[Samba] Samba + LDAP + SMBLDAP-Tools + Roaming Profiles
J. Echter
j.echter at elektro-mayer-echter.de
Wed Jul 20 09:58:34 MDT 2011
Hi,
i've finally have my LDAP backend working for authentication for my DC.
Logon scripts are executed, user is authenticated, but my roaming
profiles are not found.
here is what i have in my config files:
smb.conf
[global]
printing = bsd
netbios name = PDC
server string = PDC (%h)
workgroup = workgroup
interfaces = eth0,lo
security = user
encrypt passwords = true
map to guest = bad user
guest account = nobody
## LDAP
passdb backend = ldapsam:ldap://127.0.0.1
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-15000
idmap gid = 10000-15000
ldap suffix = dc=workgroup,dc=local
ldap user suffix = ou=smb-usr
ldap group suffix = ou=groups
ldap machine suffix = ou=computers
ldap idmap suffix = ou=idmap
ldap admin dn = cn=admin,dc=workgroup,dc=local
ldap ssl = no
ldap passwd sync = yes
add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u"
add user script = /usr/sbin/smbldap-useradd -a '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -a '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
local master = yes
preferred master = yes
domain master = yes
domain logons = yes
logon path = \\%L\profile\%U
logon script = %U.bat
logon drive = H:
hide files = /desktop.ini/ntuser.ini/NTUSER.*/Thumbs.db/
panic action = /usr/share/samba/panic-action %d
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
writeable = yes
[profile]
comment = Profildateien
path = /bacula/samba/profile
guest ok = yes
browseable = no
create mask = 0600
directory mask = 0700
writeable = yes
profile acls = yes
[netlogon]
comment = Network Logon Service
path = /bacula/samba/netlogon
guest ok = yes
writeable = no
share modes = no
browseable = no
smbldap.conf
userHome="/home/%U" (also tried \\pdc\%U)
userSmbHome="\\pdc\%U"
userProfile="\\pdc\profile\%U"
userHomeDrive="H:"
userScript="%U.bat"
what is it what i am overlooking?
many thanks and greets
juergen
More information about the samba
mailing list