The problem was resolved after rejoining the domain. It looks like the policy was not updated though I rebooted the machine and did gpupdate. Yauheni Labko (Eugene Lobko) Junior System Administrator Chapdelaine & Co. (212)208-9150
On Monday 19 October 2009 01:42:09 pm Yauheni Labko wrote: > Hi, > > I have a domain controller which was configured to use the local profiles. > We have a relatively small group whose work required it. Now we are moving > toward using the domain for all machine with roaming profile. There are a > lot of posts dealing with the roaming profiles and the folder redirection. > But I've met some issues. > > My configuration: > NS3 and SMB are hostnames of our servers. > PDC is located on NS3 and file server containing profiles and home shares > on SMB. > > This is NS3 configuration: > # Global parameters > [global] > workgroup = CHAPPY-MS > netbios name = DS01 > server string = Chappy Samba LDAP PDC Server > interfaces = 192.168.40.8/255.255.255.0 > passdb backend = ldapsam:ldap://ds01/ > enable privileges = Yes > passwd program = /usr/sbin/smbldap-passwd -u "%u" > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > printcap name = cups > add user script = /usr/sbin/smbldap-useradd -m "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" > "%g" > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > add machine script = /usr/sbin/smbldap-useradd -w "%u" > logon path = \\smb\profiles\%U\%a > logon drive = H: > logon home = \\smb\homes > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > wins support = Yes > ldap admin dn = cn=admin,dc=chappy,dc=com > ldap delete dn = Yes > ldap group suffix = ou=groups > ldap idmap suffix = ou=idmap,dc=chappy,dc=com > ldap machine suffix = ou=computers > ldap passwd sync = Yes > ldap suffix = dc=chappy,dc=com > ldap user suffix = ou=people > panic action = /usr/share/samba/panic-action %d > idmap uid = 15000-20000 > idmap gid = 15000-20000 > printing = cups > print command = > lpq command = %p > lprm command = > > [netlogon] > path = /var/lib/samba/netlogon > browseable = No > > > This is SMB configuration: > > [global] > workgroup = CHAPPY-MS > server string = file server > interfaces = 192.168.40.43 > map to guest = Bad User > passdb backend = ldapsam:ldap://ds01 > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 2048 > keepalive = 0 > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE > SO_RCVBUF=8192 SO_SNDBUF=8192 > hostname lookups = Yes > load printers = No > dns proxy = No > wins server = 192.168.40.8 > kernel oplocks = No > ldap admin dn = cn=admin,dc=chappy,dc=com > ldap delete dn = Yes > ldap group suffix = ou=groups > ldap idmap suffix = ou=idmap,dc=chappy,dc=com > ldap machine suffix = ou=computers > ldap suffix = dc=chappy,dc=com > ldap ssl = no > ldap user suffix = ou=people > panic action = /usr/share/samba/panic-action %d > > [homes] > comment = Home Share > path = /san/export/home/%S > valid users = %S > write list = %S > force create mode = 0600 > force directory mode = 0700 > hide special files = Yes > browseable = No > > [profiles] > comment = Profiles Share > path = /san/export/samba/profiles > read only = No > force create mode = 0664 > force directory mode = 0775 > profile acls = Yes > hide files = /Application Data/Cookies/Local\ > Settings/NetHood/PrintHood/Recent/SendTo/NTUSER.DAT/ > store dos attributes = Yes > browseable = No > csc policy = disable > > > Netlogon on NS3 has a Default User configuration redirecting Desktop, My > Documents, My Pictures, My Music, Personal to the appropriate directories > on %HOMEDRIVE%: > Desktop - %HOMEDRIVE%\Desktop > My Documents - %HOMEDRIVE%\My Documents > My Pictures - %HOMEDRIVE%\My Documents\My Pictures > etc.. > > The local group policy disables the offline files and the roaming profile > synchronization for Desktop, My Documents and Application Data. These > settings were based on Samba by Examples, ch.5 and 6. > > During the first log in the user grabs the configured profile from > netlogon share and correctly setup all files. But when user logged off it > watched synchronizing window where it syncs the user home directory. > At the same time the user can write/read home drive with no problems. The > popup message "offline files - working offline" is rather annoying. > > Could anybody give me an idea what is wrong? Or maybe I should use > %LOGONPROFILE% variable instead of %HOMEDRIVE%? > If the synchronization window is normal for such configuration is there any > advantage of using the folder redirection with the roaming profile? Maybe > it is better to disable synchronization of some directories and train > users to keep their documents on home drive arguing that this is a safe > place? > > Yauheni Labko (Eugene Lobko) > Junior System Administrator > Chapdelaine & Co > (212)208-9150 > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba