[Samba] How to debug not working Roaming profiles on Samba 4 AD setup?
Rowland penny
rpenny at samba.org
Mon Jun 27 20:48:26 UTC 2016
On 27/06/16 21:03, Thomas DEBESSE wrote:
> Hi, some months before, I was serving files and profiles using a Samba 3
> PDC server (I will name it PDCSERV), this is some abstracts fro smb.conf:
>
> PDCSERV:/etc/samba/smb.conf
>
> [general]
> logon path = \\%N\profile
> logon drive = U:
> logon home = \\%N\%U
> logon script = "logon.cmd"
> valid users = %S
>
> [homes]
> path = "/home/%U/userdisk"
> browseable = No
> read only = No
> writeable = Yes
> browseable = No
> public = No
> create mask = 2700
> directory mask = 0700
> valid users = %S
>
> [profile]
> path = /home/%U/profile
> browsable = No
> writeable = Yes
> create mask = 0600
> directory mask = 0700
> profile acls = Yes
> csc policy = disable
>
> [profile.v2]
> path = /home/%U/profile.v2
> browseable = No
> writeable = Yes
> create mask = 0600
> directory mask = 0700
> profile acls = Yes
> csc policy = disable
>
> Roaming profiles was working fine, they were backed up at user logout.
>
> Then I migrated my setup to a Samba 4 AD server (I will name it ADSERV) and
> a Samba 4 File server (I will name it FILESERV), this is some abstracts
> from smb.conf from ADSERV and FILESERV:
>
> ADSERV:/etc/samba/smb.conf
>
> [general]
> logon path = \\FILESERV\profile
> logon drive = U:
> logon home = \\FILESERV\%U
> logon script = "logon.cmd"
> valid users = %S
>
> FILESERV:/etc/samba/smb.conf
>
> [homes]
> path = "/home/%U/userdisk"
> browseable = No
> read only = No
> writeable = Yes
> browseable = No
> public = No
> create mask = 2700
> directory mask = 0700
> valid users = %S
>
> [profile]
> path = /home/%U/profile
> browsable = No
> writeable = Yes
> create mask = 0600
> directory mask = 0700
> profile acls = Yes
> csc policy = disable
>
> [profile.v2]
> path = /home/%U/profile.v2
> browseable = No
> writeable = Yes
> create mask = 0600
> directory mask = 0700
> profile acls = Yes
> csc policy = disable
>
> From a logged-in client, I can successfully browse \\FILESERV\homes,
> \\FILESERV\username (another view for \\FILESERV\homes), \\FILESERV\profile
> and \\FILESERV\profile.v2.
>
> But the Roaming profiles are not backed up at logout. At all. No one.
>
> Since I have a logon.cmd that mount U: to \\FILESERV\homes plus some
> registry key that redirect Desktop, and some files to U:\something, I never
> lose any user data, but I lose any user configuration when the user's
> computer gets replaced, since the user profile is never backed up to the
> server at lougout. For stuff like desktop background image it's not a big
> problem because users known how to set it and having it broken do not
> prevent them to work, but it's very annoying when users lost some
> configuration they need to do their job, like per-user option in printer
> configuration.
>
> For information, Samba assumes these options on my Samba 4 system (seen
> using testparm -v):
>
> [general]
> fstype = NTFS
> store dos attributes = No
>
> I don't remember what were the default on Samba 3, I have no Samba3 servers
> anymore.
>
> My Domain is an AD Domain with Samba 4 servers (both AD and File servers)
> and Windows 7/10 clients, there is no Windows servers at all.
>
> So, unless I miss something, all the things above looks legit. So my
> question is: how I can debug my setup ? What are the things I must look for
> to find what is not working?
>
Are the 'File servers' joined to the domain ?
Are the smb.conf files you posted complete, if not, can you post the
complete ones, exactly as they are on the computers (you can sanitize
them if you need to)
Try taking a look here:
https://wiki.samba.org/index.php/Implementing_roaming_profiles
Rowland
More information about the samba
mailing list