[Samba] Temporary Profiles
Oliver Schneider
olimaus at gmail.com
Mon Dec 5 14:57:27 GMT 2005
Hi,
I have looked at that PDF file, but I don't get my mistake.
I was told, to go with roaming profiles, so I try it.
Like I mentioned before, root can log on from everywhere and root gets his
roaming profile.
If i put a customized userprofile in the profile - path, then it gets loadet
on login.
But again, it't only a temporary profile, so no update on logoff.
So again, here are all informations I can get from my system.
[global]
time server = yes
log level = 3
include = /etc/samba/dhcp.conf
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
logon drive = H:
hide dot files = yes
domain master = Yes
username map = /etc/samba/smbusers
map to guest = Bad User
printer admin = @ntadmin, root, administrator, oliver.schneider
logon home = \\%L\%U\.9xprofile
passwd program = /usr/bin/passwd %u
wins support = true
printcap cache time = 750
netbios name = fileserver
cups options = raw
printing = cups
unix password sync = yes
local master = Yes
logon path = \\fileserver\profiles\%U
logon script = logon.bat
workgroup = SJ
os level = 65
printcap name = cups
security = user
add machine script = /usr/sbin/useradd -c Machine -d
/var/lib/nobody -s /bin/false %m$
domain logons = Yes
preferred master = Yes
load printers = yes
passdb backend = smbpasswd
[homes]
comment = Home Directories
valid users = %S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = /var/lib/samba/profiles
browseable = no
writeable = yes
write list = @users
# store dos attributes = Yes
# create mask = 0600
# directory mask = 0700
profile acls = yes
read only = no
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root oliver.schneider
force group = ntadmin
create mask = 0664
directory mask = 0775
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
write list = root
#net groupmap list
fileserver:/var/lib/samba # net groupmap list
System Operators (S-1-5-32-549) -> -1
Domain Guests (S-1-5-21-3376943168-3023405898-1803579022-514) -> users
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Power Users (S-1-5-32-547) -> users
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Domain Users (S-1-5-21-3376943168-3023405898-1803579022-513) -> users
S-1-5-21-1161395039-3549078232-660113211-513
(S-1-5-21-1161395039-3549078232-660113211-513) -> users
Domain Admins (S-1-5-21-1161395039-3549078232-660113211-512) -> -1
Account Operators (S-1-5-32-548) -> -1
Domain Guests (S-1-5-21-1161395039-3549078232-660113211-514) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
Power Users (S-1-5-21-3376943168-3023405898-1803579022-1201) -> users
Domain Admins (S-1-5-21-3376943168-3023405898-1803579022-512) -> -1
fileserver:/var/lib/samba # ls -l
insgesamt 255
drwxr-xr-x 6 root root 664 2005-12-05 15:56 .
drwxr-xr-x 37 root root 984 2005-11-15 08:54 ..
-rw------- 1 root root 8192 2005-07-12 18:23 account_policy.tdb
-rw-r--r-- 1 root root 8192 2005-12-05 15:12 brlock.tdb
-rw-r--r-- 1 root root 1179 2005-12-05 15:54 browse.dat
-rw-r--r-- 1 root root 24576 2005-12-05 15:19 connections.tdb
drwxr-xr-x 7 root ntadmin 1032 2005-12-05 15:47 drivers
-rw-r--r-- 1 root root 8192 2005-07-13 15:36 gencache.tdb
-rw------- 1 root root 8192 2005-07-12 18:23 group_mapping.tdb
-rw-r--r-- 1 root root 114688 2005-12-05 15:20 locking.tdb
-rw------- 1 root root 8192 2005-11-16 07:13 messages.tdb
drwxrwxrwx 3 root users 144 2005-12-05 15:28 netlogon
-rw------- 1 root root 8192 2005-07-13 09:24 ntdrivers.tdb
-rw------- 1 root root 696 2005-07-13 09:24 ntforms.tdb
-rw------- 1 root root 8192 2005-07-13 09:24 ntprinters.tdb
drwxr-xr-x 2 root root 416 2005-12-05 15:56 printing
drwxrws--- 11 root users 320 2005-12-05 14:48 profiles
-rw------- 1 root root 8192 2005-07-13 09:24 registry.tdb
-rw-r--r-- 1 root root 24576 2005-12-05 14:50 sessionid.tdb
-rw------- 1 root root 8192 2005-07-13 09:24 share_info.tdb
-rw-r--r-- 1 root root 8192 2005-12-05 14:50 unexpected.tdb
-rw-r--r-- 1 root root 1677 2005-12-05 15:54 wins.dat
fileserver:/var/lib/samba #
What else can I do?
2005/12/2, John H Terpstra <jht at samba.org>:
>
> On Friday 02 December 2005 05:48, you wrote:
> > If you are sure there is a solution in your book, I am going to buy it.
> > That shouldn't be a problem.
>
> The book can be downloaded free of charge from the Samba web site in PDF
> format.
>
> http://www.samba.org/samba/docs/Samba3-ByExample.pdf
>
> > I don't want roaming profiles. It would be enough, if i get a local NOT
> > temporary profile.
>
> That can be controlled using a local security (registry) setting on each
> Windows client.
>
> > I have tried to get roaming profiles to work as a part of the solution
> for
> > the local profiles but that didn't helped neither. All I get then was a
> > temporary serverside profile.
> >
> > All I want is a not temporary profile, where my changes are saved...
>
> I would not operate without a roaming profile. Roaming profiles are a
> blessing
> when you want to migrate to a new Windows client.
>
> - John T.
>
> > Oliver Schneider
> >
> > 2005/12/1, John H Terpstra <jht at samba.org>:
> > > On Thursday 01 December 2005 03:01, Oliver Schneider wrote:
> > > > Hi,
> > > >
> > > > I have got a problem with samba for days now and I don't know how to
> > >
> > > solve
> > >
> > > > it.
> > > >
> > > > My problem is, that it doesn't matter if I enable or disable Roaming
> > > > Profiles, all I get is a temporary profile.
> > > >
> > > > If i enable Roaming Profiles, than i get a temporary serverside
> > > > Profile.
> > >
> > > If
> > >
> > > > I disable Roaming Profiles, than i get a temporary local Profile.
> > > >
> > > > Can somebody please help me?
> > > >
> > > > With Roaming Profiles I think it is a problem with Filepermissions.
> > > > Root get's a full Serverside Profile (not the smb.conf below), but
> only
> > > > root. I just want a local Profile for the users, so it is not so
> > > > relevant.
> > >
> > > Please follow the examples in my book "Samba-3 by Example". This book
> is
> > > the
> > > official Samba deployment guide. If you experince any problems with
> the
> > > examples in this book I will help you to find the cause by which the
> book
> > > mis-directed you. After all, I want the documentation to be correct
> and
> > > of true value.
> > >
> > > Samba-3 by Example provides fully documented, step-by-step,
> installation
> > > and
> > > depoyment instructions for complete networking solutions. It coveres
> > > simple
> > > networks and progressively introduces complex networking examples.
> Every
> > > necessary configuration file is provided.
> > >
> > > Every time I have helped people on this list who have reported
> problems
> > > with
> > > Samba deployment - issues such as logon scripts that will not run,
> > > roaming profiles that fail to work correctly, not being able to join a
> > > domain, and so
> > > on, the solutions in this book solved the users' problem.
> > >
> > > If you do not follow the documentation provided, you will possibly go
> > > through
> > > a more painful learning process. The choice is yours.
> > >
> > > - John T.
> > >
> > > > Oliver
> > > >
> > > > Samba is PDC
> > > >
> > > >
> > > > [global]
> > > > include = /etc/samba/dhcp.conf
> > > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> > > > logon drive = H:
> > > > hide dot files = yes
> > > > domain master = Yes
> > > > username map = /etc/samba/smbusers
> > > > map to guest = Bad User
> > > > printer admin = @ntadmin, root, administrator
> > > > logon home = \\%L\%U\.9xprofile
> > > > passwd program = /usr/bin/passwd %u
> > > > wins support = true
> > > > printcap cache time = 750
> > > > netbios name = fileserver
> > > > cups options = raw
> > > > printing = cups
> > > > unix password sync = yes
> > > > local master = Yes
> > > > logon path =
> > > > logon script = logon.bat
> > > > workgroup = SJ
> > > > os level = 65
> > > > printcap name = cups
> > > > security = user
> > > > add machine script = /usr/sbin/useradd -c Machine -d
> > > > /var/lib/nobody -s /bin/false %m$
> > > > domain logons = Yes
> > > > preferred master = Yes
> > > > load printers = yes
> > > > passdb backend = smbpasswd
> > > >
> > > > [homes]
> > > > comment = Home Directories
> > > > valid users = %S
> > > > browseable = No
> > > > read only = No
> > > > inherit acls = Yes
> > > >
> > > > [profiles]
> > > > comment = Network Profiles Service
> > > > path = %H
> > > > read only = No
> > > > # store dos attributes = Yes
> > > > create mask = 0600
> > > > directory mask = 0700
> > > >
> > > > [users]
> > > > comment = All users
> > > > path = /home
> > > > read only = No
> > > > inherit acls = Yes
> > > > veto files = /aquota.user/groups/shares/
> > > >
> > > > [groups]
> > > > comment = All groups
> > > > path = /home/groups
> > > > read only = No
> > > > inherit acls = Yes
> > > >
> > > > [printers]
> > > > comment = All Printers
> > > > path = /var/tmp
> > > > printable = Yes
> > > > create mask = 0600
> > > > browseable = No
> > > >
> > > > [print$]
> > > > comment = Printer Drivers
> > > > path = /var/lib/samba/drivers
> > > > write list = @ntadmin root
> > > > force group = ntadmin
> > > > create mask = 0664
> > > > directory mask = 0775
> > > >
> > > > [netlogon]
> > > > comment = Network Logon Service
> > > > path = /var/lib/samba/netlogon
> > > > write list = @user, root
> > > > guest ok = yes
> > > > locking = No
> > >
> > > --
> > > John H Terpstra
> > > Samba-Team Member
> > > Phone: +1 (650) 580-8668
> > >
> > > Author:
> > > The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
> > > Samba-3 by Example, 2 Ed., ISBN: 0131882221X
> > > Hardening Linux, ISBN: 0072254971
> > > Other books in production.
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: https://lists.samba.org/mailman/listinfo/samba
>
> --
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
> Samba-3 by Example, 2 Ed., ISBN: 0131882221X
> Hardening Linux, ISBN: 0072254971
> Other books in production.
>
More information about the samba
mailing list