[Samba] Fwd: Samba 4.5.8-Debian User Profiles on NFS-Share

Franz Gansberger franz.gansberger at boku.ac.at
Wed May 24 11:57:12 UTC 2017 



Hi,

regarding to this problem I made some progress. After going back to Jessie, and samba 4.2.14 the following configuration works.


Storage Client Wheezy 7.11)
/etc/exports on nfs-server (version 1.2.6-4):
/data/data 141.244.123.4(rw,sec=sys,async,no_root_squash,subtree_check)

DC
Version nfs-client: 1.2.8-9
Samba: Samba version 4.2.14-Debian

profiles share on samba DC
[profiles]
# roaming profiles
 comment = Roaming Profiles
 path = /data/data-nfs-vw/profiles-ads/
	   read only = no
  create mask = 0775
directory mask = 0775

nsswitch.conf
passwd:		 compat winbind
group:		  compat winbind
shadow:		 compat
gshadow:	    files

/etc/idmap.conf
[General]
Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
 Domain = boku.ac.at
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup

Even die UID-Mapping is working between Storage Server, and DC - without the in this version ignored setting via ADUC-Unix-Atrributes.
The Userprofile gets fully synchronized as expected.

I'm quite astonished...

What I'll do next - transfer this config to a different version

Franz




>>> "Franz Gansberger" <franz.gansberger at boku.ac.at> 22.05.2017 16:50 >>>
Hello,

again I'd like to get help from this list.
After setting up the server, I'd like to store data an user profiles on an nfs-server.
The share is writeable by the user, I can create files and directories.

But - by syncing the user profile to that share i stops, telling me that my user profile is only synced partly. 
In the log on the WS there is a "1509" noted. 
Only "Apps Data", ntuse.dat and ntuser.ini are there.
(Trying the same on a local share is working as expected).
I'm not sure if this is an nfs-related issue, or a samba configuration issue.
Anyhow, I'm glad th get some input from you.

Thank you!
Franz



# Global parameters
[global]
	    netbios name = TEST-ADS
	    realm = REALM.BOKU.AC.AT
	    workgroup = REALM
	    dns forwarder = 8.8.8.8
	    server role = active directory domain controller
	    idmap_ldb:use rfc2307 = yes

	    unix charset = UTF8
		log level = 5

[profiles]
comment = Roaming Profiles
path = /data/data/profiles-nfs
read only = no	  
force create mode = 0600
force directory mode = 0700

The share ist exportet with this options:
/data/data server.localdomain(rw,async,fsid=0,crossmnt,no_subtree_check,no_root_squash,insecure)


Error log in log.smbd

[2017/05/22 16:38:30.412365,  5] ../source3/smbd/dosmode.c:287(get_ea_dos_attribute)
  get_ea_dos_attribute: Cannot get attribute from EA on file demo1.V4/AppData/Roaming/Microsoft/Network: Error = Operation not supported

More information about the samba mailing list