log you on
with your local profile. Changes to the profile will not be copied to the
server when you logoff. Windows did not load your profile because a server
copy of the profile folder already exists that does not have the correct
security. Either the current user or the Administrator's group must be the
owner of the folder. Contact your network administrator."
But on the server he creates the profile dir. It is created when he
tries to log on, but with nothing on it.
The profile folder before he tries to logon:
[profiles]# ls -la
total 12
drwxr-xrwt 3 root Domain Admins 4096 Apr 24 09:09 .
drwxr-xr-x 4 root Domain Admins 4096 Apr 22 23:04 ..
The profile folder after he's logged on:
minho profiles # ls -la
total 12
drwxrwxrwt 3 root root 4096 May 26 14:02 .
drwxr-xr-x 8 root root 4096 May 25 18:41 ..
drwx------ 2 testa Domain Users 4096 May 26 14:02 testa
minho profiles # ls -la testa/
total 8
drwx------ 2 testa Domain Users 4096 May 26 14:02 .
drwxrwxrwt 3 root root 4096 May 26 14:02 ..
My smb.conf:
...
[profiles]
# chmod 1777 /opt/samba/profiles
path = /opt/samba/profiles
read only = no
writeable = yes
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
force user = %U
valid users = %U "Domain Admins"
minho samba # pdbedit -Lv testa
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MOONORG))]
smbldap_open_connection: connection opened
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MOONORG))]
smbldap_open_connection: connection opened
init_sam_from_ldap: Entry found for user: testa
Unix username: testa
NT username: testa
Account Flags: [U ]
User SID: S-1-5-21-2374267749-3844533553-1363514809-3002
Primary Group SID: S-1-5-21-2374267749-3844533553-1363514809-513
Full Name: System User LDAP
Home Directory: \\PDC-MOONORG\testa
HomeDir Drive: H:
Logon Script: testa.cmd
Profile Path: \\PDC-MOONORG\profiles\testa
Domain: MOONORG
Account desc: System User LDAP
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 03:14:07 GMT
Kickoff time: Tue, 19 Jan 2038 03:14:07 GMT
Password last set: Tue, 25 May 2004 20:37:22 GMT
Password can change: 0
Password must change: Mon, 19 Jul 2004 20:37:22 GMT
>From the log i can catch this errors:
[2004/05/26 14:07:16, 2] rpc_parse/parse_prs.c:netsec_decode(1575)
netsec_decode: FAILED: packet sequence number:
[2004/05/26 14:07:16, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1371)
failed to decode PDU
[2004/05/26 14:07:16, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
process_request_pdu: failed to do schannel processing.
[2004/05/26 14:07:17, 1] smbd/service.c:make_connection_snum(705)
medeiros (192.168.10.123) connect to service profiles initially as user
testa (uid=1001, gid=513) (pid 19184)
Everything else is working. testa can logon and access all shares including
the home share, and write to the profile dir. It's like it was some problem
only on the logon.
Anyone was a clue on this ?? really need help on this
Tnx
Regards,
RNuno
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list