I've been at this for hours now and am still not getting it to work.
I've been through the lists trying to find an answer and so far as I can
tell, everything is configured OK. Obviously it's not, but I'm stuck.
I recently installed Squeeze on my home server, overwriting a Lenny
installation. I've been able to add my NT (Windows XP/Pro) domain
accounts back in and pdbedit shows the expected values - e.g.:
r...@whenim64:/home/samba/profiles# pdbedit -Lv garydale
Unix username: garydale
NT username:
Account Flags: [U ]
User SID: S-1-5-21-832165970-4128531365-4003982369-1002
Primary Group SID: S-1-5-21-832165970-4128531365-4003982369-513
Full Name: Gary Dale
Home Directory: \\whenim64\home\garydale
HomeDir Drive: m:
Logon Script:
Profile Path: \\whenim64\home\samba\profiles\garydale
Domain: RAHIM-DALE
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: 9223372036854775807 seconds since the Epoch
Kickoff time: 9223372036854775807 seconds since the Epoch
Password last set: Wed, 15 Sep 2010 14:05:50 EDT
Password can change: Wed, 15 Sep 2010 14:05:50 EDT
Password must change: never
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
However, although I can log on, I can't get the roaming profiles
working. I get the "windows cannot locate the server copy of your
roaming profile" message. Since my Unix account names/numbers are the
same and the profiles are in the previously working /home folder that
didn't get touched, I can't see how it''s a permissions problem.
Noneheless, I removed an old profile which should have let WIndows
create a new one. It didn't. I still got the same error.
I did have to reinstate the groupmaps (don't know why the samba install
doesn't do this) but they seem OK.
r...@whenim64:/home/samba/profiles# net groupmap list
Domain Admins (S-1-5-21-832165970-4128531365-4003982369-512) -> ntadmins
Domain Users (S-1-5-21-832165970-4128531365-4003982369-513) -> users
Domain Guests (S-1-5-21-832165970-4128531365-4003982369-514) -> nogroup
Domain Computers (S-1-5-21-832165970-4128531365-4003982369-515) -> machines
My smb.conf tests OK with testparm. SWAT reports all the daemons are
running. I can map shares (with read/write) without needing extra
authentication.
My smb.conf (minus the shares & printers) is:
[global]
workgroup = RAHIM-DALE
server string = %h server
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword$
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
add machine script = /usr/sbin/useradd -d /var/lib/nobody -g machines -$
logon path = \\%N\home\samba\profiles\%U
logon drive = m:
logon home = \\%N\home\%U
domain logons = Yes
domain master = Yes
dns proxy = No
wins support = Yes
panic action = /usr/share/samba/panic-action %d
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
browseable = No
browsable = No
[Profiles]
profile acls = yes
create mode = 0600
directory mode = 0700
path = /home/samba/profiles
read only = no
browseable = no
writeable = yes
guest ok = yes
[homes]
comment = Home Directories
valid users = %S
create mask = 0700
directory mask = 0700
browseable = No
browsable = No
Any ideas?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
