[Samba] profile-portability doesn't work

Bolya Imre bolya.imre at sch.bme.hu
Sun Aug 27 21:01:22 GMT 2006


Hello!

I'm using Samba as PDC in a small company (~40 computers), the 
environment is the following:
Gentoo linux 2.6.14-hardened-r5, Samba 3.0.22-r2, OpenLDAP 2.3.24-r1, 
nss_ldap 2.49, Windows XP clients

The problem is that profile-portability doesn't work. A user first logs 
into a machine, then he can't use his profile on another one.

The samba log says:
[2006/08/27 20:20:37, 1] smbd/service.c:make_connection_snum(693)
   mgrtpc211 (192.168.2.211) connect to service profiles initially as 
user csap.geza (uid=1125, gid=513) (pid 23613)
[2006/08/27 20:20:37, 1] smbd/service.c:make_connection_snum(693)
   mgrtpc211 (192.168.2.211) connect to service profiles initially as 
user csap.geza (uid=1125, gid=513) (pid 23613)
[2006/08/27 20:26:38, 1] smbd/service.c:close_cnum(885)
   mgrtpc211 (192.168.2.211) closed connection to service profiles
[2006/08/27 20:26:38, 1] smbd/service.c:close_cnum(885)
   mgrtpc211 (192.168.2.211) closed connection to service profiles
[2006/08/27 20:26:38, 1] smbd/service.c:make_connection_snum(693)
   mgrtpc211 (192.168.2.211) connect to service netlogon initially as 
user csap.geza (uid=1125, gid=513) (pid 23639)
[2006/08/27 20:26:39, 1] smbd/service.c:make_connection_snum(693)
   mgrtpc211 (192.168.2.211) connect to service csap.geza initially as 
user csap.geza (uid=1125, gid=513) (pid 23639)

It takes 6 minutes to connect to profiles share but finally fails. 
Although it mounts the netlogon and home shares.

Did anybody meet a problem like this?

Thx,
Imre

PS: My smb.conf:
[global]
workgroup = JASZAPATIMGZRT
netbios name = MIERDA
server string = Domain Controller
hosts allow = 192.168.2.0/24 127.0.0.0/8
security = user

# some tuning options
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = eth1 192.168.2.0/24 lo
bind interfaces only = yes
dos charset = cp852
unix charset = utf8
display charset = utf8

# to make your Samba server act as a PDC, you need these lines:
os level = 65
local master = yes
domain master = yes
preferred master = yes

# security
null passwords = no
hide unreadable = yes
hide dot files = yes

# domain settings
domain logons = yes
logon script = %U.cmd
logon path = \\MIERDA\profiles\%U
logon drive = H:
logon home = \\MIERDA\%U
wins support = yes
name resolve order = wins lmhosts host bcast
dns proxy = no
time server = yes
log file = /var/log/samba/%m.log
log level = 2
idmap uid = 1000-20000
idmap gid = 512-560

# scripts
add user script = /usr/sbin/smbldap-useradd -m "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"

# ldap settings
ldap delete dn = yes
ldap ssl = no
passdb backend = ldapsam:ldap://mierda
ldap suffix = dc=jaszapatimgzrt,dc=hu
ldap admin dn = cn=Manager,dc=jaszapatimgzrt,dc=hu
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=People
ldap password sync = yes

# printing section
printing = cups
printcap name = cups
load printers = yes

[netlogon]
path = /home/samba/netlogon
guest ok = yes
browseable = no
#write list = root

[profiles]
path = /home/samba/profiles
writable = yes
profile acls = yes
browseable = no
create mask = 0600
directory mask = 0700
guest ok = yes
csc policy = disable
force user = %U
valid users = @"Domain Users" @"Domain Admins"

[homes]
comment = Home directories
path = /home/%U
browseable = no
valid users = %U
read only = no
create mask = 0664
directory mask = 0775
hide dot files = yes



More information about the samba mailing list