[Samba] problems with roaming profiles

Mike Eggleston mikeegg1 at mac.com
Tue Feb 19 15:48:32 GMT 2008

I have a samba 3 domain running for a while and have noticed that
desktop.ini is displayed often on login and that my personal desktop is
not being sync'd with my repository. Last week I was building a new box
for a user and am converting this same user to a domain profile at the
same time. I have found that the user's romaining profile is not being
created on the samba server. The user can log in, authenticate through
samba to ldap, and see the user's home directory (mapped to H:\). When
the user logs out the profile is not written to my profiles directory.
The user can also create, read, and delete files from the mapped home

Does anyone see something wrong in my samba configuration?


fedora core 5
samba 3

/etc/samba/smb.conf excerpts -------------------
    security = USER
    client plaintext auth = Yes
    client lanman auth = Yes
    lanman auth = No
    ntlm auth = Yes
    guest account = nobody
    #admin users = root, mikee
    admin users =
    hosts allow = .domain.com, 10.1.2., 10.1.3., 192.168.100.
    cups options = raw
    wins support = yes
    name resolve order = wins lmhosts host bcast
    dns proxy = no
    usershare allow guests = yes
    time server = yes

    workgroup = WKGRP
    netbios name = elo
    netbios aliases = loghost, mailhost, backuphost, ldaphost
    server string = Samba Server (%h)
    logon drive = H:
    logon home = \\%h\%U
    logon path = \\%h\profiles\%U
    logon script = logon.bat
    ldap delete dn = Yes
    ldap suffix = dc=domain,dc=com
    ldap admin dn = cn=manager,dc=domain,dc=com
    ldap user suffix = ou=people
    ldap group suffix = ou=groups
    ldap machine suffix = ou=machines
    ldap ssl = off
    ldapsam:trusted = Yes
    ldap timeout = 15
    utmp directory = /var/run
    wtmp directory = /var/log
    utmp = Yes

    encrypt passwords = Yes
    password level = 0
    password server = ldaphost.domain.com
    passdb backend = ldapsam:ldap://ldaphost.domain.com
    ldap passwd sync = Yes
    unix password sync = No
    passwd program = /usr/sbin/smbldap-passwd %u
    #pam password change = Yes
    passwd chat = "Changing * password*for*\nNew password*" %n\n "*Retype new password*" %n\n
    passwd chat debug = Yes
    #client use spnego = No
    #use spnego = No

    os level = 66
    preferred master = Yes
    local master = Yes
    domain master = Yes
    domain logons = Yes
    allow trusted domains = Yes

	comment = Roaming User Profiles
	path = /etc/samba/profiles
	browseable = Yes
	writable = Yes
	read only = No
	guest ok = Yes
	hide files = /DESKTOP.INI/Desktop.ini/desktop.ini/ntuser.ini/NTUSER.*/Thumbs.db/
	#store dos attributes = Yes
	create mask = 0600
	directory mask = 0700
	#printable = no
	csc policy = disable

/etc/samba/smb.conf excerpts -------------------

More information about the samba mailing list