[Samba] Strange PDC issue
Mailing List SVR
lists at svrinformatica.it
Sun Jun 1 19:14:51 GMT 2008
Il giorno sab, 31/05/2008 alle 21.01 +0200, Mailing List SVR ha scritto:
> Hi all,
>
> I have a really strange PDC issue:
>
> windows clients are able to join and to login, however some clients have
> permissions issue on their local machine, for example they cannot modify
> settings suck as menubar, folder view, set quick start shortcuts ecc...
> so they cannot use the pc. However if they create a desktop file or
> folder on logoff their profiles are correctly updated.
>
> On the same machine some users can do these things and some other
> cannot. The users are all local machine administrators.
>
> Google seems doesn't help. Someone with this really strange issue?
>
> my system is centos 5.1 (all updates applied) with default samba
> (3.0.25)
>
> in my logs nothing seems interesting
>
> here is my configuration:
>
> [global]
> unix charset = ISO-8859-15
> display charset = ISO-8859-15
> workgroup = PDC
> server string = Server di dominio
> interfaces = lo, eth0
> bind interfaces only = Yes
> obey pam restrictions = Yes
> passdb backend = tdbsam
> pam password change = Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*Password* %n\n *Re-enter*new*password*%n\n
> *Password*changed*
> username map = /etc/samba/smbusers
> unix password sync = Yes
> log level = 1
> syslog = 0
> log file = /var/log/samba/%m.log
> max log size = 100
> name resolve order = wins bcast hosts
> time server = Yes
> printcap name = CUPS
> show add printer wizard = No
> add user script = /usr/sbin/useradd "%u" -n -g users
> delete user script = /usr/sbin/userdel "%u"
> add group script = /usr/sbin/groupadd "%g"
> delete group script = /usr/sbin/groupdel "%g"
> add user to group script = /usr/sbin/usermod -G '%g' '%u'
> delete user from group script = /usr/sbin/userdel "%u" "%g"
> add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M
> -d /nohome -s /bin/false "%u"
> abort shutdown script = /sbin/shutdown -c
> logon script = scripts\logon.bat
> logon path = \\%L\profiles\%U
> logon drive = H:
> logon home = \\%L\%U
> domain logons = Yes
> os level = 255
> preferred master = Yes
> domain master = Yes
> dns proxy = No
> wins support = Yes
> invalid users = bin, deamon, sys, man, postfix, mail, ftp
> admin users = root
> hosts allow = 127., 192.168.2.
> map acl inherit = Yes
> printing = cups
> cups options = raw
> print command =
> lpq command = %p
> lprm command =
> hide unreadable = Yes
> veto files = /*.eml/*.nws/*.{*}/
> veto oplock files = /*.doc/*.xls/*.mdb/
>
> [homes]
> comment = Home Directories
> valid users = %S
> read only = No
> browseable = No
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> guest ok = Yes
> printable = Yes
> use client driver = Yes
> browseable = No
>
> [netlogon]
> comment = Network Logon Service
> path = /home/samba/netlogon
> guest ok = Yes
> locking = No
> share modes = No
>
> [Profiles]
> comment = Roaming Profile Share
> path = /home/samba/profiles
> read only = No
> profile acls = Yes
> case sensitive = No
> preserve case = No
> short preserve case = No
> hide files = /desktop.ini/ntuser.ini/NTUSER.*/
> browseable = No
> csc policy = disable
>
>
> thanks
> Nicola
>
I just updated to 3.0.28 (srpm from rhel 5 update 2) but still the same
issue.
net groupmap list
give this result:
Domain Users (S-1-5-21-487449451-2765197844-2627020230-1002) -> users
Produzione (S-1-5-21-487449451-2765197844-2627020230-1004) -> produzione
Vss (S-1-5-21-487449451-2765197844-2627020230-1006) -> vss
Domain Admins (S-1-5-21-487449451-2765197844-2627020230-1001) -> root
Domain Guests (S-1-5-21-487449451-2765197844-2627020230-1003) -> nobody
Amministrazione (S-1-5-21-487449451-2765197844-2627020230-1005) ->
amministrazione
If I remember the last part of "Domain User" was 513 and not 1002, can
this create issues?
thanks
Nicola
More information about the samba
mailing list