[Samba] cached credentials local login -- notebook domain members

Robert Schetterer robert at schetterer.org
Wed Feb 16 21:24:18 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Martin,
the normal behavior of windows is to cache the profile,
if you have a server side profile and it cant be reached at logon , the
minimum of a win client machine should be , give you access to login and
give you a temp profile, or use the last one cached.
If there is no cached profile of the login user you can only get a temp one.
In a roaming profile network
there are a lot of setups thinkable with profiles, the best way
is to controll it by policies, i use to make different policies for
Laptops and Workstations, to make sure that Laptops  will get and cache
the server side profile if the are in the intranet, and have it
cached for offline use. ( this can be done with local profile too i think )
In policies you can also control the timeouts after how long time
the cached profile should be used if the server stored one is not
reachable ( this may be the case in low speed networking i.e Vpn)
My workstation policy is not to cache the users profile to make sure
only the profile on the server gets used and no merge to cached profiles
at login is done.( my meaning is that this is more usefull and quicker
and i dont have to mess with cached profiles on machines and with the
file storage on that machines )
The working of profiles is deeply depend to your policy, reg and samba
settings but in principal there is no difference from a samba domain to
a win nt 4 domain.
I a few cases a profile can be corupted if a roaming user, log through
many workstations with many different software installed,
or just kills the machine during the resync of the profile during logout.
So i recommend to read the samba faqs and varias technet or windows
sites about profiles.
Sometimes there are happening "magical" things about profiles, which are
ugly to debug...but its more a windows theme than a samba problem.
I hope i descriped the thing right , sometimes i got crazy about this
stuff too, and it more easy done, than described to another, but i think
there are others on the list which will give you further info about that.
Best Regards

Martin schrieb:
| Hallo,
|
| I wonder if cached credentials local logins are expected to work with
| samba.
|
| I have users with notebooks that I want to be domain members.
|
| If the notebook is in the wild I want the users to use their profiles
| (either local or roaming) stored on the notebooks.
|
| But once disconnected from the network the users can't login.
|
| I found a thread:
| http://lists.samba.org/archive/samba/2003-December/077300.html
|
| in which some state that cached credentials logins are impossible in
| samba while other say that it's client-side issue.
|
| I have tested both win2k and winXP with both local and roaming profiles
| with the same results: once disconnected the users can't login.
| I'm using samba 3.0.10 with LDAP.
|
| Am I doing something wrong or does samba really not support cached
| credentials local logins?
|
| Regards,
|

- --
Mit freundlichen Gruessen
Best Regards
Robert Schetterer

robert_at_schetterer.org
Munich / Bavaria / Germany
https://www.schetterer.org

\**********************************
\* gnupgp
\* public key:
\* https://www.schetterer.org/public.key
\**********************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCE7oB+Jw+56iSjEkRApLEAJ47EvCuEYb4CKvTMKSrAHyeGawIGwCgsWjT
kIQNWiWzUOG9FU/aACCrpfU=
=3c6H
-----END PGP SIGNATURE-----


More information about the samba mailing list