[Samba] Samba 3.0.4 Profile Permissions
Chuck Chauvin
clchauvin at edcaugusta.com
Mon Oct 4 16:27:28 GMT 2004
When attempting to login to my Samba 3.0.4 PDC from a Windows XP client as a
user with administrative priveleges (in this case, the user is a member of
the adm group in Linux and all members of that group are members of the
Adminstrators group in Windows) I get the following error:
Windows did not load your roaming profile and is attempting to log you on
with your local profile. Changes to the profile will not be copied to the
server when you logoff. Windows did not load your profile because a server
copy of the profile folder already exists that does not have the correct
security. Either the current user or the Administrator's group must be the
owner of the folder. Contact your network administrator.
When I attempt to login using my own account (also a member of that group) I
get the following error:
Windows cannot log you in now because the domain BAGGINS is not available.
I created a new user account in Linux and Samba called bagginsuser and get
the same error as when I attempt to login using my account.
This is my smb.conf file for your perusal. Also included at the end of this
are my log.smbd and log.nmbd files.
Any assistance would be appreciated.
[global]
workgroup = BAGGINS
security = user
encrypt passwords = yes
passdb backend = smbpasswd
server string = Domain Controller
netbios name = BILBO
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -
s /bin/false %m$
domain master = yes
domain logons = yes
logon script = logon.cmd
local master = yes
preferred master = yes
os level = 65
[homes]
comment = Home Directory for %u
path = /home/%u
read only = No
browseable = No
[Projects]
comment = Project Folders
path = /data-1/projects
admin users = @Design, adm, Manager
read only = No
create mask = 0775
force create mode = 0775
force security mode = 0775
force directory mode = 0775
force directory security mode = 0775
[Temp]
comment = Temporary Space
path = /data-1/temp
admin users = @Design, adm, Manager
read only = No
create mask = 0777
[Archive]
comment = Archived Projects
path = /data-1/archive
write list = @adm
security mask = 0755
directory security mask = 0755
guest ok = Yes
[netlogon]
comment = Network Logon Service
path = /etc/samba/netlogon
guest ok = Yes
[Profiles]
path = /home/%u/profile
browseable = No
writeable = yes
nt acl support = yes
My log.smbd
[2004/10/04 11:55:00, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service bagginsadmin initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:55:00, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service bagginsadmin
[2004/10/04 11:55:04, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service bagginsadmin initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:55:13, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service bagginsadmin
[2004/10/04 11:55:14, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service bagginsadmin initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:55:15, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service netlogon initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:56:50, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service netlogon
[2004/10/04 11:58:43, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service Archive initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:58:43, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service Projects initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:58:43, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service Temp initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 11:59:05, 0] rpc_parse/parse_samr.c:init_sam_user_info21A(5988)
init_sam_user_info_21A: User bagginsadmin has Primary Group SID S-1-5-32-
544,
which conflicts with the domain sid S-1-5-21-2763611909-969304523-
3334035465. Failing operation.
[2004/10/04 12:00:21, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service bagginsadmin
[2004/10/04 12:00:24, 1] smbd/service.c:make_connection_snum(619)
baggins001 (192.168.1.6) connect to service bagginsadmin initially as user
bagginsadmin (uid=543, gid=4) (pid 7537)
[2004/10/04 12:00:24, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service bagginsadmin
[2004/10/04 12:01:23, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service Archive
[2004/10/04 12:01:23, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service Projects
[2004/10/04 12:01:23, 1] smbd/service.c:close_cnum(801)
baggins001 (192.168.1.6) closed connection to service Temp
My log.nmbd
*****
[2004/10/04 08:34:07, 0] nmbd/nmbd.c:terminate(54)
Got SIGTERM: going down...
[2004/10/04 09:59:49, 0] nmbd/nmbd.c:main(664)
Netbios nameserver version 3.0.4-SUSE started.
Copyright Andrew Tridgell and the Samba Team 1994-2004
[2004/10/04 09:59:49, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
add_domain_logon_names:
Attempting to become logon server for workgroup BAGGINS on subnet
192.168.1.100
[2004/10/04 09:59:49, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(282)
become_domain_master_browser_bcast:
Attempting to become domain master browser on workgroup BAGGINS on subnet
192.168.1.100
[2004/10/04 09:59:49, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(295)
become_domain_master_browser_bcast: querying subnet 192.168.1.100 for
domain master browser on workgroup BAGGINS
[2004/10/04 09:59:53, 0] nmbd/nmbd_logonnames.c:become_logon_server_success
(124)
become_logon_server_success: Samba is now a logon server for workgroup
BAGGINS on subnet 192.168.1.100
[2004/10/04 09:59:57, 0] nmbd/nmbd_become_dmb.c:become_domain_master_stage2
(113)
*****
Samba server BILBO is now a domain master browser for workgroup BAGGINS on
subnet 192.168.1.100
*****
[2004/10/04 10:00:13, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2
(396)
*****
Samba name server BILBO is now a local master browser for workgroup
BAGGINS on subnet 192.168.1.100
*****
--
Chuck Chauvin
Network Administrator
clchauvin at edcaugusta.com
More information about the samba
mailing list