Howto completly delete a user from samba/ldap
Erik - versatel
edgrootjans at versatel.nl
Sat Aug 4 04:58:03 MDT 2012
I'm using debian 6.0 with latest updates (dd 3-aug-2012) and samba 3.5.6
I have created a samba configuration and used samba by example as an
and also read a lot in the samba howto.
I build the samba with ldap configuration.
I did have some problems when i created the users, proberly a firewall or
For these users there was no PROFILE created in /profiles/u%
I have made a few modifications:
3)"Configuratiescherm -> Systeembeheer -> Lokaal beveiligingsbeleid ->
Lokaal beleid -> Beveiliginsopties"
1) Lid van domein: geen systeemonderhoud van wachtwoord van
computeraccount --> 0
2) Lid van domein: gegevens in beveiligd kanaal digitaal coderen (indien
mogelijk) --> 0
3) Lid van domein: gegevens in beveiligd kanaal digitaal coderen of
ondertekenen (altijd) --> 0
4) Lid van domein: gegevens in beveiligd kanaal digitaal ondertekenen
(indien mogelijk) --> 0
5) Lid van domein: sterke sessiesleutel verplicht (win 2000 of hoger) --> 0
Changed workgroup to domain
Added the XP-computer succesfully to the domain.
Created a NEW user.
created dir profile/KEES
created dir profdata profile/KEES and subdirs (Recent, MyDocuments etc)
changed owner and mod attrib (CHMOD CHOWN)
smbldap-useradd -a -m KEES
I logged in on the XP_computer with user KEES.
I logged out and the profile is written in the profile directory
My problem is:
I have some old users who dont have a userprofile (ROMING PROFILE)
I have looked in groups, passwd and shadow if there are some reference to
this users but found nothing.
I have deleted the users:
smbldap-userdel -r erik
smbpasswd -x erik
I have deleted the samba homedirs, unix homedirs, profiledir an profdatadir.
I rebuid the profiledir and profdatadirs
added the user
smbpasswd-add -m -a erik
logged in with the windows client
but when i log off there is no profile in profiles/erik
I want to have also for this user an roaming profile
I see 3 solutions
Here they are in order of best to worst:
1) to completely delete the user, so that when added, it is seen as a
completely new user and a profile is created.
this solution could than also be followed when the profile is corrupted !
2) copy the profile from KEES to ERIK and edit the profile - but how?
3) completely remove samba and ldap and rebuild the confuguration and
I dont like this sollution because profiles can also get corrupted and
Please help me.
I have read a lot about samba and profiles, but i did not find a good
More information about the smb-clients