[Samba] Roaming Profiles only for Admin?

Albrecht Dreß albrecht.dress at lios-tech.com
Tue Aug 19 16:06:31 GMT 2008


thanks a lot for all hints...

After playing a whole afternoon with the W2Ksp4 box, I made some  

First, I had to run "gpedit" on the 2k box, and to "activate" the  
option for not checking the ownership of roaming profile folders (key  
is Computer configuration - Administrative Templates - System - User  
Profiles; I found this hint in a posting).

Now the roaming profile is stored properly *except* for a user for  
which the attempt to store the profile failed.  Here I have to erase  
the local profile folder (in C:\Documents and Settings), then reboot  
the box, and try again - works.  Arrgh!!!  No idea what happens with XP  
and Vista.

Reading the man pages more closely, my impression is that the setting  
"profile acls = yes" should exactly prevent this problem.  But it  
apparently doesn't work as advertised.  Does anyone have more insight  
here?  It would be great if I could omit tweaking the policies on each  
and every machine I have in the network...

Am 19.08.2008 15:05:53 schrieb(en) Hoover, Tony:
> try changing :
> create mask = 0644
> directory mask = 0775

Now my working profiles setup is

path = /home/samba/profiles
writeable = yes
store dos attributes = yes
browseable = no
create mask = 0600
directory mask = 0700
guest ok = no
csc policy = disable
force user = %U
valid users = %U @"Domain Admins"


More information about the samba mailing list