[Samba] Howto create roaming profiles using samba4 commands only?
steve
steve at steve-ss.com
Fri Aug 8 06:49:20 MDT 2014
On Fri, 2014-08-08 at 03:05 +0200, Oliver Rath wrote:
> Hi Steve!
>
> Am 07.08.2014 um 18:03 schrieb steve:
> > On Thu, 2014-08-07 at 17:41 +0200, Oliver Rath wrote:
> >> [..]
> >> To create users, i do the following:
> >>
> >> samba-tool user add myuser1 myGreatHiddenPassword789
> >> --profile-path=/var/lib/samba/profiles/myuser1
> >>
> >> The dir /var/lib/samba/profiles/ is set to a+rwx, so that all writings
> >> are allowed. No additional acl-entries at the moment.
> >>
> >> If I now start my (win80)-client, the client is able to login into the
> >> samba-ad-dc, but the profile isnt copied to server after logout as I
> >> assumed. I hope i will solve this with the windows admin tools.
> >>
> >> But are roaming profiles theoretically creatable with samba4-commands only?
> > Yes its:
> > samba-tool user add --profile-path
>
> I already tried this, but unfortunatly this didnt work yet.
> > If you already have your users use ldbmodify (or ldbedit) to add e.g.
>
> ldb* is a really good hint! I will evaluate this.
> > profilePath: \\sambaaid\profiles\oliver
> >
> > Make sure you have 1777 on /var/lib/samba/profiles
>
> Ha! This i hadnt set the sticky bit. i will try this asap and report the
> results. Thank you very much!
>
It's the one where only you can delete the files. samba drops the user's
profile folder as 0700 with all sorts of domain group acls, so make sure
that someone with those privileges is mapped to root. The domain
administrator is a good choice;)
> Regards,
> Oliver
>
More information about the samba
mailing list