RE: [Samba] Netlogon, roming profiles in samba(PDC)-ldap
Suresh, A little cheat however being that most of my notes are from this section, if you goto http://wiki.samba.org/index.php/Samba_%26_Windows_Profiles This helps you with creating essentially a roaming profile. Some other usefull goodies in there as well. Thanks Dave > -Original Message- > From: SURESH BOLLU [mailto:[EMAIL PROTECTED] > Sent: 31 January 2007 04:59 > To: Ellison, David > Subject: RE: [Samba] Netlogon, roming profiles in samba(PDC)-ldap > > thanks for the help, > and i am waiting for ur reply, > Regards, > Suresh Bollu > > > --- "Ellison, David" <[EMAIL PROTECTED]> > wrote: > > > There is a way to do this, I'll have a dig. There is > > some documentation > > some on that, quite usefull. Give me an hour or so > > and I will have a > > look. > > > > Cheers > > > > Dave > > > > > -Original Message- > > > From: > > > > > > [EMAIL PROTECTED] > > > > > > > > [mailto:[EMAIL PROTECTED] > > > ba.org] On Behalf Of suresh bollu > > > Sent: 30 January 2007 13:57 > > > To: samba@lists.samba.org > > > Subject: [Samba] Netlogon, roming profiles in > > samba(PDC)-ldap > > > > > > for my organaization i configured a Samba PDC, > > Samba-LDAP, > > > with the following configuration > > > > > > my server is running fedora core 5, all my clients > > are windows XP, > > > > > > my problem is when i login to the domain through > > windows xp > > > client each time the profile is refreshing, i want > > to save > > > the profile in server and retrive it when i login > > again. > > > > > > please healp me out to get out of this problem, > > > > > > Regards, > > > > > > Suresh Bollu > > > > > > > > > *smb.conf* > > > > > > > > > [global] > > > > > > workgroup = QVANTELIN > > > > > > netbios name = box1 > > > > > > interfaces = eth1, lo > > > > > > username map = /etc/samba/smbusers > > > > > > server string = Samba Server %v > > > > > > security = user > > > > > > encrypt passwords = Yes > > > > > > obey pam restrictions = No > > > > > > unix password sync = Yes > > > > > > passwd program = /usr/sbin/smbldap-passwd -u "%u" > > > > > > passwd chat = "Changing password for *\nNew > > password*" %n\n > > > "*Retype new password*" %n\n" > > > > > > ldap password sync = Yes > > > > > > log level = 0 > > > > > > syslog = 0 > > > > > > log file = /var/log/samba/log.%m > > > > > > max log size = 10 > > > > > > time server = Yes > > > > > > socket options = TCP_NODELAY SO_RCVBUF=8192 > > SO_SNDBUF=8192 > > > > > > mangling method = hash2 > > > > > > Dos charset = 850 > > > > > > Unix charset = ISO8859-1 > > > > > > logon script = startup.bat > > > > > > #logon drive = F: > > > > > > logon home = > > > > > > logon path = > > > > > > domain logons = Yes > > > > > > os level = 65 > > > > > > preferred master = Yes > > > > > > domain master = Yes > > > > > > wins support = Yes > > > > > > passdb backend = ldapsam:ldap://192.168.1.10 > > > > > > ldap admin dn= cn=Manager,dc=qvantelin,dc=com > > > > > > ldap suffix = dc=qvantelin,dc=com > > > > > > ldap group suffix = ou=Group > > > > > > ldap user suffix = ou=People > > > > > > ldap machine suffix = ou=machines > > > > > > ldap idmap suffix = ou=Users > > > > > > #ldap ssl = start tls > > > > > > add user script = /usr/sbin/smbldap-useradd -m > > "%u" > > > > > > ldap delete dn = Yes > > > > > > #delete user script = /usr/sbin/smbldap-userdel > > "%u" > > > > > > add machine script = /usr/sbin/smbldap-useradd -w > > "%u" > > > > > > add group script = /usr/sbin/smbldap-groupadd -p > > "%g" > > > > > > #delete group script = /usr/sbin/smbldap-groupd
RE: [Samba] Netlogon, roming profiles in samba(PDC)-ldap
There is a way to do this, I'll have a dig. There is some documentation some on that, quite usefull. Give me an hour or so and I will have a look. Cheers Dave > -Original Message- > From: > [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > ba.org] On Behalf Of suresh bollu > Sent: 30 January 2007 13:57 > To: samba@lists.samba.org > Subject: [Samba] Netlogon, roming profiles in samba(PDC)-ldap > > for my organaization i configured a Samba PDC, Samba-LDAP, > with the following configuration > > my server is running fedora core 5, all my clients are windows XP, > > my problem is when i login to the domain through windows xp > client each time the profile is refreshing, i want to save > the profile in server and retrive it when i login again. > > please healp me out to get out of this problem, > > Regards, > > Suresh Bollu > > > *smb.conf* > > > [global] > > workgroup = QVANTELIN > > netbios name = box1 > > interfaces = eth1, lo > > username map = /etc/samba/smbusers > > server string = Samba Server %v > > security = user > > encrypt passwords = Yes > > obey pam restrictions = No > > unix password sync = Yes > > passwd program = /usr/sbin/smbldap-passwd -u "%u" > > passwd chat = "Changing password for *\nNew password*" %n\n > "*Retype new password*" %n\n" > > ldap password sync = Yes > > log level = 0 > > syslog = 0 > > log file = /var/log/samba/log.%m > > max log size = 10 > > time server = Yes > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > mangling method = hash2 > > Dos charset = 850 > > Unix charset = ISO8859-1 > > logon script = startup.bat > > #logon drive = F: > > logon home = > > logon path = > > domain logons = Yes > > os level = 65 > > preferred master = Yes > > domain master = Yes > > wins support = Yes > > passdb backend = ldapsam:ldap://192.168.1.10 > > ldap admin dn= cn=Manager,dc=qvantelin,dc=com > > ldap suffix = dc=qvantelin,dc=com > > ldap group suffix = ou=Group > > ldap user suffix = ou=People > > ldap machine suffix = ou=machines > > ldap idmap suffix = ou=Users > > #ldap ssl = start tls > > add user script = /usr/sbin/smbldap-useradd -m "%u" > > ldap delete dn = Yes > > #delete user script = /usr/sbin/smbldap-userdel "%u" > > add machine script = /usr/sbin/smbldap-useradd -w "%u" > > add group script = /usr/sbin/smbldap-groupadd -p "%g" > > #delete group script = /usr/sbin/smbldap-groupdel "%g" > > add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" > > delete user from group script = /usr/sbin/smbldap-groupmod -x > "%u" "%g" > > set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" > > [homes] > > comment = Home Directories > > valid users = %S > > writable = yes > > create mask = 0664 > > directory mask = 0775 > > browseable = yes > > [netlogon] > > comment = Network Logon Service > > path = /home/samba/netlogon > > guest ok = Yes > > [profiles] > > path = /home/samba/profiles > > writable = yes > > writable = yes > > Browseable = yes > > create mode = 0644 > > directory mode = 0755 > > [printers] > > comment = All Printers > > path = /var/spool/samba > > printable = Yes > > browseable = No > > > > *smbldap.conf* > > > > # $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ > > # $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $ > > # > > # smbldap-tools.conf : Q & D configuration file for smbldap-tools > > # This code was developped by IDEALX (http://IDEALX.org/) and > > # contributors (their names can be found in the CONTRIBUTORS file). > > # > > # Copyright (C) 2001-2002 IDEALX > > # > > # This program is free software; you can redistribute it and/or > > # modify it under the terms of the GNU General Public License > > # as published by the Free Software Foundation; either version 2 > > # of the License, or (at your option) any later version. > > # > > # This program is distributed in the hope that it will be useful, > > # but WITHOUT ANY WARRANTY; without even the implied warranty of > > # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > > # GNU General Public License for more details. > > # >
[Samba] Netlogon, roming profiles in samba(PDC)-ldap
for my organaization i configured a Samba PDC, Samba-LDAP, with the following configuration my server is running fedora core 5, all my clients are windows XP, my problem is when i login to the domain through windows xp client each time the profile is refreshing, i want to save the profile in server and retrive it when i login again. please healp me out to get out of this problem, Regards, Suresh Bollu *smb.conf* [global] workgroup = QVANTELIN netbios name = box1 interfaces = eth1, lo username map = /etc/samba/smbusers server string = Samba Server %v security = user encrypt passwords = Yes obey pam restrictions = No unix password sync = Yes passwd program = /usr/sbin/smbldap-passwd -u "%u" passwd chat = "Changing password for *\nNew password*" %n\n "*Retype new password*" %n\n" ldap password sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 10 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = startup.bat #logon drive = F: logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://192.168.1.10 ldap admin dn= cn=Manager,dc=qvantelin,dc=com ldap suffix = dc=qvantelin,dc=com ldap group suffix = ou=Group ldap user suffix = ou=People ldap machine suffix = ou=machines ldap idmap suffix = ou=Users #ldap ssl = start tls add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" [homes] comment = Home Directories valid users = %S writable = yes create mask = 0664 directory mask = 0775 browseable = yes [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = Yes [profiles] path = /home/samba/profiles writable = yes writable = yes Browseable = yes create mode = 0644 directory mode = 0755 [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No *smbldap.conf* # $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ # $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $ # # smbldap-tools.conf : Q & D configuration file for smbldap-tools # This code was developped by IDEALX (http://IDEALX.org/) and # contributors (their names can be found in the CONTRIBUTORS file). # # Copyright (C) 2001-2002 IDEALX # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, # USA. # Purpose : # . be the configuration file for all smbldap-tools scripts ## # # General Configuration # ## #UID and GID starting at... UID_START="1000" GID_START="1000" # Put your own SID. To obtain this number do: "net getlocalsid". # If not defined, parameter is taking from "net getlocalsid" return SID="S-1-5-21-2118587481-1440970363-3314129951" # Domain name the Samba server is in charged. # If not defined, parameter is taking from smb.conf configuration file # Ex: sambaDomain="IDEALX-NT" #sambaDomain="QVANTELIN" ## # # LDAP Configuration # ## # Notes: to use to dual ldap servers backend for Samba, you must patch # Samba with the dual-head patch from IDEALX. If not using this patch # just use the same server for slaveLDAP and masterLDAP. # Those two servers declarations can also be used when you have # . one master LDAP server where all writing operations must be done # . one slave LDAP server where all reading operations must be done # (typically a replication directory) # Slave LDAP server # Ex: slaveLDAP=127.0.0.1 # If not defined, parameter is set to "127.0.0.1" sl