[Samba] profile-portability doesn't work
Bolya Imre
bolya.imre at sch.bme.hu
Tue Aug 29 16:49:56 GMT 2006
Anybody with a similar problem? Or profile-portability would be so easy
and only for me doesn't work? :(
Imre
Bolya Imre wrote:
> Hello!
>
> I'm using Samba as PDC in a small company (~40 computers), the
> environment is the following:
> Gentoo linux 2.6.14-hardened-r5, Samba 3.0.22-r2, OpenLDAP 2.3.24-r1,
> nss_ldap 2.49, Windows XP clients
>
> The problem is that profile-portability doesn't work. A user first logs
> into a machine, then he can't use his profile on another one.
>
> The samba log says:
> [2006/08/27 20:20:37, 1] smbd/service.c:make_connection_snum(693)
> mgrtpc211 (192.168.2.211) connect to service profiles initially as
> user csap.geza (uid=1125, gid=513) (pid 23613)
> [2006/08/27 20:20:37, 1] smbd/service.c:make_connection_snum(693)
> mgrtpc211 (192.168.2.211) connect to service profiles initially as
> user csap.geza (uid=1125, gid=513) (pid 23613)
> [2006/08/27 20:26:38, 1] smbd/service.c:close_cnum(885)
> mgrtpc211 (192.168.2.211) closed connection to service profiles
> [2006/08/27 20:26:38, 1] smbd/service.c:close_cnum(885)
> mgrtpc211 (192.168.2.211) closed connection to service profiles
> [2006/08/27 20:26:38, 1] smbd/service.c:make_connection_snum(693)
> mgrtpc211 (192.168.2.211) connect to service netlogon initially as
> user csap.geza (uid=1125, gid=513) (pid 23639)
> [2006/08/27 20:26:39, 1] smbd/service.c:make_connection_snum(693)
> mgrtpc211 (192.168.2.211) connect to service csap.geza initially as
> user csap.geza (uid=1125, gid=513) (pid 23639)
>
> It takes 6 minutes to connect to profiles share but finally fails.
> Although it mounts the netlogon and home shares.
>
> Did anybody meet a problem like this?
>
> Thx,
> Imre
>
> PS: My smb.conf:
> [global]
> workgroup = JASZAPATIMGZRT
> netbios name = MIERDA
> server string = Domain Controller
> hosts allow = 192.168.2.0/24 127.0.0.0/8
> security = user
>
> # some tuning options
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> interfaces = eth1 192.168.2.0/24 lo
> bind interfaces only = yes
> dos charset = cp852
> unix charset = utf8
> display charset = utf8
>
> # to make your Samba server act as a PDC, you need these lines:
> os level = 65
> local master = yes
> domain master = yes
> preferred master = yes
>
> # security
> null passwords = no
> hide unreadable = yes
> hide dot files = yes
>
> # domain settings
> domain logons = yes
> logon script = %U.cmd
> logon path = \\MIERDA\profiles\%U
> logon drive = H:
> logon home = \\MIERDA\%U
> wins support = yes
> name resolve order = wins lmhosts host bcast
> dns proxy = no
> time server = yes
> log file = /var/log/samba/%m.log
> log level = 2
> idmap uid = 1000-20000
> idmap gid = 512-560
>
> # scripts
> add user script = /usr/sbin/smbldap-useradd -m "%u"
> add machine script = /usr/sbin/smbldap-useradd -w "%u"
> add group script = /usr/sbin/smbldap-groupadd -p "%g"
> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
>
> # ldap settings
> ldap delete dn = yes
> ldap ssl = no
> passdb backend = ldapsam:ldap://mierda
> ldap suffix = dc=jaszapatimgzrt,dc=hu
> ldap admin dn = cn=Manager,dc=jaszapatimgzrt,dc=hu
> ldap group suffix = ou=Groups
> ldap user suffix = ou=People
> ldap machine suffix = ou=Computers
> ldap idmap suffix = ou=People
> ldap password sync = yes
>
> # printing section
> printing = cups
> printcap name = cups
> load printers = yes
>
> [netlogon]
> path = /home/samba/netlogon
> guest ok = yes
> browseable = no
> #write list = root
>
> [profiles]
> path = /home/samba/profiles
> writable = yes
> profile acls = yes
> browseable = no
> create mask = 0600
> directory mask = 0700
> guest ok = yes
> csc policy = disable
> force user = %U
> valid users = @"Domain Users" @"Domain Admins"
>
> [homes]
> comment = Home directories
> path = /home/%U
> browseable = no
> valid users = %U
> read only = no
> create mask = 0664
> directory mask = 0775
> hide dot files = yes
>
More information about the samba
mailing list