[Samba] Help: TS login authenticating using Machine name of TS instead of user.
Thomas Spaziani
toms at norchemlab.com
Fri Apr 15 21:54:24 MDT 2011
Hi All,
I've had Samba 3.4.7 setup as a fileserver connected to a Win2K3
domain controller working great for a while now. Roaming profiles work
perfectly when logging in from the machines locally. However when I try
and login to a WinXP or 2K3 machine via an RDP session (Terminal
Services) it is unable to locate the profile. I bumped the logging up
and still saw no reason why. When I allowed guests to the shares, I
finally saw why it failed. Win2K3 when logging in via TS/RDP is using
the Machine Name of the TS to authenticate to Samba. Thus samba is
looking for \\samba\profiles\%U incorrectly since %U is the machine
name and not the user attempting to login.
A bit more background. I have a pre-exec script that is run each time
access to a share is requested. Its sole purpose is to create the home
and profile folders for people when logging in the first time from
/etc/skel.
For instance if user toms logs in locally to a Win2K3 machine (name
termsrv). \\samba\profiles points to /mnt/filesrv/homes/%U/profile/%a
This works great. I also setup a profiles.V2 which points to the same
place and the %a takes care of the architecture difference if logging in
to a Vista/Win2008/7 machine.
The script create the /mnt/file/homes/toms just fine on first logon.
Here is where it gets weird, when I login via RDP to the same machine. I
see /mnt/file/homes/termsrv_ show up. termsrv_ is certainly not
found via the ldap lookup so permissions aren't set and the Win2K3
machine complains it doesn't have access to my roaming profile.
So why is the machine name being sent in place of %U only via RDP
logins. Is that intended Win2K3 TS behaviour? How can Samba handle this?
Thanks!
- Tom
More information about the samba
mailing list