[Samba] Classicupgrade FL 2012_R2 NTLM/Kerberos logon
Peter Milesson
miles at atmos.eu
Thu Jun 20 11:11:28 UTC 2024
On 20.06.2024 9:28, Rowland Penny via samba wrote:
> On Wed, 19 Jun 2024 19:16:51 +0200
> Marco Gaiarin via samba <samba at lists.samba.org> wrote:
>
>> Mandi! Havany via samba
>> In chel di` si favelave...
>>
>>>> It sounds like you are still using the old, deprecated (by Windows)
>>>> roaming profiles, instead of Folder redirection.
>> ?! Some more clue, Rowland? I use roaming profiles *AND* folder
>> redirection, usually... ;-)
> It was just a comment, but from my understanding, you should use one or
> the other, not both.
>
>>
>>> So, I think I will use the "classicupgrade" method. I will wait a
>>> few days to make sure everything works well before making the final
>>> decision and moving on to the next steps.
>> I think i'm late.
>>
>> Con consider that if you have the same user/login and password on
>> both domain (NT and AD), you can safely migrate machine (and users)
>> from NT to AD and keep user access the old server. You need only some
>> attention, eg keep enabled SMB1 in Ad to access the old server and
>> have a WINS server active on the network.
> From experience, once a client has seen and connected to AD, it will
> never connect to an NT4-style domain again.
>
> Rowland
>
>
Hi folks,
I beg to differ about folder redirection and roaming user profiles.
Both of them can be applied simultaneously, but is generally considered
a BAD thing. It can be a tricky beast to setup, however. You need to
start with a clean user account where everything is stored on the local
PC. Then you apply folder redirection, and really make sure that it
works (which may not be that easy, particularly on huge profiles). The
last step is to implement roaming profiles, but ONLY on AppData. Any
other use is pointless. It's ugly as sin, and it may work.
I have got a setup where both concepts are applied of historical reasons
(started as an NT domain about 20 years ago). It works. In current
installations, I do not use roaming profiles, as they have got huge
drawbacks. The way to go is to use folder redirection, or user profile
disks (hopeless to restore individual files from backups).
In folder redirection, I always redirect AppData (Roaming), Desktop, and
Documents. Pictures and Videos depends on the users in question, and
what's their main profession. General office users just create lots of
bloat in those folders. The rest, including Music and Downloads is also
left out of folder direction, as they contain user bloat to 99.99%. The
folders remaining on the local PC is the responsibility of the user. If
they care about some files, they are told to move those files to a
redirected folder.
About redirection of AppData (Roaming), there are many different
opinions. I prefer to redirect AppData (Roaming) to not loose user
settings, if something happens. Reconstructing a user profile with all
details can be quite time consuming. If it's not important, just leave
that folder out from folder redirection.
Just my 5 cents...
Peter
More information about the samba
mailing list