[Samba] Samba PDC kills WinXP
Markus Bajones
bajo at fet.at
Thu Jan 24 19:06:59 GMT 2008
Thanks for the advice.
I'll give it a try tomorrow.
Markus
On Jan 21, 2008, at 9:52 PM, Dale Schroeder wrote:
> Markus,
>
> I took out most of the comments so that I could follow what you have.
> I see three possibilities.
> 1. You have two passdb backend's defined.
> 2. I believe the share is called [profiles] instead of [profile]
> 3. Normally the "profile acls" and "hide files" would be placed in
> [profiles] instead of [global].
>
> Perhaps someone else can see something else.
>
> Dale
> #======================= Global Settings =======================
>
> [global]
>
>
> workgroup = FET
> netbios name = atlas
> server string = Atlas has it all
>
> dns proxy = no
> unix extensions = yes
> log file = /var/log/samba/log.%m
> log level = 3
> max log size = 1000
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
>
> security = user
> encrypt passwords = true
> passdb backend = tdbsam
> obey pam restrictions = yes
> guest account = nobody
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew
> \sUNIX\spassword:* %n\n .
>
> domain logons = yes
> logon script = logon.bat
> logon path = \\xxx.xxx.xxx.xxx\profile
> profile acls = yes
> hide files = /desktop.ini/ntuser.ini/NTUSER.*/?humbs.db/
>
> os level = 55
> domain master = yes
> preferred master = yes
>
> # FQDN changed for privacy reasons
> passdb backend = ldapsam:ldap://ldapserver.mydomain.at/
> ldap admin dn = "cn=smbadmin,ou=eumel,dc=fet,dc=at"
> ldap ssl = start_tls
> ldap suffix = dc=fet,dc=at
> ldap user suffix = ou=wappler
> ldap group suffix = ou=gruppen
> ldap idmap suffix = ou=idmap,ou=eumel
> ldap machine suffix = ou=kraxen,ou=wappler
> ldap passwd sync = yes
>
> time server = yes
>
> template shell = /bin/bash
>
> # Winbind stuff, we don't currently use it
> idmap uid = 150000-550000
> idmap gid = 150000-550000
>
> # FQDN changed for privacy reasons
> idmap backend = ldap:ldap://ldapserver.mydomain.at/
>
> add user script = /usr/sbin/smbldap-useradd -m "%u"
> delete user script = /usr/sbin/smbldap-userdel "%u"
> add group script = /usr/sbin/smbldap-groupadd -p "%g"
> delete group script = /usr/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
> delete user from group script = /usr/sbin/smbldap-groupmod -x
> "%u" "%g"
> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
> add machine script = /usr/sbin/smbldap-useradd -w "%u"
>
> socket options = TCP_NODELAY
> unix charset = UTF8
> display charset = UTF8
>
>
> #======================= Share Definitions =======================
>
> [save]
> path = /mnt/save/
> writable = yes
> create mask = 644
>
> # alles fuer die Domaene
> [netlogon]
> comment = Network Logon Service
> path = /home/samba/netlogon
> guest ok = yes
> writeable = no
> ; share modes = no
>
> [profile]
> comment = Profildaten
> path = /home/samba/profile/%U
> valid users = %U
> read only = no
> guest ok = no
> browseable = no
> writeable = yes
>
>
> Markus Bajones wrote:
>>
>> Hi,
>>
>> I have a little problem with my Samba PDC setup.
>> I have a Debian / Etch with Samba 3.0.24 with OpenLDAP Backend and
>> use it as PDC with domain logons and roaming profiles enabled.
>> The logon for normal domain users work without any problems, but
>> when I login with my domain administrator account my Windows XP
>> Professional client I have a big problem.
>> After the logout, when it tries to copy the user data back to the
>> profiles folder on my samba server it freezes.
>> Then I have to restart.
>> After this I cannot boot into Windows anymore, as some files from
>> the C:\Windows\system32 directory are missing.
>>
>> My smb.conf is attached.
>>
>> Cheers,
>> Markus
>>
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG.
>> Version: 7.5.516 / Virus Database: 269.19.8/1235 - Release Date:
>> 1/21/2008 9:39 AM
More information about the samba
mailing list