[Samba] Roaming profils cannot sync four files

Michael Funke maniac.macpain at gmail.com
Tue May 15 08:53:26 UTC 2018


thank you, but it was only a copy/paste mistake. My config looks like this:
[global]
        security = ADS
        workgroup = EXAMPLE
        realm = EXAMPLE.LOCAL

        log file = /var/log/samba/%m.log
        log level = 1

        # Default ID mapping configuration for local BUILTIN accounts
        # and groups on a domain member. The default (*) domain:
        # - must not overlap with any domain ID mapping configuration!
        # - must use a read-write-enabled back end, such as tdb.
        # - Adding just this is not enough
        # - You must set a DOMAIN backend configuration, see below
        idmap config * : backend = tdb
        idmap config * : range = 3000-7999
        idmap config EXAMPLE : backend = rid
        idmap config EXAMPLE : range = 1000000 - 1999999
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
        winbind refresh tickets = yes
        template shell = /bin/bash

        vfs objects = acl_xattr
        map acl inherit = yes
        store dos attributes = yes

        acl allow execute always = yes

[profiles]
        path = /home/EXAMPLE/profiles/
        read only = no

But it doesn't work with this configuration.

Or does I need these lines also? I don't need a login of the domainusers.

# Template settings for login shell and home directory
winbind nss info = template
template shell = /bin/bash
template homedir = /home/%U



2018-05-14 23:28 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org>:

> On Mon, 14 May 2018 22:49:02 +0200
> Michael Funke via samba <samba at lists.samba.org> wrote:
>
> > Okay, I testet it and it doesn't help. Attached is also my smb.conf.
> > May it is here.
> >
> > [global]
> >         # Default ID mapping configuration for local BUILTIN accounts
> >         # and groups on a domain member. The default (*) domain:
> >         # - must not overlap with any domain ID mapping configuration!
> >         # - must use a read-write-enabled back end, such as tdb.
> >         # - Adding just this is not enough
> >         # - You must set a DOMAIN backend configuration, see below
> >         idmap config * : backend = tdb
> >         idmap config * : range = 3000-7999
> >         idmap config EXAMPLE : range = 1000000 - 1999999
>
> >
> >
> > Any ideas?
> >
>
> Yes, did you not understand this:
>
>          # - Adding just this is not enough
>          # - You must set a DOMAIN backend configuration, see below
>
> Well, yes, you must have because you added this:
>
>          idmap config EXAMPLE : range = 1000000 - 1999999
>
> Pity it wasn't enough, can I suggest you read this again:
>
> https://wiki.samba.org/index.php/Idmap_config_ad
>
> And this:
>
> https://wiki.samba.org/index.php/Idmap_config_rid
>
> and decide which you want to use and then add the missing line(s)
>
> If you do not understand those pages, can you please try to explain what
> you do not understand. Without feedback we think they are correct, if
> nobody says 'I do not understand something', we will go on thinking
> they are correct ;-)
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list