[Samba] Roaming profiles
L.P.H. van Belle
belle at bazuin.nl
Tue Aug 19 12:32:14 GMT 2008
Hi
Remove the profile acls =yes
and add:
browseable = Yes
csc policy = disable
force user = %U
valid users = %U @"Domain Admins"
Louis
>-----Oorspronkelijk bericht-----
>Van: samba-bounces+belle=bazuin.nl at lists.samba.org
>[mailto:samba-bounces+belle=bazuin.nl at lists.samba.org] Namens
>Mugo Martin
>Verzonden: dinsdag 19 augustus 2008 14:19
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Roaming profiles
>
>Hi people. Im in need of help as far as roaming profiles are concerned.
>Allow me as I know this issue has been discussed timelessly
>but let me just
>ask it because I have been unable to get it to work.
>
>My Samba + Ldap setup is fine and XP users can authenticate alright. Im
>using samba 3.0.28. However when logging in for the first
>time, they get the
>message;
>
>Windows cannot locate a server copy.... -Access is denied
>
>When logging off,
>
>Windows cannot update your roaming profile... -Access is denied
>
>I copied the profiles across from another server, so the first
>error does
>not come up except for new users and the old profiles are
>mapped onto the
>users machines just fine.
>
>I think I've done everything for roaming profiles to work including
>
>mkdir -p /var/lib/samba/profiles
>chown root:users /var/lib/samba/profiles
>chmod 2775 /var/lib/samba/profiles
>
>chown -R user /var/lib/samba/profiles/user/
>
>The samba logs don't show any errors.
>
>Below is my smb.conf file
>[global]
> workgroup = EXAMPLE
> netbios name = EXAMPLE_SERVER
> server string = Samba Server Version %v
> passdb backend = ldapsam:ldap://example.org/
> log file = /var/log/samba/%m.log
> max log size = 50
> add user script = /usr/sbin/adduser -m "%u"
> add machine script = /usr/sbin/useradd -d
>/var/lib/nobody -g 100 -s
>/bin/false -M %u
> logon script = %u.bat
> logon path = \\EXAMPLE_SERVER\profiles\%U
> logon home = \\EXAMPLE_SERVER\%U
> domain logons = Yes
> domain master = Yes
> ldap admin dn = "cn=config"
> ldap group suffix = ou=groups
> ldap machine suffix = ou=machines
> ldap passwd sync = Yes
> ldap suffix = dc=example,dc=org
> ldap user suffix = ou=people
> cups options = raw
>[homes]
> comment = Home Directories
> validusers = %S
> read only = No
> browseable = No
> writable = Yes
> create mask= 0700
> directory mask = 0700
>[netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> share modes = No
> guest ok = Yes
>[profiles]
> path = /var/lib/samba/profiles
> read only = No
> writable = Yes
> profile acls = Yes
> comment = User profiles
> create mask = 0600
> browsable = no
> directory mask = 0700
>
>My searches on the web have not helped much. I am running on a
>Red Hat like
>system (CentOS 5).
>
>Someone please help. I will be eternally grateful.
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list