[Samba] Profiles on different network?

Robert Schetterer robert at schetterer.org
Wed Feb 8 22:58:08 GMT 2006 

Hi Joel,
there is no magic which offers you the option
to store a profile on serveral servers,
the placement of the a users profile is i.e in the ad or ( when using 
samba ) in ldap is a unique entry.
So if you use roaming Profiles, without caching them on the client machines
an you have i.e many offices connected
via i.e vpn and a user from Office A visits
Office B and his profile is on the win/samba server of his
home office A , he has to download it from there.
So this takes time depending of the connection speed and the size of
the profile.
To make this stuff run proper make sure that wins is working over
the whole network, and perhaps your internal nameserver setup.
Also if the speed of the vpn isnt quick enough, cause either
there is much other traffic or you have small bandwith in general
buggy routing, buggy nic , false configured firewalls on win clients
or gateways you will run into timeouts, and the win client decides
to give the user a default profile, to short the login time.
This is deeply hard stuff to configure, as so many functions are involved.
In your case i would guess that you have a wins problem in one way which 
causes timeout at logon, so i would start here to debug,
for example let that user login with that empty profile in office b and 
try thing like this \\profileserverofficeA\profilesuserpath\username ( 
you should find this path for that user with i.e usrmgr )
this must work ! If it isnt be sure that the cleint has the right win 
entries and try nmblookup etc ( note ping is here not enough for debug *g)
Hope this helps

Best Regards

Joel Larsson schrieb:
> Hello Everyone.
> 
> I have some trouble with my samba installation. I have two samba servers 
> and one windows 2003 server. I also have two networks on different 
> pysical locations, they are on different nets but everything is open 
> between them.  Lets call them location A and B.
> 
> On location A i have a samba server as PDC, and a windows 2003 server as 
> file server.
> On location B i have a samba server as fileserver.
> 
> When people logon they always authenticate against the PDC. The profiles 
> are downloaded from Windows 2003 machine for users in location A and 
> from the sambaserver in location B for the users there.
> 
> My biggest headache is that when a user from location B visits location 
> A they cannot download the profile. There is no errormessage or 
> anything. It just becomes a "empty" profile.
> 
> When looking in the Profile handler thing in the System application the 
> type is set to roaming BUT the "type in use" is local.
> 
> I cannot figure out why this is. The other way around seems to work, 
> when people from location A visits location B.
> 
> The smb.conf from the machine at location B is at the bottom of the 
> message. I have looked around everywhere but cannot find any information 
> (I have tested alot of different configurations).
> 
> You guys are my last chance :)
> 
> Cheers,
> Joel
> 
> 
> [global]
> workgroup = SMB
> netbios name = luton
> server string = Samba Server %v
> hide files = /desktop.ini/ntuser.ini/ntuser.*/NTUSER.*/
> printcap name = cups
> load printers = yes
> addprinter command = /usr/bin/smbaddprinter.pl
> printing = cups
> printer admin = @"Domain Admins"
> log file = /var/log/samba/log.%m
> max log size = 50
> map to guest = bad user
> security = domain
> password server = 192.168.1.1
> encrypt passwords = yes
> smb passwd file = /var/lib/samba/private/smbpasswd
> unix password sync = Yes
> pam password change = yes
> winbind use default domain = yes
> winbind cache time = 300
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> remote announce = 192.168.1.1
> local master = yes
> os level = 33
> domain master = no
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> wins support = No
> wins server = 192.168.1.1
> dns proxy = yes
> 
> [home]
>   comment = Hemkataloger
>   browseable = yes
>   writable = yes
>   path = /share/home
> 
> [backup]
>   comment = Backup
>   browseable = yes
>   writable = yes
>   path = /share/backup
>   write list = @"Domain Admins"
> 
> [groups]
>   comment = Gruppkataloger
>   browseable = yes
>   writable = yes
>   path = /share/groups
>   write list = @"Domain Users"
> 
> [profiles]
>    path = /share/profiles
>    browseable = yes
>    guest ok = no
>    csc policy = disable
>    write list = @"Domain Users"
> #       browseable = no
> #       profile acls = yes
> #       create mode = 0700
> #       directory mode = 0700
> #       read only = no
> #       default case = lower
> #       preserve case = no
> #       short preserve case = no
> #       case sensitive = no
> 
> [printers]
>   comment = All Printers
>   path = /var/spool/samba
>   browseable = no
>   guest ok = yes
>   writable = yes
>   printable = yes
>   create mode = 0700
>   use client driver = No
>   write list = @"Domain Admins" root
> 
>   print command = lpr-cups -P %p -o raw %s -r   # using client side 
> printer drivers.
> 
> [print$]
>   path = /var/lib/samba/printers
>   browseable = yes
>   read only = yes
>   write list = @"Domain Admins" root
>   guest ok = yes
> 
> [tmp]
>   comment = Temporary file space
>   path = /tmp
>   read only = no
>   public = yes
> 

-- 
Mit freundlichen Gruessen
Best Regards
Robert Schetterer

robert_at_schetterer_dot_org
Munich / Bavaria / Germany
https://www.schetterer.org

More information about the samba mailing list