[Samba] PDC will create new roaming profiles but fails to load them on subsequent logons

[Frank J. Gómez]

Hello,

I'm running Samba Version 3.4.7 on Ubuntu 10.04.2 LTS.  I'm using Samba as
the Primary Domain Controller.

Things that work:
- Clients can logon
- I can run logon scripts
- Roaming profiles are created for new users on logon

However, when I try to logon again with the same user, I invariably get this
error message:
"Your roaming profile is not available.  You are logged on with the locally
stored profile.  Changes to the profiles will not be copied to the server.
 Possible causes of this error include network problems or
insufficient security rights.  If this problem persists, contact your
network administrator.

DETAIL - Access is denied."

Below is a snippet of my config.  I'm trying to show only relevant settings;
please ask for more if I've left out something important:

[global]

 ## Authentication ##
 encrypt passwords = true
 obey pam restrictions = Yes
 passdb backend = tdbsam
 security = user

## Domains ##
 domain logons = Yes
 domain master = Yes
 local master = yes
 logon drive = H:
 logon home = \\%N\%U
 logon path = \\%N\profiles\%U
 logon script = %U.bat
 os level = 65
 preferred master = Yes
 root preexec = /usr/local/bin/logon-generator.sh %U

 [netlogon]
        comment = Network Logon Service
        guest ok = yes
        path = /home/samba/netlogon
        read only = yes
        share modes = no

 [profiles]
        browseable = No
        comment = Users profiles
        create mask = 0600
        directory mask = 0700
        guest ok = Yes
        path = /home/samba/profiles
        profile acls = yes
        writable = yes

The permissions on /home/samba/profiles are 777.  The permissions on any
directory that Samba creates in this share are 700.

Thanks for your help,
-Frank