On Tuesday 12 July 2005 01:50, Nicola Murino wrote: > My clients are windows xp sp2, however there is the same function: > > Start->Run->gpedit.msc > LocalComputerPolicy -> ComputerConfiguration > AdministrativeTemplates -> System -> User Profile -> Do not check for > user ownership of Roaming profiles set to enable > > now a basic PDC works :-), > > thanks > Nicola > > P.S. If this is a common problem (I have this issue with different samba > versions on different distributions) maybe would be a good idea insert > this issue in samba faq or in documentation such as samba by example or > other samba official doc (excuse me if it is already inserted)
Please refer to the book, "The Official Samba-3 HOWTO and Reference Guide", second edition, Chapter 26, Section 26.2.2.3. This book is being printed and is due to be released at LinuxWorld San Francisco. You can obtain a PDF of it from: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf Cheers, John T. > > Пустовалов Леонид Тимофеевич ha scritto: > >Hello Nicola, > > > >Monday, July 11, 2005, 8:16:16 PM, you wrote: > > > >if client = windows 2000 > >try to Start -> Run -> gpedit.msc > >LocalComputerPolicy -> ComputerConfiguration -> > >AdministrativeTemplates -> System -> Logon -> Do not check for user > >ownership of Roaming profiles > >set to Enable > > > >NM> Hi all, > > > >NM> I'm trying to configure samba as PDC, I have a problem when windows > >NM> client log in this is the error: > > > >NM> Windows cannot load the profile and is logging you on with a temporary > >NM> profile. Changes you make to this profile will be lost when you log > > off > > > >NM> I have samba-3.0.11 and smbldap-tools-0.8.8. I tryed also samba-3.0.14 > >NM> and smbldap-tools-0-9.1, I have the same problem on Gentoo and on > > Fedora NM> Core4 > > > >NM> my configuration file > > > >NM> smb.conf: > > > >NM> [global] > >NM> workgroup = THEOREMATICA > >NM> netbios name = FERRARI > >NM> enable privileges = yes > >NM> interfaces = 10.88.77.201 > >NM> bind interfaces only = yes > >NM> username map = /etc/samba/smbusers > >NM> server string = Samba PDC Server > >NM> hosts allow = 10.88.77.0/24 127.0.0.0/8 > >NM> security = user > >NM> encrypt passwords = Yes > >NM> min passwd length = 3 > >NM> obey pam restrictions = No > >NM> #unix password sync = Yes > >NM> #passwd program = /usr/sbin/smbldap-passwd -u %u > >NM> #passwd chat = "Changing password for*\nNew password*" %n\n > >NM> "*Retype new password*" %n\n" > >NM> ldap passwd sync = Yes > >NM> log level = 0 > >NM> syslog = 0 > >NM> log file = /var/log/samba/log.%m > >NM> max log size = 100000 > >NM> time server = Yes > >NM> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > >NM> mangling method = hash2 > >NM> Dos charset = 850 > >NM> Unix charset = ISO8859-1 > > > >NM> logon script = STARTUP.BAT > >NM> #logon script = > >NM> #logon drive = H: > >NM> logon drive = > >NM> #logon home = \\%L\%U > >NM> logon home = > >NM> #logon path = \\%L\profiles\%U > >NM> logon path = > > > >NM> domain logons = Yes > >NM> #os level = 65 > >NM> os level = 200 > >NM> preferred master = Yes > >NM> domain master = Yes > >NM> wins support = Yes > >NM> name resolve order = wins lmhosts hosts bcast > >NM> dns proxy = no > >NM> passdb backend = ldapsam:ldap://127.0.0.1/ > >NM> # passdb backend = ldapsam:"ldap://127.0.0.1/ > >NM> ldap://slave.idealx.com" > >NM> # ldap filter = (&(objectclass=sambaSamAccount)(uid=%u)) > >NM> ldap admin dn = cn=Manager,dc=theorematica,dc=it > >NM> ldap suffix = dc=theorematica,dc=it > >NM> ldap group suffix = ou=Groups > >NM> ldap user suffix = ou=Users > >NM> ldap machine suffix = ou=Computers > >NM> ldap idmap suffix = ou=Users > >NM> #ldap ssl = start tls > >NM> add user script = /usr/sbin/smbldap-useradd -m "%u" > >NM> ldap delete dn = Yes > >NM> #delete user script = /usr/sbin/smbldap-userdel "%u" > >NM> add machine script = /usr/sbin/smbldap-useradd -w "%u" > >NM> add group script = /usr/sbin/smbldap-groupadd -p "%g" > >NM> #delete group script = /usr/sbin/smbldap-groupdel "%g" > >NM> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" > > "%g" NM> delete user from group script = > > /usr/sbin/smbldap-groupmod -x NM> "%u" "%g" > >NM> set primary group script = /usr/sbin/smbldap-usermod -g "%g" > > "%u" > > > >NM> # printers configuration > >NM> printer admin = @"Print Operators" > >NM> load printers = Yes > >NM> create mask = 0640 > >NM> directory mask = 0750 > >NM> nt acl support = No > >NM> printing = cups > >NM> printcap name = cups > >NM> deadtime = 10 > >NM> guest account = nobody > >NM> map to guest = Bad User > >NM> dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd > >NM> show add printer wizard = yes > >NM> ; to maintain capital letters in shortcuts in any of the profile > > folders: NM> preserve case = yes > >NM> short preserve case = yes > >NM> case sensitive = no > > > >NM> [homes] > >NM> comment = Directory personale di %U, %u > >NM> read only = No > >NM> create mask = 0644 > >NM> directory mask = 0775 > >NM> browseable = No > > > >NM> [netlogon] > >NM> path = /var/lib/samba/netlogon > >NM> browseable = No > >NM> read only = yes > > > >NM> [doc] > >NM> path=/usr/share/doc > >NM> public=yes > >NM> writable=no > >NM> read only=no > >NM> create mask = 0750 > >NM> guest ok = Yes > > > >NM> [profiles] > >NM> path = /var/lib/samba/profiles > >NM> writable = yes > >NM> create mask = 0600 > >NM> directory mask = 0700 > >NM> # browseable = no > >NM> # default case = lower > >NM> # preserve case = no > >NM> # short preserve case = no > >NM> # case sensitive = no > >NM> # hide files = /desktop.ini/ntuser.ini/NTUSER.*/ > >NM> # guest ok = no > >NM> #profile acls = Yes > >NM> # profile acls = No > >NM> # csc policy = disable > >NM> # next line is a great way to secure the profiles > >NM> # force user = %U > >NM> # next line allows administrator to access all profiles > >NM> #valid users = %U @"Domain Admins" > >NM> #valid users = %U > >NM> #root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e > >NM> $PROFILE ]; then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi > > > >NM> I tryed most combinations of the commented options in profiles section > > > >NM> ls -la /var/lib/samba/profiles/ > >NM> total 0 > >NM> drwxr-x--- 4 root root 96 Jul 11 18:51 . > >NM> drwxr-xr-x 6 root root 144 Jun 23 21:16 .. > >NM> drwx------ 2 nicola Domain Users 48 Jul 11 18:20 nicola > >NM> drwx------ 2 test Domain Users 48 Jul 11 17:54 test > > > >NM> please some suggestions, > > > >NM> thanks > >NM> Nicola -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba