[Samba] User and Group management from Linux plus roaming profiles
L.P.H. van Belle
belle at bazuin.nl
Tue Sep 8 07:18:12 UTC 2015
For policies, RATS etc. a very Handy site.
http://trekker.net/archives/group-policy-downloads/
all you need.
Greetz,
Louis
s
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
> Verzonden: dinsdag 8 september 2015 9:02
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] User and Group management from Linux plus roaming
> profiles
>
> On 07/09/15 22:07, Robert Moskowitz wrote:
> > Right now, RSAT seems not to be an option for me, as the only Win
> > systems here are XP...
> >
> > None of my PDC users were brought over with classicupdate. Perhaps
> > becuase my users are LINUX user accounts? And the home directories
> > map to /home/user ?
>
> Not having seen your old setup, but if you had a PDC, the users & groups
> should have been created in AD by classicupgrade, it is the only reason
> for the upgrade tool existing.
>
> >
> > So I would think I need to start adding users and put them into
> > groups. How?
>
> By using the RSAT tools from windows, or by using samba-tool etc
>
> >
> > And I am reading:
> > https://wiki.samba.org/index.php/Implementing_roaming_profiles
> >
> > At the beginning the smb.conf starts with:
> >
> > [profiles]
> >
> > further down in the POSIX ACLs section it is:
> >
> > [Profiles]
> >
> > Are these two different shares? Or since shares are case insensitive
> > it does not matter?
> >
>
> It doesn't any more, thanks for pointing the anomaly out.
>
> > Then there is:
> >
> > chgrp „Domain Users“ /srv/samba/profiles
> >
> > and I don't see „Domain Users“ defined.
> >
>
> If you have an AD DC, you have "Domain Users", try this:
>
> ldbsearch -H /var/lib/samba/private/sam.ldb
> '(&(objectclass=group)(samaccountname=Domain Users))'
>
> > Finally, as this is an AD, not a PDC, I am assuming I need to use
> > 'ADUC' to enable roaming profiles for selected users (that got added
> > how, see above). Is ADUC available on XP? I may have to break down
> > and buy a 'cheap' used notebook on ebay with Win7 OEM preloaded...
>
> Yes, you can use ADUC on XP, download it from here:
>
> http://www.microsoft.com/en-us/download/details.aspx?id=16770
>
> But, you can do most of what ADUC does with samba-tool.
>
> >
> > As I think Marc said I don't use:
> >
> > logon path = \\%L\Profiles\%U
> >
> > for an AD.
> >
>
> Correct
>
> > Lastly a question on home share (and the wiki warns not to use the
> > default homes share, but the home share documented).
> >
> > Can the home share be on a AD Member Server? It would seem so....
> >
>
>
> Yes, you just need to set the users 'homeDirectory' attribute to point
> to the machine that holds the users home dir
>
> i.e. \\thinkpad\rowland
>
> The same goes for the users profile, but in this case you would use the
> 'profilePath' attribute
>
> Rowland
>
> > thanks. Laboring away here!
> >
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list