[Samba] Roaming Profiles and Samba 3.4.x

Alexander Födisch foedisch at eva.mpg.de
Tue Nov 10 03:45:23 MST 2009 

Hi,

since we did an upgrade from samba 3.0.28 to samba 3.4.x we have trouble with roaming profiles. Currently we are running 
samba 3.4.3.

When logging on, the profile folder on fileserver is created, but the user gets an error message:
----
Your roaming profile is not available. You are logged on with the locally stored profile. Changes to the profile will 
not be copied to the server. Possible causes of this error include network problems or insufficient security rights. If 
this problem persists, contact your network administrator.
DETAIL - Access is denied.
----


Sambalog:

----
[2009/11/10 11:27:59,  3] auth/auth.c:222(check_ntlm_password)
   check_ntlm_password:  Checking password for unmapped user [<domainname>]\[<username>]@[<computername>] with the new 
password interface
[2009/11/10 11:27:59,  3] auth/auth.c:225(check_ntlm_password)
   check_ntlm_password:  mapped user is: [<domainname>]\[<username>]@[<computername>]
[2009/11/10 11:27:59,  5] auth/auth_util.c:1517(fill_sam_account)
   fill_sam_account: located username was [<domainname>\<username>]
[2009/11/10 11:27:59,  3] auth/auth.c:271(check_ntlm_password)
   check_ntlm_password: winbind authentication for user [<username>] succeeded
[...]
[2009/11/10 11:27:59,  3] auth/auth.c:222(check_ntlm_password)
   check_ntlm_password:  Checking password for unmapped user []\[]@[<computername>] with the new password interface
[2009/11/10 11:27:59,  3] auth/auth.c:225(check_ntlm_password)
   check_ntlm_password:  mapped user is: [<domainname>]\[]@[<computername>]
----





snippet of the smb.conf file:

----
map untrusted to domain = yes
[...]


[profiles]
         comment              =
         path                 = "<path>"
         browseable           = no
         force create mode    = 0660
         force directory mode = 0770
         force group          = <group of it>
         force user           = %U
         guest ok             = yes
         nt acl support       = yes
         inherit permissions  = yes
         writeable            = yes
----



The working solution at the moment: 0777 for all userprofiles. But that's not very nice...



Any ideas? Are there any changes of samba > 3.0.x, which I didn't pay attention to?



Thanks,
Alex

More information about the samba mailing list