[Samba] Howto create roaming profiles using samba4 commands only?
steve
steve at steve-ss.com
Thu Aug 7 10:03:17 MDT 2014
On Thu, 2014-08-07 at 17:41 +0200, Oliver Rath wrote:
> Hi list,
>
> this is my first email here :-)
>
> Im using samba4 as ad-dc with ubuntu-14.04.1, which works. I can login
> in previously created users on samba4-server with my win8-client.
> Unfortunatly I wasnt able to create working roaming profiles yet.
>
> Following the howtos in internet always need the use of windows
> admin-tools for creating roaming profiles with the right permissions.
>
> Is it possible to do this with samba4 (i.e. samba-tool) commands only?
>
> At the moment i use this smb.conf (created by howto from samba.org):
>
> # Global parameters
> [global]
> workgroup = MEIN-NETZWERK
> realm = MEIN-NETZWERK.LOKAL
> netbios name = SAMBAAID
> server role = active directory domain controller
> dns forwarder = 192.168.96.254
> idmap_ldb:use rfc2307 = yes
> vfs objects = acl_xattr
> map acl inherit = Yes
> store dos attributes = Yes
>
> [netlogon]
> path = /var/lib/samba/sysvol/mein-netzwerk.lokal/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
> [profiles]
> path = /var/lib/samba/profiles
> read only = No
>
> [public]
> path = /srv/public
> guest ok = yes
> read only = no
>
> All test from howto were successful (hosts .., smbclient ..)
>
> To create users, i do the following:
>
> samba-tool user add myuser1 myGreatHiddenPassword789
> --profile-path=/var/lib/samba/profiles/myuser1
>
> The dir /var/lib/samba/profiles/ is set to a+rwx, so that all writings
> are allowed. No additional acl-entries at the moment.
>
> If I now start my (win80)-client, the client is able to login into the
> samba-ad-dc, but the profile isnt copied to server after logout as I
> assumed. I hope i will solve this with the windows admin tools.
>
> But are roaming profiles theoretically creatable with samba4-commands only?
Yes its:
samba-tool user add --profile-path
If you already have your users use ldbmodify (or ldbedit) to add e.g.
profilePath: \\sambaaid\profiles\oliver
Make sure you have 1777 on /var/lib/samba/profiles
HTH
Steve
More information about the samba
mailing list