[Samba] NTConfig.POL not working for Win 2000 (for XP working
mangoo at wpkg.org
Sat Nov 19 16:14:41 GMT 2005
Robert Schetterer schrieb:
> Tomasz Chmielewski schrieb:
>> Tomasz Chmielewski schrieb:
>>> I'm just exploring the Profile Editor, described on
>>> http://www.pcc-services.com/custom_poledit.html - and policies saved
>>> to NTConfig.pol file and copied to the netlogon share work great for
>>> Windows XP machines.
>>> However, with Windows 2000, they don't work at all. Winh XP machines
>>> - policies are applied.
>>> I see in Samba logs that the NTConfig.pol is copied from the server
>>> to the w2k workstation, but it has no effect.
>>> This Profile Editor is designed for Windows 2000, as it was shipped
>>> with w2k SP4, so I expected it will work with 2000.
>>> Am I missing something?
>> I searched the internet, but no clue about the issue :(
>> In the event log it is as eventid: 1000, source: uservenv, and in the
>> log itself it says something like (translated from German):
>> RegLoadKey aborted. Returned value "False Parameter." for C:\Documents
>> and Settings\Administrator.DOMAIN\prfCA.tmp
>> prfCA.tmp (and other such tmp files) are the exact copy of the
>> NTConfig.POL that is saved in the netlogon directory.
>> I tried creating other NTConfig.POL files (with only basic setting
>> like IE start site), but this message just shows all the time, and
>> settings are not applied.
>> Any clue?
>> I use Windows 2000 SP4, and Samba 3.0.20.
>> Windows XP works fine with NTConfig.POL files and the same Samba.
> this ist stuff need to be fixed in the profile share
> should be like this
> path = /var/lib/samba/profiles
> # vfs objects = extd_audit
> read only = no
> create mask = 0755
> directory mask = 0755
> browseable = No
> guest ok = Yes
> profile acls = yes
> csc policy = disable
> force user = %U
> hide files = /desktop.ini/ntuser.ini/NTUSER.*/
> locking = No
> oplocks = False
> level2 oplocks = False
> # valid users = %U, @"Domain Admins"
as it's explained here: https://bugzilla.samba.org/show_bug.cgi?id=3042
one has to put this into [netlogon] share:
acl check permissions = no
WPKG - software deployment and upgrades with Samba
More information about the samba