[Samba] roaming profiles

Gary Dale garydale at rogers.com
Sat Jul 4 01:24:32 GMT 2009

Wojciech Giel wrote:
> Hi 
> I trying to configure Samba PDC/BDC with LDAP master/slave backend and file 
> server as a Member serwer.
> PDC/BDC with ldap is working. But now I 'm in the middle of configuring 
> roaming profiles but I don't understand some issues.
> Samba PDC/BDC with ldap's is on ubuntu server whereas samba member server is 
> on opensolaris with zfs based storage. 
> users Home directories will be on Samba Member server(OXHILL), and inside 
> these directories will be roaming profiles directory and redirected folders. 
> I dont understand roaming profiles topic could some one explain it is in a 
> simple way.
> As I understand on PDC in order to have roaming profiles I have to add 
> [global]
> .....
>         logon script = scripts\logon.bat
>         logon home = \\OXHILL\%U
>         logon path = \\OXHILL\%U\.profiles
>         logon drive = H:
> [homes]
>         comment = Home Directories
>         valid users = %S
>         read only = no
>         browsable = no
> [netlogon]
>         comment = Network Logon Service
>         path = /var/lib/samba/netlogon
>         browseable = no
>         read only = yes
>         guest ok = yes
>         locking = no
> [profile]
>         comment = Profile Share
>         path = /home/%U/.profiles
>         read only = no
>         profile acls = yes
> so home directory  is on OXHILL and profile directory is inside that 
> directory. But should netlogon share be on that machine too? What for is this 
> profile share is it necessary if I have logon path?
> on Samba member (OXHILL) 
> [homes]
>         comment = Home Directories
>         path = /home/%U
>         read only = no
>         browsable = no
>         root preexec = /usr/bin/homecreate '%U'
> should I add profile and net logon share? 
> Please somebody help me to understand relation ship between logon path and 
> netlogon profiles, and how to do it correctly. 
> thanks for any help
The netlogon share is, AFAIK, used if you want to provide scripts to be 
run at logon. It's not essential for roaming profiles but it's also 
probably not large so there is no point in not having one. Corporate 
types love being able to control end user's using netlogon scripts.

Profiles are a copy of your Windows account profile that gets synched 
when you log on or off a Windows computer. The problem is, if you have 
lots of files in My Documents, it can get large and synching can take a 
long time.

AFAIK there is no need for them both to be on the same machine but I've 
never tried doing it any other way. Not sure how to specify them on 
different machines.

You can put your netlogon and profiles anywhere. The path you specify in 
your smb.conf above puts it in a hidden (.profile) directory in a user's 
Unix home folder. However, they may not have one. I keep mine in 
/home/samba/netlogon and /home/samba/profiles/%U myself. You can still 
share that for each user but it keeps your /home directory smaller - 
only Unix accounts & samba show up directly in /home.

More information about the samba mailing list