[Samba] Storing Profile remote on Samba PDC only works for one user

Konstantin Kletschke kk at trackitsystems.de
Tue Sep 28 03:03:23 MDT 2010 

Hello :-)

Meanwhile I found out why the %a in my "logon path" was not respected,
there was an entry in my LDAP user entries overriding this. I removed it
and now the %a ist respected,
/exports/home/samba/profiles/XXXXXXX_admin/Win2K is created _and_
populated only for XXXXXXX_admin, only created and _not_ populated for
the other users (works also from WinXP with %a becoming WinXP).

I have this issue on WinXP clients _and_ Win2k clients. 

I found out to enable userenv.log on the windows clients:

This is the user logging in:

USERENV(b8.a0) 17:11:29:781 =========================================================
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: Entering, hToken = <0x50>, lpProfileInfo = 0x6f648
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: Entering, hToken = <0x50>, lpProfileInfo = 0x6f648
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: lpProfileInfo->lpUserName = <XXXXXXX_user>
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: lpProfileInfo->lpProfilePath = <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K>
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\PFERDEKOPFNEBEL\netlogon\Default User>
USERENV(b8.a0) 17:11:29:781 LoadUserProfile: NULL server name
USERENV(b8.a0) 17:11:29:781 GetUserMutex:  entering
USERENV(b8.a0) 17:11:29:781 GetUserMutex: Waiting...
USERENV(b8.a0) 17:11:29:781 GetUserMutex: Wait succeeded.  Mutex currently held.
USERENV(b8.a0) 17:11:29:781 GetUserGuid: Failed to get user guid with 1355.
USERENV(b8.a0) 17:11:29:781 GetProfileSid: No Guid -> Sid Mapping available
USERENV(b8.a0) 17:11:29:781 GetUserGuid: Failed to get user guid with 1355.
USERENV(b8.a0) 17:11:29:781 GetProfileSid: No Guid -> Sid Mapping available
USERENV(b8.a0) 17:11:29:781 ParseProfilePath: Entering, lpProfilePath = <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K>
USERENV(b8.a0) 17:11:29:781 CheckXForestLogon: checking x-forest logon, user handle = 80
USERENV(b8.a0) 17:11:29:796 MyGetDomainDNSName:  MyGetUserName failed for dns domain name with 1355
USERENV(b8.a0) 17:11:29:796 CheckUserInMachineForest: MyGetDomainName failed with 1355.
USERENV(b8.a0) 17:11:29:796 CheckXForestLogon : CheckUserInMachineForest failed with 1355
USERENV(b8.a0) 17:11:29:796 ParseProfilePath: CheckXForestLogon failed, hr = 8007054B
USERENV(b8.a0) 17:11:29:906 ParseProfilePath: Tick Count = 16
USERENV(b8.a0) 17:11:29:906 PingComputer: PingBufferSize set as 2048
USERENV(b8.a0) 17:11:29:906 PingComputer:  First time:  0
USERENV(b8.a0) 17:11:29:906 PingComputer:  Fast link.  Exiting.
USERENV(b8.a0) 17:11:29:906 ParseProfilePath: FindFirstFile found something with attributes <0x10>
USERENV(b8.a0) 17:11:29:906 ParseProfilePath: Found a directory
USERENV(b8.a0) 17:11:29:906 LoadUserProfile: ParseProfilePath returned a directory of <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K>
USERENV(b8.a0) 17:11:29:906 RestoreUserProfile:  Entering
USERENV(b8.a0) 17:11:29:906 RestoreUserProfile:  User is a Guest
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Entering
USERENV(b8.a0) 17:11:29:906 CheckRoamingShareOwnership: checking ownership for \\pferdekopfnebel\profiles\XXXXXXX_user\Win2K
USERENV(b8.a0) 17:11:29:906 CheckRoamingShareOwnership: policy set to disable ownership check
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Testing <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K\ntuser.man>
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Profile is not reachable, error = 2
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Testing <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K\ntuser.dat>
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Profile is not reachable, error = 2
USERENV(b8.a0) 17:11:29:906 IsCentralProfileReachable:  Ok to create a user profile.
USERENV(b8.a0) 17:11:29:906 RestoreUserProfile:  Central Profile is reachable
USERENV(b8.a0) 17:11:29:906 RestoreUserProfile:  Central Profile is roaming
USERENV(b8.a0) 17:11:29:906 RestoreUserProfile:  Profile path = <\\pferdekopfnebel\profiles\XXXXXXX_user\Win2K>

This is the admin logging in:

USERENV(b8.a0) 17:11:55:421 =========================================================
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: Entering, hToken = <0x1f0>, lpProfileInfo = 0x6f648
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: Entering, hToken = <0x1f0>, lpProfileInfo = 0x6f648
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: lpProfileInfo->lpUserName = <XXXXXXX_admin>
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: lpProfileInfo->lpProfilePath = <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K>
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\PFERDEKOPFNEBEL\netlogon\Default User>
USERENV(b8.a0) 17:11:55:421 LoadUserProfile: NULL server name
USERENV(b8.a0) 17:11:55:421 GetUserMutex:  entering
USERENV(b8.a0) 17:11:55:421 GetUserMutex: Waiting...
USERENV(b8.a0) 17:11:55:421 GetUserMutex: Wait succeeded.  Mutex currently held.
USERENV(b8.a0) 17:11:55:437 GetUserGuid: Failed to get user guid with 1355.
USERENV(b8.a0) 17:11:55:437 GetProfileSid: No Guid -> Sid Mapping available
USERENV(b8.a0) 17:11:55:437 GetUserGuid: Failed to get user guid with 1355.
USERENV(b8.a0) 17:11:55:437 GetProfileSid: No Guid -> Sid Mapping available
USERENV(b8.a0) 17:11:55:437 ParseProfilePath: Entering, lpProfilePath = <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K>
USERENV(b8.a0) 17:11:55:437 CheckXForestLogon: checking x-forest logon, user handle = 496
USERENV(b8.a0) 17:11:55:437 MyGetDomainDNSName:  MyGetUserName failed for dns domain name with 1355
USERENV(b8.a0) 17:11:55:437 CheckUserInMachineForest: MyGetDomainName failed with 1355.
USERENV(b8.a0) 17:11:55:437 CheckXForestLogon : CheckUserInMachineForest failed with 1355
USERENV(b8.a0) 17:11:55:437 ParseProfilePath: CheckXForestLogon failed, hr = 8007054B
USERENV(b8.a0) 17:11:55:546 ParseProfilePath: Tick Count = 16
USERENV(b8.a0) 17:11:55:546 PingComputer: PingBufferSize set as 2048
USERENV(b8.a0) 17:11:55:546 PingComputer:  First time:  0
USERENV(b8.a0) 17:11:55:546 PingComputer:  Fast link.  Exiting.
USERENV(b8.a0) 17:11:55:546 ParseProfilePath: FindFirstFile found something with attributes <0x10>
USERENV(b8.a0) 17:11:55:546 ParseProfilePath: Found a directory
USERENV(b8.a0) 17:11:55:546 LoadUserProfile: ParseProfilePath returned a directory of <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K>
USERENV(b8.a0) 17:11:55:546 RestoreUserProfile:  Entering
USERENV(b8.a0) 17:11:55:546 RestoreUserProfile:  User is a Guest
USERENV(b8.a0) 17:11:55:546 RestoreUserProfile:  User is a Admin
USERENV(b8.a0) 17:11:55:546 IsCentralProfileReachable:  Entering
USERENV(b8.a0) 17:11:55:546 CheckRoamingShareOwnership: checking ownership for \\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K
USERENV(b8.a0) 17:11:55:546 CheckRoamingShareOwnership: policy set to disable ownership check
USERENV(b8.a0) 17:11:55:546 IsCentralProfileReachable:  Testing <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K\ntuser.man>
USERENV(b8.a0) 17:11:55:546 IsCentralProfileReachable:  Profile is not reachable, error = 2
USERENV(b8.a0) 17:11:55:546 IsCentralProfileReachable:  Testing <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K\ntuser.dat>
USERENV(b8.a0) 17:11:55:562 IsCentralProfileReachable:  Found a user profile.
USERENV(b8.a0) 17:11:55:562 RestoreUserProfile:  Central Profile is reachable
USERENV(b8.a0) 17:11:55:562 RestoreUserProfile:  Central Profile is roaming
USERENV(b8.a0) 17:11:55:562 RestoreUserProfile:  Profile path = <\\pferdekopfnebel\profiles\XXXXXXX_admin\Win2K>

I see the user is only reated as a guest and the admin as an
admin. Because both of them being treated as a guest I suppose both also
should be treated as a user and as this windows should do save the
remote profile (this is not done for guests only).

But my LDAP structure is intedend to handle both as users also. Where
can the error be? Can there be an error in Group Mapping or group
memberships or some sort of that? Both user are members of Domain Users
in my LDAP entries though...

Kind Regards, Konsti

More information about the samba mailing list