[Samba] Roaming Profiles Problem

Gary Dale garydale at torfree.net
Sun Mar 25 20:09:59 GMT 2007 

The permissions I believe the world needs are rwx. You only seem to be 
giving them rx, and only r in the create mask. I'd try getting less 
fancy and keep your profiles down to:
[profiles]
       comment = Windows Roaming Profiles
       path = /home/%U/profile
       read only = No
       store dos attributes = Yes
and even then I don't know about the last line.  Mine just use a path 
and read only = no. My profiles directory permissions are: drwxrwxrwt.



Robert Steinmetz wrote:
> Gary Dale wrote:
>> I'm assuming that you've not shown us your full smb.conf. This does 
>> make it tricky to figure out what you've got however.
> Yes I only sent the parts that seem relevant to this problem. Here are 
> the full globals and shares.
>
> [global]
>        workgroup = DOMAIN
>        server string = %h server (Samba, Ubuntu)
>        obey pam restrictions = Yes
>        password server = PDC 192.168.1.24 *
>        passdb backend = tdbsam
>        passwd program = /usr/bin/passwd %u
>        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
> *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
>        syslog = 0
>        log file = /var/log/samba/log.%m
>        max log size = 1000
>        time server = Yes
>        hostname lookups = Yes
>        logon path = \\PDC\%U\profile
>        logon drive = U:
>        logon home = \\PDC\%U
>        domain logons = Yes
>        os level = 33
>        domain master = Yes
>        wins proxy = Yes
>        wins support = Yes
>        ldap ssl = no
>        panic action = /usr/share/samba/panic-action %d
>        idmap uid = 10000-20000
>        idmap gid = 10000-20000
>        winbind nested groups = Yes
>        admin users = root, administrator
>        hosts allow = 192.168.1.0/255.255.255.0
>        profile acls = Yes
>
> [printers]
>        comment = All Printers
>        path = /tmp
>        create mask = 0700
>        printable = Yes
>        browseable = No
>
> [print$]
>        comment = Printer Drivers
>        path = /var/lib/samba/printers
>
> [netlogon]
>        comment = Network Logon Service
>        path = /var/lib/samba/netlogon
>        guest ok = Yes
>        browseable = No
>
> [profiles]
>        comment = Windows Roaming Profiles
>        path = /home/%U/profile
>        read only = No
>        create mask = 0664
>        force create mode = 0775
>        directory mask = 0775
>        force directory mode = 0775
>        store dos attributes = Yes
>
> [homes]
>        path = /home/%U
>        read only = No
>        store dos attributes = Yes
>> In general, I believe that you need to give the world full access to 
>> the profiles.
> Which settings are you referring to here? File permissions, acls etc.?
>> Also, you haven't got a "profile acls = Yes" line in the part of your 
>> smb.conf you've shared with us. Despite not defaulting to Yes, this 
>> seems to be needed
> I didn't have that one set. I changed it, see above. Still no luck.
>

More information about the samba mailing list