[Samba] about roaming profiles and windows xp, vista
Cheng Bruce
itlist at gmail.com
Sat Aug 11 05:52:16 GMT 2007
Hi,
I know this question is FAQ, I set up samba PDF before and still run
well, and now I need to create another PDC for another branch office.
I have search the MAILLIST and google, but I still can't figure out
what happened and how to fix it.
I can join into samba PDC but while I sign on Windows Xp and Vista, it
will show such like as following
"Your user profile was not loaded correctly!
You have been logged on with a temporary profile. Changes you make to this
profile will be lost when you log off. Please see the event log for details
or contact your administrator."
After logoning into windows xp, I can access \\pdc01\profiles\bruce
and put some files in this folder. but I didn't see other folders like
"Favorites", "My Documents" and so on.
Please advise me, thank you in advance.
I setup samba 3.0.23c in CentOS 5.0 and use IDEALX smbldap-tools 0.92
[root at pdc01 ~]# rpm -qa|grep ^samba
samba-3.0.23c-2.el5.2.0.2
samba-common-3.0.23c-2.el5.2.0.2
samba-client-3.0.23c-2.el5.2.0.2
The following is my smb.conf
[global]
workgroup = GPCNT
netbios name = pdc01
security = user
enable privileges = yes
interfaces = 192.168.1.1
hosts allow = 127. 192.168.1.
username map = /etc/samba/smbusers
server string = Windows 2000 PDC Server
encrypt passwords = Yes
#pam password change = no
#obey pam restrictions = No
ldap passwd sync = Yes
unix password sync = Yes
passwd program = /opt/IDEALX/sbin/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n
"*Retype new password*" %n\n"
#passwd chat debug = Yes
log level = 2
# timestamp logs = No
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10000000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = UTF-8
Unix charset = UTF-8
display charset = UTF8
#hide files = /.snap/.AppleDB/.AppleDouble/.AppleDesktop/_VUC69~7/desktop.ini/:2eDS_Store/:2eVolumeIcon.icns/*.icns/
#hide unreadable = no
logon script = logon.bat
logon drive = H:
logon home = \\%L\%U
logon path = \\%L\profiles\%U
# logon home = \\pdc01\%U
# logon path = \\pdc01\profiles\%U
domain master = Yes
os level = 65
preferred master = Yes
wins support = yes
passdb backend = ldapsam:ldap://192.168.1.2/
ldap admin dn = cn=manager,dc=gpcnt,dc=corp
ldap suffix = dc=gpcnt,dc=corp
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
add user script = /opt/IDEALX/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
delete user script = /opt/IDEALX/sbin/smbldap-userdel "%u"
add machine script = /opt/IDEALX/sbin/smbldap-useradd -t 0 -w "%u"
add group script = /opt/IDEALX/sbin/smbldap-groupadd -p "%g"
delete group script = /opt/IDEALX/sbin/smbldap-groupdel "%g"
add user to group script = /opt/IDEALX/sbin/smbldap-groupmod
-m "%u" "%g"
delete user from group script =
/opt/IDEALX/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u'
printer admin = @"Print Operators"
load printers = Yes
create mask = 0640
directory mask = 0750
#force create mode = 0640
#force directory mode = 0750
nt acl support = No
printing = cups
printcap name = cups
deadtime = 10
guest account = nobody
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
preserve case = yes
short preserve case = yes
case sensitive = no
[netlogon]
path = /samba/netlogon/
browseable = No
read only = yes
[profiles]
path = /samba/profiles/
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles
force user = %U
# next line allows administrator to access all profiles
valid users = %U @"Domain Admins"
[printers]
comment = Network Printers
printer admin = @"Print Operators"
guest ok = yes
printable = yes
path = /samba/spool/
browseable = No
read only = Yes
printable = Yes
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
# print command = /usr/bin/lpr -U%U@%M -P%p -r %s
# lpq command = /usr/bin/lpq -U%U@%M -P%p
# lprm command = /usr/bin/lprm -U%U@%M -P%p %j
# lppause command = /usr/sbin/lpc -U%U@%M hold %p %j
# lpresume command = /usr/sbin/lpc -U%U@%M release %p %j
# queuepause command = /usr/sbin/lpc -U%U@%M stop %p
# queueresume command = /usr/sbin/lpc -U%U@%M start %p
[print$]
comment = Printer Drivers Share
path = /samba/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
[homes]
comment = %U's Home Directories
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[public]
path=/samba/public
public=yes
writable=yes
read only=no
create mask = 0664
directory mask = 0775
guest ok = Yes
[tools]
path = /samba/tools/
browseable = Yes
read only = Yes
valid users = %U @"Domain Admins"
write list = @"Domain Admins"
And the permission of folders is as the following
[root at pdc01 ~]# ll /samba
total 56
drwxr-xr-x 2 root root 4096 Mar 30 01:00 home
drwxr-xr-x 2 root root 4096 Aug 10 16:44 netlogon
drwxr-xr-x 2 root root 4096 Aug 6 15:35 printers
drwxrwxrwt 3 root root 4096 Aug 9 19:20 profiles
drwxr-xr-x 2 root root 4096 Aug 6 15:35 public
drwxr-xr-x 2 root root 4096 Aug 6 15:35 spool
drwxr-x--- 2 root Domain Users 4096 Aug 10 15:38 tools
[root at pdc01 ~]# ll /samba/profiles/bruce/ -ld
drwx------ 2 bruce Domain Users 4096 Aug 10 18:50 /samba/profiles/bruce/
Best Regards,
Bruce
More information about the samba
mailing list