Version: 3.0.14a (debian stable: 3sarge1)
(I'm not currently subscribed to this list, so please CC me on any
replies -- Thanks!)
I'm just about finished converting our company's network from NIS to
LDAP. Part of that involved updating Samba to use that same directory
so all the information is maintained in one place.
Most everything is good, except that my roaming profiles won't work. My
smb.conf file is attached.
Upping the log level eventually showed messages like this:
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(108)
unix_convert called on file "%u"
[2006/05/22 15:16:29, 10] smbd/statcache.c:stat_cache_lookup(210)
stat_cache_lookup: lookup failed for name [%U]
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(175)
unix_convert begin: name = %u, dirpath = , start = %u
I traced this to the "logon path" configuration item. Samba is choosing
the value from the smb.conf file because I don't have these values set
within the LDAP directory; I just want to use the default generated one.
However, it semes that Samba is NOT substituting the "%u" in this case
even though it was when LDAP was not in use. At least "logon path" and
"logon home" are affected; maybe more.
To verify, I manually changed every "%u" in the smb.conf file to
"bcwhite" and then I can log on with my profile and home directory just
fine. An okay solution for me, but the rest of my users might complain.
Since my users are expecting to return tomorrow (after a long weekend)
and use their WinXP machines, I'd appreciate it if someone can shed some
light on this problem asap.
Thanks much!!!
Brian
( [EMAIL PROTECTED] )
-------------------------------------------------------------------------------
Until we are first independent, we cannot be interdependent.
;
; $Id: smb.conf,v 1.7 2006/05/22 19:09:28 bcwhite Exp $
;
[global]
printing = cups
printcap = cups
load printers = yes
guest account = guest
invalid users = root
dont descend = /proc,/dev
unix extensions = no
bind interfaces only = no
interfaces = eth1 eth2
netbios aliases = titan share shell profiles
; don't risk problems with buggy dos programs (Visual C++) getting wrong
timestamp
dos filetime resolution = yes
; "security = user" is always a good idea. This will require a Unix account
; in this server for every user accessing the server.
security = user
; Change this for the workgroup your Samba server will part of
workgroup = precidia
server string = %h Server (Samba %v)
; If you want Samba to log though syslog only then set the following
; parameter to 'yes'. Please note that logging through syslog in
; Samba is still experimental.
syslog only = no
; We want Samba to log a minimum amount of information to syslog. Everything
; should go to /var/log/{smb,nmb} instead. If you want to log through
; syslog you should set the following parameter to something higher.
syslog = 0;
; This socket options really speed up Samba under Linux, according to my
; own tests.
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096
SO_RCVBUF=4096
; Passwords are encrypted by default. This way the latest Windows 95 and NT
; clients can connect to the Samba server with no problems.
encrypt passwords = yes
passdb backend = ldapsam:ldap://localhost
; It's always a good idea to use a WINS server. If you want this server
; to be the WINS server for your network change the following parameter
; to "yes". Otherwise leave it as "no" and specify your WINS server
; below (note: only one Samba server can be the WINS server).
; Read BROWSING.txt for more details.
wins support = yes
; If this server is not the WINS server then specify who is it and uncomment
; next line.
; wins server = 172.16.0.10
; Please read BROWSING.txt and set the next four parameters according
; to your network setup.
os level = 99
local master = yes
preferred master = yes
; Domain stuff
domain master = yes
domain logons = yes
;; domain group map = /etc/samba/domain-group.map
;; domain user map = /etc/samba/domain-user.map
;; local group map = /etc/samba/local-group.map
logon path = \\profiles\profiles\%u
logon home = \\shell\%u
logon drive = u:
logon script = logon.bat
;; add user script = /etc/samba/addhost %u
; What naming service and in what order should we use to resolve host names
; to IP addresses
name resolve order = host bcast
; This will enable nmbd to search for NetBIOS names through DNS.
dns proxy = yes
; Name mangling options
preserve case = yes
short preserve case = yes
mangled names = yes
mangle prefix = 5
mangling method = hash
; LDAP settings
ldap admin dn = uid=samba,ou=Services,dc=precidia
ldap suffix = dc=precidia
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap replication sleep = 1000
ldap password sync = true
ldapsam:trusted = true
; For Unix password sync. to work on a Debian GNU/Linux system, the following
; parameters must be set (thanks to Culus for pointing this out):
check password script = /usr/local/sbin/pwcheck
unix password sync = false
; passwd program = /usr/local/sbin/ldappasswd --unix %u
; passwd chat = * %n\n
; The following parameter is useful only if you have the linpopup package
; installed. The samba maintainer and the linpopup maintainer are
; working to ease installation and configuration of linpopup and samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &
; The default maximum log file size is 5 MBytes. That's too big so this
; next parameter sets it to 1 MByte. Currently, Samba rotates log
; files (/var/log/{smb,nmb} in Debian) when these files reach 1000 KBytes.
; A better solution would be to have Samba rotate the log file upon
; reception of a signal, but for now on, we have to live with this.
max log size = 1000
log level = 0
[homes]
comment = Home Directory
browseable = no
read only = no
create mask = 0664
directory mask = 0775
[printers]
comment = Printers
printer admin = root, @winadmin
path = /var/spool/samba
browseable = no
printable = yes
public = yes
writable = no
create mode = 0700
[print$]
comment = Printer Drivers
path = /etc/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = root
[netlogon]
comment = Logon Scripts
path = /usr/local/win32/netlogon
read only = yes
public = no
browseable = no
[profiles]
comment = User Profiles
path = /var/data/profiles
create mask = 0600
directory mask = 0700
read only = no
public = yes
browseable = no
profile acls = yes
; A sample share for sharing your CD-ROM with others.
;[cdrom]
; comment = CD-ROM Drive
; writable = no
; locking = no
; path = /cdrom
; public = yes
; fake oplocks = yes
;
; The next two parameters show how to auto-mount a CD-ROM when the
; cdrom share is accesed. For this to work /etc/fstab must contain
; an entry like this:
;
; /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
;
; The CD-ROM gets unmounted automatically after the connection to the
;
; If you don't want to use auto-mounting/unmounting make sure the CD
; is mounted on /cdrom
;
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom
[titan]
comment = Precidia Technologies, Inc.
path = /home/tolkien/titan
public = yes
writable = no
fake oplocks = yes
locking = no
[tmp]
comment = Temporary Files
path = /usr/local/tmp
create mode = 0666
public = yes
writable = yes
