[Samba] Vista roaming profiles...
Adam Williams
awilliam at mdah.state.ms.us
Wed Dec 17 18:44:47 GMT 2008
I didn't do anything special, no registry hacks, changes with msconfig
or gpedit.msc or anything. just running vista SP1 32-bit and 64-bit.
here's the ldif of a vista user:
[root at roark mail]# ldapsearch -D
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=gjones,ou=People,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=gjones,ou=People,dc=mdah,dc=state,dc=ms,dc=us> with scope
subtree
# filter: (objectclass=*)
# requesting: ALL
#
# gjones, People, mdah.state.ms.us
dn: uid=gjones,ou=People,dc=mdah,dc=state,dc=ms,dc=us
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: hostObject
objectClass: sambaSamAccount
cn: Gwendolyn Jones
sn: Jones
givenName: Gwendolyn Jones
uid: gjones
uidNumber: 874
gidNumber: 100
homeDirectory: /home/gjones
mail: gjones at mdah.state.ms.us
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
gecos: Gwendolyn Jones
host: roark
host: arrowhead
host: preshs
shadowLastChange: 14120
sambaSID: S-1-5-21-4231144054-2518398651-1985341777-2748
displayName: Gwendolyn Jones
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
00000000
sambaAcctFlags: [U ]
sambaProfilePath: \\roark\profiles\gjones
sambaHomePath: \\roark\gjones
sambaLogonScript: scripts\gjones.bat
sambaHomeDrive: R:
sambaLMPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
sambaNTPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
sambaPwdLastSet: 1220372614
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[root at roark mail]# ldapsearch -D
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=gjones$,ou=Computers,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxxxxx -x
# extended LDIF
#
# LDAPv3
# base <uid=gjones$,ou=Computers,dc=mdah,dc=state,dc=ms,dc=us> with
scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# gjones$, Computers, mdah.state.ms.us
dn: uid=gjones$,ou=Computers,dc=mdah,dc=state,dc=ms,dc=us
uid: gjones$
cn: gjones$
sn: gjones$
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: sambaSamAccount
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
shadowLastChange: 13916
shadowMax: 99999
shadowWarning: 7
loginShell: /dev/null
uidNumber: 10874
gidNumber: 100
homeDirectory: /dev/null
sambaSID: S-1-5-21-4231144054-2518398651-1985341777-1029
displayName: gjones$
sambaAcctFlags: [W ]
sambaNTPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
sambaPwdLastSet: 1228486918
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[global]
unix charset = LOCALE
workgroup = ADMIN
server string = Roark
update encrypted = Yes
map to guest = Bad Password
password server = roark
passdb backend = ldapsam:ldap://roark.mdah.state.ms.us
username map = /etc/samba/smbusers
log level = 4
log file = /var/log/samba/log.%m
max log size = 50
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
add user script = /usr/sbin/smbldap-useradd -a -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/sbin/smbldap-groupmod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
domain logons = Yes
os level = 66
preferred master = Yes
domain master = Yes
dns proxy = No
wins proxy = Yes
wins support = Yes
ldap admin dn = cn=Manager,dc=mdah,dc=state,dc=ms,dc=us
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = Computers
ldap passwd sync = Yes
ldap suffix = dc=mdah,dc=state,dc=ms,dc=us
ldap user suffix = ou=People
idmap backend = ldap:ldap://mdah.state.ms.us
idmap uid = 20000-30000
idmap gid = 20000-30000
template homedir = /home/winnt/%D/%U
template shell = /bin/bash
printer admin = root, awilliam, smccoy, jomiles, sokolsky
guest ok = Yes
hosts allow = 10.8.
profile acls = Yes
map acl inherit = Yes
posix locking = No
msdfs root = Yes
[homes]
comment = Home Directories
valid users = %S
force group = users
read only = No
create mask = 0750
force create mode = 0750
directory mask = 0750
force directory mode = 0750
guest ok = No
nt acl support = No
browseable = No
csc policy = disable
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
use client driver = Yes
browseable = No
[share]
path = /samba/admin
force group = admin
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
guest only = Yes
nt acl support = No
csc policy = disable
[pers]
path = /samba/pers
valid users = chall, mckinnon, awilliam
force group = pers
read only = No
create mask = 0760
force create mode = 0760
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
csc policy = disable
wide links = No
[pubinfo]
path = /samba/pubinfo
valid users = @pubinfo
force group = pubinfo
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
nt acl support = No
csc policy = disable
[exec]
path = /samba/executive
valid users = @executive
force group = executive
read only = No
create mask = 0770
force create mode = 0770
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
browseable = No
csc policy = disable
[exec-hr]
path = /samba/executive/hr
valid users = @exec-hr
force group = exec-hr
read only = No
create mask = 0770
force create mode = 0770
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
browseable = No
csc policy = disable
[netlogon]
path = /var/lib/samba/netlogon
guest ok = No
nt acl support = No
csc policy = disable
[profiles]
path = /var/lib/samba/profiles
read only = No
create mask = 0777
directory mask = 0777
delete veto files = Yes
veto files = /*.mp3/*.wma/
browseable = No
[grants]
path = /samba/grants
valid users = @grants
force group = grants
read only = No
create mask = 0770
force create mode = 0770
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
browseable = No
csc policy = disable
[hankandcheri]
path = /samba/hankandcheri
valid users = @hankandcheri
force group = hankandcheri
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
nt acl support = No
csc policy = disable
[newmuse]
path = /samba/newmuse
valid users = @newmuse
force group = newmuse
read only = No
create mask = 0660
force create mode = 0660
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
csc policy = disable
[wpkg]
comment = Windows Packager
path = /samba/wpkg
admin users = awilliam
write list = awilliam
force user = root
read only = No
browseable = No
[hholmes-recman]
comment = hholmes on recman
path = /samba/hholmes-recman
valid users = root, hholmes
force user = root
read only = No
create mask = 0770
force create mode = 0770
force security mode = 0777
directory mask = 0770
force directory mode = 0770
nt acl support = No
csc policy = disable
[is]
path = /samba/is
valid users = @is
write list = @is
force group = is
read only = No
create mask = 0777
force create mode = 0777
directory mask = 0777
force directory mode = 0777
guest ok = No
nt acl support = No
csc policy = disable
[hankandtrey]
path = /samba/hankandtrey
valid users = @hankandtrey
force group = hankandtrey
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
nt acl support = No
csc policy = disable
[dfs]
path = /samba/dfs
valid users = @dfs
force group = users
read only = No
nt acl support = No
csc policy = disable
[home]
path = /home
valid users = @dfs
force group = users
read only = No
create mask = 0777
force create mode = 0777
force security mode = 0777
directory mask = 0777
force directory mode = 0777
nt acl support = No
csc policy = disable
[root at roark mail]# ls -l /var/lib/samba/profiles/|grep gjones
drwxrwxrwx 11 gjones users 4096 2008-12-10 19:01 gjones.V2
[root at roark mail]# ls -al /var/lib/samba/profiles/|grep .
total 280
drwxrwxrwx 44 root users 4096 2008-11-25 18:04 .
[root at roark mail]# smbd -V
Version 3.0.33
[root at roark mail]# du -shc /var/lib/samba/profiles/gjones.V2/
90M /var/lib/samba/profiles/gjones.V2/
More information about the samba
mailing list