Howto completly delete a user from samba/ldap

Erik - versatel edgrootjans at versatel.nl
Sat Aug 4 04:58:03 MDT 2012


Hello,

I'm using debian 6.0 with latest updates (dd 3-aug-2012) and samba 3.5.6
I have created a samba configuration and used samba by example as an 
reference,
and also read a lot in the samba howto.
I build the samba with ldap configuration.

I did have some problems when i created the users, proberly a firewall or 
security problem.
For these users there was no PROFILE created in /profiles/u%

I have made a few modifications:




1) 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] 
"requiresignorseal"=dword:00000000

2) C:\windows\system32\drivers\etc\LMHOSTS

x.x.x.x    srv.example.com

x.x.x.x    example.com

3)"Configuratiescherm -> Systeembeheer -> Lokaal beveiligingsbeleid -> 
Lokaal beleid -> Beveiliginsopties"

1) Lid van domein: geen systeemonderhoud van wachtwoord van 
computeraccount --> 0
2) Lid van domein: gegevens in beveiligd kanaal digitaal coderen (indien 
mogelijk) --> 0
3) Lid van domein: gegevens in beveiligd kanaal digitaal coderen of 
ondertekenen (altijd) --> 0
4) Lid van domein: gegevens in beveiligd kanaal digitaal ondertekenen 
(indien mogelijk) --> 0
5) Lid van domein: sterke sessiesleutel verplicht (win 2000 of hoger) --> 0



Changed workgroup
reboot
Changed workgroup to domain

Added the XP-computer succesfully to the domain.



Created a NEW user.



created dir profile/KEES

created dir profdata profile/KEES and subdirs (Recent, MyDocuments etc)

changed owner and mod attrib (CHMOD CHOWN)

smbldap-useradd -a -m KEES

smbpasswd KEES



I logged in on the XP_computer with user KEES.

I logged out and the profile is written in the profile directory





My problem is:

I have some old users who dont have a userprofile (ROMING PROFILE)

I have looked in groups, passwd and shadow if there are some reference to 
this users but found nothing.

I have deleted the users:

smbldap-userdel -r erik

smbpasswd -x erik

I have deleted the samba homedirs, unix homedirs, profiledir an profdatadir.



I rebuid the profiledir and profdatadirs

added the user

smbpasswd-add -m -a erik

smbpasswd erik



logged in with the windows client

but when i log off there is no profile in profiles/erik





I want to have also for this user an roaming profile



I see 3 solutions

Here they are in order of best to worst:

1) to completely delete the user, so that when added, it is seen as a 
completely new user and a profile is created.

   this solution could than also be followed when the profile is corrupted !

2) copy the profile from KEES to ERIK and edit the profile -  but how?

3) completely remove samba and ldap and rebuild the confuguration and 
database.

    I dont like this sollution because profiles can also get corrupted and 
then ....



Please help me.

I have read a lot about samba and profiles, but i did not find a good 
solution.

Thanks.
























More information about the smb-clients mailing list