Re: URGENT: Samba Won't Substitute %u In "Logon *" When LDAP Is Used
Version: 3.0.14a (debian stable: 3sarge1)
I just upgraded to 3.0.22 (debian "testing") and have the same problem.
I could really use some help on this one!!!
(I'm not currently subscribed to this list, so please CC me on any
replies -- Thanks!)
I'm just about finished converting our company's network from NIS to
LDAP. Part of that involved updating Samba to use that same directory
so all the information is maintained in one place.
Most everything is good, except that my roaming profiles won't work. My
smb.conf file is attached.
Upping the log level eventually showed messages like this:
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(108)
unix_convert called on file "%u"
[2006/05/22 15:16:29, 10] smbd/statcache.c:stat_cache_lookup(210)
stat_cache_lookup: lookup failed for name [%U]
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(175)
unix_convert begin: name = %u, dirpath = , start = %u
I traced this to the "logon path" configuration item. Samba is choosing
the value from the smb.conf file because I don't have these values set
within the LDAP directory; I just want to use the default generated one.
However, it semes that Samba is NOT substituting the "%u" in this case
even though it was when LDAP was not in use. At least "logon path" and
"logon home" are affected; maybe more.
To verify, I manually changed every "%u" in the smb.conf file to
"bcwhite" and then I can log on with my profile and home directory just
fine. An okay solution for me, but the rest of my users might complain.
Since my users are expecting to return tomorrow (after a long weekend)
and use their WinXP machines, I'd appreciate it if someone can shed some
light on this problem asap.
Thanks much!!!
Brian
( [EMAIL PROTECTED] )
;
; $Id: smb.conf,v 1.7 2006/05/22 19:09:28 bcwhite Exp $
;
[global]
printing = cups
printcap = cups
load printers = yes
guest account = guest
invalid users = root
dont descend = /proc,/dev
unix extensions = no
bind interfaces only = no
interfaces = eth1 eth2
netbios aliases = titan share shell profiles
; don't risk problems with buggy dos programs (Visual C++) getting wrong
timestamp
dos filetime resolution = yes
; "security = user" is always a good idea. This will require a Unix account
; in this server for every user accessing the server.
security = user
; Change this for the workgroup your Samba server will part of
workgroup = precidia
server string = %h Server (Samba %v)
; If you want Samba to log though syslog only then set the following
; parameter to 'yes'. Please note that logging through syslog in
; Samba is still experimental.
syslog only = no
; We want Samba to log a minimum amount of information to syslog. Everything
; should go to /var/log/{smb,nmb} instead. If you want to log through
; syslog you should set the following parameter to something higher.
syslog = 0;
; This socket options really speed up Samba under Linux, according to my
; own tests.
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096
SO_RCVBUF=4096
; Passwords are encrypted by default. This way the latest Windows 95 and NT
; clients can connect to the Samba server with no problems.
encrypt passwords = yes
passdb backend = ldapsam:ldap://localhost
; It's always a good idea to use a WINS server. If you want this server
; to be the WINS server for your network change the following parameter
; to "yes". Otherwise leave it as "no" and specify your WINS server
; below (note: only one Samba server can be the WINS server).
; Read BROWSING.txt for more details.
wins support = yes
; If this server is not the WINS server then specify who is it and uncomment
; next line.
; wins server = 172.16.0.10
; Please read BROWSING.txt and set the next four parameters according
; to your network setup.
os level = 99
local master = yes
preferred master = yes
; Domain stuff
domain master = yes
domain logons = yes
;; domain group map = /etc/samba/domain-group.map
;; domain user map = /etc/samba/domain-user.map
;; local group map = /etc/samba/local-group.map
logon path = \\profiles\profiles\%u
logon home = \\shell\%u
logon drive = u:
logon script = logon.bat
;; add user script = /etc/samba/addhost %u
; What naming service and in what order should we use to resolve host names
; to IP addresses
name resolve order = host bcast
; This will enable nmbd to search for NetBIOS names through DNS.
dns proxy = yes
; Name mangling options
preserve case = yes
short preserve case = yes
mangled names = yes
mangle prefix = 5
mangling method = hash
; LDAP
URGENT: Samba Won't Substitute %u In "Logon *" When LDAP Is Used
Version: 3.0.14a (debian stable: 3sarge1)
(I'm not currently subscribed to this list, so please CC me on any
replies -- Thanks!)
I'm just about finished converting our company's network from NIS to
LDAP. Part of that involved updating Samba to use that same directory
so all the information is maintained in one place.
Most everything is good, except that my roaming profiles won't work. My
smb.conf file is attached.
Upping the log level eventually showed messages like this:
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(108)
unix_convert called on file "%u"
[2006/05/22 15:16:29, 10] smbd/statcache.c:stat_cache_lookup(210)
stat_cache_lookup: lookup failed for name [%U]
[2006/05/22 15:16:29, 5] smbd/filename.c:unix_convert(175)
unix_convert begin: name = %u, dirpath = , start = %u
I traced this to the "logon path" configuration item. Samba is choosing
the value from the smb.conf file because I don't have these values set
within the LDAP directory; I just want to use the default generated one.
However, it semes that Samba is NOT substituting the "%u" in this case
even though it was when LDAP was not in use. At least "logon path" and
"logon home" are affected; maybe more.
To verify, I manually changed every "%u" in the smb.conf file to
"bcwhite" and then I can log on with my profile and home directory just
fine. An okay solution for me, but the rest of my users might complain.
Since my users are expecting to return tomorrow (after a long weekend)
and use their WinXP machines, I'd appreciate it if someone can shed some
light on this problem asap.
Thanks much!!!
Brian
( [EMAIL PROTECTED] )
---
Until we are first independent, we cannot be interdependent.
;
; $Id: smb.conf,v 1.7 2006/05/22 19:09:28 bcwhite Exp $
;
[global]
printing = cups
printcap = cups
load printers = yes
guest account = guest
invalid users = root
dont descend = /proc,/dev
unix extensions = no
bind interfaces only = no
interfaces = eth1 eth2
netbios aliases = titan share shell profiles
; don't risk problems with buggy dos programs (Visual C++) getting wrong
timestamp
dos filetime resolution = yes
; "security = user" is always a good idea. This will require a Unix account
; in this server for every user accessing the server.
security = user
; Change this for the workgroup your Samba server will part of
workgroup = precidia
server string = %h Server (Samba %v)
; If you want Samba to log though syslog only then set the following
; parameter to 'yes'. Please note that logging through syslog in
; Samba is still experimental.
syslog only = no
; We want Samba to log a minimum amount of information to syslog. Everything
; should go to /var/log/{smb,nmb} instead. If you want to log through
; syslog you should set the following parameter to something higher.
syslog = 0;
; This socket options really speed up Samba under Linux, according to my
; own tests.
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096
SO_RCVBUF=4096
; Passwords are encrypted by default. This way the latest Windows 95 and NT
; clients can connect to the Samba server with no problems.
encrypt passwords = yes
passdb backend = ldapsam:ldap://localhost
; It's always a good idea to use a WINS server. If you want this server
; to be the WINS server for your network change the following parameter
; to "yes". Otherwise leave it as "no" and specify your WINS server
; below (note: only one Samba server can be the WINS server).
; Read BROWSING.txt for more details.
wins support = yes
; If this server is not the WINS server then specify who is it and uncomment
; next line.
; wins server = 172.16.0.10
; Please read BROWSING.txt and set the next four parameters according
; to your network setup.
os level = 99
local master = yes
preferred master = yes
; Domain stuff
domain master = yes
domain logons = yes
;; domain group map = /etc/samba/domain-group.map
;; domain user map = /etc/samba/domain-user.map
;; local group map = /etc/samba/local-group.map
logon path = \\profiles\profiles\%u
logon home = \\shell\%u
logon drive = u:
logon script = logon.bat
;; add user script = /etc/samba/addhost %u
; What naming service and in what order should we use to resolve host names
; to IP addresses
name resolve order = host bcast
; This will enable nmbd to search for NetBIOS names through DNS.
dns proxy = yes
; Name mangling options
preserve case = yes
short preserve case = yes
mangled names = yes
mangle prefix = 5
mangling method = hash
; LDAP settings
ldap admin dn = uid=samb
