[Samba] Roaming Profiles under Linux clients

Mario Codeniera mario.codeniera at gmail.com
Thu Oct 4 21:29:37 MDT 2012


As I configured the Roaming profiles under linux, it more or less generate
an abnormal operation (in less than 2 mins) if I add/copy some files to the
home directory. But for Windows XP and Windows 7 is running smoothly and it
generates folders at the Samba4 server location with corresponding users.
e.g. Administrator (for XP), and Administrator.V2 (for Win7/2008) based on
my observations.

I was confused on roaming under linux (or maybe it was not yet supported),
because once I login as the administrator (one account in Samba4 - AD user)
in linux, adding (files to the desktop) or modifying (I used to move to the
home directory). Then login to the Windows 7 and WinXP, it will NOT login
when I see the logs of the server using -d3

Kerberos: Client sent patypes: encrypted-timestamp, 128
Kerberos: Looking for PKINIT pa-data -- administrator at UCHIHA
Kerberos: Looking for ENC-TS pa-data -- administrator at UCHIHA
Kerberos: Failed to decrypt PA-DATA -- administrator at UCHIHA (enctype
arcfour-hmac-md5) error Decrypt integrity check failed
Kerberos: Failed to decrypt PA-DATA -- administrator at UCHIHA
Kerberos: AS-REQ administrator at UCHIHA from ipv4:
for krbtgt/UCHIHA at UCHIHA

But for a few minutes, you can login again and this time it will display at
the system tray (a dialog box) "User Profile Service There was a problem
with your roaming profile. You have been logged on with your previously
saved local profile. Please see the event logs for details or contact your
administrator", but those files are just only few bytes (less than 1MB)
just the pam.d files. The saved files are not located either of Windows XP
or 7.

auth_check_password_send: Checking password for unmapped user
auth_check_password_send: mapped user is:
ntlm_password_check: NTLMv2 password check failed
ntlm_password_check: Lanman passwords NOT PERMITTED for user administrator
ntlm_password_check: LM password, NT MD4 password in LM field and LMv2
failed for user administrator
auth_check_password_recv: sam_ignoredomain authentication for user
schannel_fetch_session_key_tdb: restored schannel info key
auth_check_password_send: Checking password for unmapped user
auth_check_password_send: mapped user is:
Got a dns update request.
Update not allowed for unsigned packet.
Tkey handshake completed
Terminating connection - 'dns_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[dns_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]

But after a 20mins, coz I went somewhere. It goes to normal again. I
conclude that Linux (Ubuntu 12.04) roaming profiles is not yet implemented
in Samba4 RC2 - Centos 6.3. Other observation, Windows7 machine is not
detected in the network, but WinXp and Ubuntu machines are visible.

Any ideas how to implement roaming profile under Linux as the clients?


More information about the samba mailing list