[Samba] XP SP2 connecting to 3.0.10-1.4E

Chris Robinson chris.robinson at voipsupply.com
Sun Oct 2 20:24:45 GMT 2005 

I have been running our companies XP Pro systems on our Samba domain 
controller (version: 3.0.10-1.4E) with local administrative rights up to 
this point.  Everything has worked fine.

We are getting larger now and I'd like to make the logins locally 
restricted (I want them to have XP's "Users" rights and  "Remote Desktop 
Users" only).  When I restrict the accounts to anything below 
administrative rights on XP SP2 however nothing in the profile gets 
saved.  I have tried this with XP SP1 and everything works as I expect.

I have tried:
*Turning off the XP SP2 firewall.  No difference
*Running a sniffer on it. Don't know what I'm looking for but nothing 
seemed out of the ordinary.
*Giving the user administrative rights, logging in and making changes. 
Then I logged out and logged in as the Administrator and dropped the 
rights to "Users" and logged back in.  The first time I log in I see the 
profile the user left when it had administrative rights, but when I 
logout and log back in it resets the profile again.
*Had profile acls on and off. No difference

Here is my smb.conf for global and profiles:
[global]
         workgroup = MYCO
         netbios name = MYCOPDC
         interfaces = 192.168.0.5
         time server = Yes
         unix extensions = No
         add user script = /usr/sbin/useradd -m %u
         delete user script = /usr/sbin/userdel -r %u
         add group script = /usr/sbin/groupadd %g
         delete group script = /usr/sbin/groupdel %g
         add user to group script = /usr/sbin/usermod -G %g %u
         add machine script = /usr/sbin/useradd -s /bin/false -d 
/dev/null %u
         logon script = logon.bat
   logon path = \\%L\profiles\%u\%m
   # logon path =
         logon drive = H:
         logon home = \\%L\%u\.win_profile\%m
         domain logons = Yes
         os level = 70
         preferred master = Yes
         domain master = Yes
         wins support = Yes
         hosts allow = 192.168.1.0/255.255.255.0, 
192.168.3.0/255.255.255.0, 192.168.254.0/24, 192.168.0.90, 192.168.0.91, 
127.0.0.1, 192.168.6.0/24, 192.168.7.0/24, 192.168.8.0/24

[netlogon]
         path = /etc/samba/
         valid users = root, @users
         admin users = root
         browseable = No

[profiles]
         path = /home/samba-ntprof
         read only = No
         create mask = 0600
         directory mask = 0700
         browseable = No
#  profile acls = yes


-- 
Christopher Robinson
chris.robinson at voipsupply.com

VoIPSupply.com
   -- a division of B2 Technologies, LLC
454 Sonwil Drive
Buffalo, NY 14225

(716) 250-3411
(716) 630-1548 fax
(800) 398-VOIP


VoIPSupply.com is a leading reseller of VoIP hardware, software and 
services.

More information about the samba mailing list