[Samba] Howto create roaming profiles using samba4 commands only?

steve steve at steve-ss.com
Thu Aug 7 10:03:17 MDT 2014


On Thu, 2014-08-07 at 17:41 +0200, Oliver Rath wrote:
> Hi list,
> 
> this is my first email here :-)
> 
> Im using samba4 as ad-dc with ubuntu-14.04.1, which works. I can login
> in previously created users on samba4-server with my win8-client.
> Unfortunatly I wasnt able to create working roaming profiles yet.
> 
> Following the howtos in internet always need the use of windows
> admin-tools for creating roaming profiles with the right permissions.
> 
> Is it possible to do this with samba4 (i.e. samba-tool) commands only?
> 
> At the moment i use this smb.conf (created by howto from samba.org):
> 
> # Global parameters
> [global]
>         workgroup = MEIN-NETZWERK
>         realm = MEIN-NETZWERK.LOKAL
>         netbios name = SAMBAAID
>         server role = active directory domain controller
>         dns forwarder = 192.168.96.254
>         idmap_ldb:use rfc2307 = yes
>         vfs objects = acl_xattr
>         map acl inherit = Yes
>         store dos attributes = Yes
> 
> [netlogon]
>         path = /var/lib/samba/sysvol/mein-netzwerk.lokal/scripts
>         read only = No
> 
> [sysvol]
>         path = /var/lib/samba/sysvol
>         read only = No
> 
> [profiles]
>         path = /var/lib/samba/profiles
>         read only = No
> 
> [public]
>         path = /srv/public
>         guest ok = yes
>         read only = no
> 
> All test from howto were successful (hosts .., smbclient ..)
> 
> To create users, i do the following:
> 
> samba-tool user add myuser1 myGreatHiddenPassword789
> --profile-path=/var/lib/samba/profiles/myuser1
> 
> The dir /var/lib/samba/profiles/ is set to a+rwx, so that all writings
> are allowed. No additional acl-entries at the moment.
> 
> If I now start my (win80)-client, the client is able to login into the
> samba-ad-dc, but the profile isnt copied to server after logout as I
> assumed. I hope i will solve this with the windows admin tools.
> 
> But are roaming profiles theoretically creatable with samba4-commands only?
Yes its:
samba-tool user add --profile-path 
If you already have your users use ldbmodify (or ldbedit) to add e.g.
profilePath: \\sambaaid\profiles\oliver

Make sure you have 1777 on /var/lib/samba/profiles
HTH
Steve




More information about the samba mailing list