[Samba] Problems when migrating from an old machine to a new one.

[BOURIAUD David]

Hello, 
I've got problems with my fresh install of samba. Here is the background :
We have an old machine on which I installed samba, release 3.0.9. It ran a 
linux from scratch system, but I was not well documented about samba at the 
time I did this install, so here is how we used to use it. The users accounts 
were both created in the system (/etc/password) and for samba (smbpasswd). All 
had groups and so on, but I wasn't well documented about both samba and 
windows when I put this machine online. So, to have users have the environment 
the needed, we used to pass on every workstation and added users to the 
machine with the local administrator's accound. We added them as belonging to 
the local Administrator's group.
Here is what we used to do. 
Now, I've got a new machine which is based on rhel 5 and runs samba version 
3.0.28. I've also installed a ldap server on another server and made them both 
communicate using the recommended settings for samba, nss, smbldap-tools and 
so on. Please, beleive me, it just works fine. The problem is somewhere else.
I've copied all datas belonging to users from the old server to the new one, 
assigning the right permissions, and I get all the files at the right place.
The problem concerns the profiles I got from the old machine.
On the old machine, they were stored in /home/user/profile.
I've seen in different newsgroups that this is not a good idea and that they 
should be stored in anywhere else thant in the user's home directory. So I 
created a new directory on the new machine, /home/profile in which I copied 
every profile in any directory as there are users (/home/profile/user).
I've checked permissions, they are ok.
Now, in the ldap directory, I've made for sure that every user belongs to the 
domusers group, mapped to "Domain Users" windows group.

And now, here is the problem : if I log in against this new pdc server with an 
old account, I get all the files on the shared, I can modify, delete, view 
them as I did before, but I have no rights on my profile. So, the windows 
start menu is empty (no link to internet app, neither for email program), I 
can't add the network's neighbourhood icon on the desktop, same for "My 
computer", and so on. I don't get back the desktop image background, and the 
keyboard is mapped qwerty even though I'm in france and expected a french 
layout.


If I empty the profile share and log in on the same machine (provided I've 
removed the c:\Documents and Settings\user directory, I'm considered normal 
user and everything works fine (but I've lost all my preferences I had 
before).

I've read that there is a tool named profiles that can help change domain sid 
in the NTUSER.DAT file located in the user's roaming profile. I've tryed this 
tool, and as root on the new samba machine did :
$ profiles -c OLD_SID -n NEW_SID ./NTUSER.DAT
$ mv NTUSER.DAT.new NTUSER.DAT && chown user:group NTUSER.DAT
before login in on a new windows workstation, but it doesn't help.
Could anyone help me find what's wrong here ?
I don't know what kind of informations are required to help me, so if one 
think I should give one or another information, don't hesitate to ask.
Hoping to hear from you soon.
Best regards.