Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
at all. However, he indicated in his post that doing it that way might cause a setting or two to get left out. It is conceivable that Most of the issues are application level things that you can't reasonably expect it to migrate, like say Mozilla data folders in the prefs.js files, and other things of the type that have file based settings. HOWEVER, I still toss a YMMV on it because I haven't played with a migrated profile that much. As a developer, my profiles are so screwed up that I usually just rebuild them... oh wait, I'm using one now... works pretty good ;) -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] - The information contained in this message is privileged and intended only for the recipient names. If the reader is not a representative of the intended recipient, any review, dissemination or copying of this message or the information it contains is prohibited. If you have received this message in error, please immediately notify the sender, and delete the original message and attachments. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
> > >(1) Log in as a local administrator on one of the XP clients > > >(2) Create a temporary user, eg test_user1 > > >(3) System Properties->Advanced->User Profiles:Settings button > > >(4) Choose the profile you're trying to migrate and click Copy To > > Is there similar functionality anywhere in W2K Pro, or some other > series of steps that would work? Must be on crack..."Copy To" right there in System Properties -> User Profiles in W2K Pro. -- Awful Hack [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
> I just don't know how to find out what the old sid is you're looking > for. I've heard there's a tool on sysinternals.com to do just that > though, so maybe there's good luck there. If you're lucky, then like me you'll have old Samba .tdb files to run "net getlocalsid" on. If not, you may be able to get the SID by looking in the registry under HKEY_USERS. > > On Wed, 29 Sep 2004 17:27:46 -0500, Misty Stanley-Jones > <[EMAIL PROTECTED]> wrote: > > Wow, this does seem long. Mainly all I want to know is why I can't change my > > user's profile type from local to roaming, or copy it, or anything. This is > > when I'm logged in as administrator or a domain administrator or anyone. I > > know that it's a problem with Windows, not with Samba. But I can't even get > > the NTUSER.DAT into an appropriate place to run the really cool looking > > 'profiles' command on it. > > > > Misty > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- Awful Hack [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
Truthfully I don't really suspect Paul's way would cause any problems at all. However, he indicated in his post that doing it that way might cause a setting or two to get left out. It is conceivable that since you're importing a fully populated profile as a default profile, windows might opt to leave out a thing or two that couldn't possibly be part of a clean default profile. who knows. you'd have to give it a try. He says it works for him though. The reason i did it the way I did is because each time you transfer the profile from one user to another you're letting windows do it gracefully rather than let the profile "heal" itself out the default profile folder. that way the user never knows the difference--it "thinks" the profile was there all along. Again, it probably doesn't make a difference, but I only had two users so the extra steps were reasonable. As far as win2k, it's been awhile since I ran it at home, and I wasn't messing with profiles then, so I can't speak to that issue. The other way to do it would be to manually copy the entire profile directory over the network to your [profiles] share and set the permissions & owner on it. then give samba's profiles command a whirl on ntuser.dat. I wasn't able to try it because I couldn't find the profiles command on my system. good luck zach On Wed, 29 Sep 2004 16:34:13 -0700, Awful Hack <[EMAIL PROTECTED]> wrote: > > BTW, what problems do you think might crop up with Paul's way? I'll > probably have to do something like this shortly, and I'd like to know > what problems I might come across. > > > >(1) Log in as a local administrator on one of the XP clients > > >(2) Create a temporary user, eg test_user1 > > >(3) System Properties->Advanced->User Profiles:Settings button > > >(4) Choose the profile you're trying to migrate and click Copy To > > Is there similar functionality anywhere in W2K Pro, or some other > series of steps that would work? > > Awful Hack > [EMAIL PROTECTED] > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
yeah it was long, but I didn't have the profiles command, plus I didn't know how to figure out the old sid to tell it to replace. for only two users, it really wasn't too bad. if all you want to do is physically get the profile onto the server then run profiles on it to head off any problems, then do what I did to begin with and just manually copy the entire directory over the network. I believe the reason this is considered "bad" is because of the problems presented by ntuser.dat not matching up against the user, but it seems that's what profiles is for. I just don't know how to find out what the old sid is you're looking for. I've heard there's a tool on sysinternals.com to do just that though, so maybe there's good luck there. On Wed, 29 Sep 2004 17:27:46 -0500, Misty Stanley-Jones <[EMAIL PROTECTED]> wrote: > Wow, this does seem long. Mainly all I want to know is why I can't change my > user's profile type from local to roaming, or copy it, or anything. This is > when I'm logged in as administrator or a domain administrator or anyone. I > know that it's a problem with Windows, not with Samba. But I can't even get > the NTUSER.DAT into an appropriate place to run the really cool looking > 'profiles' command on it. > > Misty > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
On Wed, 29 Sep 2004 14:45:17 -0700, Thomas M. Skeren III <[EMAIL PROTECTED]> wrote: > Thanks Zach, but as this project moves forward, doing it the way you did > for 100+ users would likely cause me to eat a bullet. Paul's way may > leave a glitch or too. However maybe this would solve Awful Hack's > problems. As it happens, my problem (could log in and see Desktop folders, but settings for IE and other programs kept reverting to defaults) was caused by a duplicate account on my test box -- two Samba accounts with the same name but different SIDs. Needless to say, it caused a few headaches. :-) (Sorry everyone -- I replied to Thomas directly rather than CCing the list.) BTW, what problems do you think might crop up with Paul's way? I'll probably have to do something like this shortly, and I'd like to know what problems I might come across. > >(1) Log in as a local administrator on one of the XP clients > >(2) Create a temporary user, eg test_user1 > >(3) System Properties->Advanced->User Profiles:Settings button > >(4) Choose the profile you're trying to migrate and click Copy To Is there similar functionality anywhere in W2K Pro, or some other series of steps that would work? Awful Hack [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
Thanks Zach, but as this project moves forward, doing it the way you did for 100+ users would likely cause me to eat a bullet. Paul's way may leave a glitch or too. However maybe this would solve Awful Hack's problems. Cheers TMS III Zach wrote: This worked for me: (1) Log in as a local administrator on one of the XP clients (2) Create a temporary user, eg test_user1 (3) System Properties->Advanced->User Profiles:Settings button (4) Choose the profile you're trying to migrate and click Copy To (5) Pick some temporary directory, eg c:\test (6) Under "Permitted to use, click change, and add your temporary user (7) Click ok and ok again, and wait while the profile is copied to c:\test. Windows has now added test_user1's SID to NTUSER.DAT in c:\test (8) log out and log back in as test_user1, to allow test_user1's profile to be set up. (9) log out and log back in as a local administrator (10) manually copy the contents of c:\test over top of test_1's profile in c:\Documents &...\test_user1\, or the directory where test_user1's profile was created. (11) log out and log back in as test_user1 to verify the profile loads properly (12) log out and log back in as a local admin and repeat steps 3 through 6, except instead of adding test_user1 under "Permitted to use", add your domain user. Allow the profile to be copied to c:\test. Windows has now added the sid for your domain user to NTUSER.DAT (I don't know if the other SIDs are there as well or not). (13) At this point it is vital to make sure the domain user is not logged in on any machine otherwise NTUSER.DAT will be overwritten when they log out. Backup the server copy of NTUSER.DAT (14) copy c:\test\NTUSER.DAT to your server under the appropriate user's profile. (15) log out and log back in as the domain user. It should work. This way worked for me and preserved all of the profile's custmizations. I didn't try the profiles program (see man profiles) because I couldn't find that binary on my system. However this seems to work perfectly. Admittedly if you have more than a few users to migrate, this could be cumbersome. Paul Geinger's suggestion is much fewer steps. Your mileage may vary. Thanks for everyone's help - Original Message - From: Thomas M. Skeren III <[EMAIL PROTECTED]> Date: Wed, 29 Sep 2004 13:17:16 -0700 Subject: Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin To: Zach <[EMAIL PROTECTED]> See Paul Geingers email on this subject. That method works perfectly. WooHoo! Zach wrote: Tom, Can't wait to find out what you learn. In the mean time, a quick google search turned up this: http://www.samba.org/samba/docs/man/profiles.1.html Unfortunately I don't have this package installed on this system, so I don't have the man page or the profiles command right now. On Wed, 29 Sep 2004 10:46:14 -0700, Tom Skeren <[EMAIL PROTECTED]> wrote: Zach wrote: We just experimented with this here at work. As administrator we manually deleted the profile of a user at replaced it with a manual copy of another user's profile, and the problem was reproduced exactly. When we subsquently deleted NTUSER.DAT and logged in again, NTUSER.DAT was rebuilt using the default profile and the profile loaded properly. Evidently the SID recorded in NTUSER.DAT has to match the user's sid or it won't load properly. Good news Zach. I'm off to the office to give it a go myself. Should give a preliminary response by noon PST. Cheers, TMS III -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin SOLVED
This worked for me: (1) Log in as a local administrator on one of the XP clients (2) Create a temporary user, eg test_user1 (3) System Properties->Advanced->User Profiles:Settings button (4) Choose the profile you're trying to migrate and click Copy To (5) Pick some temporary directory, eg c:\test (6) Under "Permitted to use, click change, and add your temporary user (7) Click ok and ok again, and wait while the profile is copied to c:\test. Windows has now added test_user1's SID to NTUSER.DAT in c:\test (8) log out and log back in as test_user1, to allow test_user1's profile to be set up. (9) log out and log back in as a local administrator (10) manually copy the contents of c:\test over top of test_1's profile in c:\Documents &...\test_user1\, or the directory where test_user1's profile was created. (11) log out and log back in as test_user1 to verify the profile loads properly (12) log out and log back in as a local admin and repeat steps 3 through 6, except instead of adding test_user1 under "Permitted to use", add your domain user. Allow the profile to be copied to c:\test. Windows has now added the sid for your domain user to NTUSER.DAT (I don't know if the other SIDs are there as well or not). (13) At this point it is vital to make sure the domain user is not logged in on any machine otherwise NTUSER.DAT will be overwritten when they log out. Backup the server copy of NTUSER.DAT (14) copy c:\test\NTUSER.DAT to your server under the appropriate user's profile. (15) log out and log back in as the domain user. It should work. This way worked for me and preserved all of the profile's custmizations. I didn't try the profiles program (see man profiles) because I couldn't find that binary on my system. However this seems to work perfectly. Admittedly if you have more than a few users to migrate, this could be cumbersome. Paul Geinger's suggestion is much fewer steps. Your mileage may vary. Thanks for everyone's help - Original Message - From: Thomas M. Skeren III <[EMAIL PROTECTED]> Date: Wed, 29 Sep 2004 13:17:16 -0700 Subject: Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin To: Zach <[EMAIL PROTECTED]> See Paul Geingers email on this subject. That method works perfectly. WooHoo! Zach wrote: Tom, Can't wait to find out what you learn. In the mean time, a quick google search turned up this: http://www.samba.org/samba/docs/man/profiles.1.html Unfortunately I don't have this package installed on this system, so I don't have the man page or the profiles command right now. On Wed, 29 Sep 2004 10:46:14 -0700, Tom Skeren <[EMAIL PROTECTED]> wrote: Zach wrote: We just experimented with this here at work. As administrator we manually deleted the profile of a user at replaced it with a manual copy of another user's profile, and the problem was reproduced exactly. When we subsquently deleted NTUSER.DAT and logged in again, NTUSER.DAT was rebuilt using the default profile and the profile loaded properly. Evidently the SID recorded in NTUSER.DAT has to match the user's sid or it won't load properly. Good news Zach. I'm off to the office to give it a go myself. Should give a preliminary response by noon PST. Cheers, TMS III -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Tom, Can't wait to find out what you learn. In the mean time, a quick google search turned up this: http://www.samba.org/samba/docs/man/profiles.1.html Unfortunately I don't have this package installed on this system, so I don't have the man page or the profiles command right now. On Wed, 29 Sep 2004 10:46:14 -0700, Tom Skeren <[EMAIL PROTECTED]> wrote: > Zach wrote: > > >We just experimented with this here at work. As administrator we > >manually deleted the profile of a user at replaced it with a manual > >copy of another user's profile, and the problem was reproduced > >exactly. When we subsquently deleted NTUSER.DAT and logged in again, > >NTUSER.DAT was rebuilt using the default profile and the profile > >loaded properly. Evidently the SID recorded in NTUSER.DAT has to > >match the user's sid or it won't load properly. > > > Good news Zach. I'm off to the office to give it a go myself. Should > give a preliminary response by noon PST. > Cheers, > TMS III > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Zach wrote: We just experimented with this here at work. As administrator we manually deleted the profile of a user at replaced it with a manual copy of another user's profile, and the problem was reproduced exactly. When we subsquently deleted NTUSER.DAT and logged in again, NTUSER.DAT was rebuilt using the default profile and the profile loaded properly. Evidently the SID recorded in NTUSER.DAT has to match the user's sid or it won't load properly. Good news Zach. I'm off to the office to give it a go myself. Should give a preliminary response by noon PST. Cheers, TMS III Now to find out how to repair/rebuild/migrate NTUSER.DAT without losing the user's sid without losing the customizations. Although this has turned out to not really be a Samba problem, I'll post what I find out since this seems to affect several users on the list. Thanks Zach On Wed, 29 Sep 2004 10:00:47 -0700, Craig White <[EMAIL PROTECTED]> wrote: On Tue, 2004-09-28 at 11:18, Stefan Wegner wrote: Craig White schrieb: The 'homes' share should be differentiated from the 'profiles' share if you desire to have expected behavior. Whether this is an absolute requirement or not, I have no idea but I do know that I don't have a problem with roaming profiles and haven't since 2.2.x and it still works on 3.0.x Doesn't make any difference: profile acls = yes in "homes" is the same behaviour asin "profiles" as long as profiles are located under homes. The prob is still the same: user with local adm-rights = complete profile user with User- or Poweruser- rights = reduced profile (background and other settings) Can you switch the local Rights of your Users from User to Admin and then go back to User without loss in the profile ? I have done that but only once. My users are all NOT local admins or power users - they are pretty much unprivileged beyond the local Users. Either way (or even switching to and from local Administrator group) caused no problem with loading the profile. On the samba server(s) - my privileges are different for the homes and profiles directories. my users homes are in... drwxr-xr-x 40 root root 4096 Sep 8 10:50 users and a sample users directory... drwx-- 19 craigusers-all 4096 Aug 29 17:31 craig whereas the profiles... drwxrwsr-x 21 Administrator Domain Users 4096 Sep 9 08:53 profiles and a sample profile directory drwxr-xr-x 13 test Domain Users 4096 Jan 26 2004 test This has not been a problem for me. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
We just experimented with this here at work. As administrator we manually deleted the profile of a user at replaced it with a manual copy of another user's profile, and the problem was reproduced exactly. When we subsquently deleted NTUSER.DAT and logged in again, NTUSER.DAT was rebuilt using the default profile and the profile loaded properly. Evidently the SID recorded in NTUSER.DAT has to match the user's sid or it won't load properly. Now to find out how to repair/rebuild/migrate NTUSER.DAT without losing the user's sid without losing the customizations. Although this has turned out to not really be a Samba problem, I'll post what I find out since this seems to affect several users on the list. Thanks Zach On Wed, 29 Sep 2004 10:00:47 -0700, Craig White <[EMAIL PROTECTED]> wrote: > On Tue, 2004-09-28 at 11:18, Stefan Wegner wrote: > > Craig White schrieb: > > > > > The 'homes' share should be differentiated from the 'profiles' share if > > > you desire to have expected behavior. Whether this is an absolute > > > requirement or not, I have no idea but I do know that I don't have a > > > problem with roaming profiles and haven't since 2.2.x and it still works > > > on 3.0.x > > > > Doesn't make any difference: profile acls = yes > > in "homes" is the same behaviour asin "profiles" as long as profiles are > > located under homes. > > > > The prob is still the same: > > user with local adm-rights = complete profile > > user with User- or Poweruser- rights = reduced profile (background and > > other settings) > > > > Can you switch the local Rights of your Users from User to Admin and > > then go back to User without loss in the profile ? > > I have done that but only once. My users are all NOT local admins or > power users - they are pretty much unprivileged beyond the local Users. > Either way (or even switching to and from local Administrator group) > caused no problem with loading the profile. > > On the samba server(s) - my privileges are different for the homes and > profiles directories. > > my users homes are in... > drwxr-xr-x 40 root root 4096 Sep 8 10:50 users > and a sample users directory... > drwx-- 19 craigusers-all 4096 Aug 29 17:31 craig > > whereas the profiles... > > drwxrwsr-x 21 Administrator Domain Users 4096 Sep 9 08:53 > profiles > and a sample profile directory > drwxr-xr-x 13 test Domain Users 4096 Jan 26 2004 test > > This has not been a problem for me. > > Craig > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
On Tue, 2004-09-28 at 11:18, Stefan Wegner wrote: > Craig White schrieb: > > > The 'homes' share should be differentiated from the 'profiles' share if > > you desire to have expected behavior. Whether this is an absolute > > requirement or not, I have no idea but I do know that I don't have a > > problem with roaming profiles and haven't since 2.2.x and it still works > > on 3.0.x > > Doesn't make any difference: profile acls = yes > in "homes" is the same behaviour asin "profiles" as long as profiles are > located under homes. > > The prob is still the same: > user with local adm-rights = complete profile > user with User- or Poweruser- rights = reduced profile (background and > other settings) > > Can you switch the local Rights of your Users from User to Admin and > then go back to User without loss in the profile ? I have done that but only once. My users are all NOT local admins or power users - they are pretty much unprivileged beyond the local Users. Either way (or even switching to and from local Administrator group) caused no problem with loading the profile. On the samba server(s) - my privileges are different for the homes and profiles directories. my users homes are in... drwxr-xr-x 40 root root 4096 Sep 8 10:50 users and a sample users directory... drwx-- 19 craigusers-all 4096 Aug 29 17:31 craig whereas the profiles... drwxrwsr-x 21 Administrator Domain Users 4096 Sep 9 08:53 profiles and a sample profile directory drwxr-xr-x 13 test Domain Users 4096 Jan 26 2004 test This has not been a problem for me. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Okay, sorry, it *is* starting to get a bit muddy. To clear it up: If a domain user is added to the Administrators group on the client (ie local) win xp mahine, then their is no problem. If the user is *not* part of the local Administrators group then the profile doesn't load properly. So: Domain: CIVILIZATION samba PDC: BABYLON Win XP client: TROY Domain user: Zach Local user: local_user If CILIVLIZATION\Zach is added to TROY\Administrators, then no problem. If CILIVLIZATION\Zach is removed from TROY\Administrators, then profile doesn't load properly, even if CILIVLIZATION\Zach is a member of TROY\Power Users or TROY\Users, etc. (This applies to other domain users as well, not just Zach). Further, when TROY\local_user, logs on to TROY, then no problem, regardless of group membership. Hope this doesn't muddy things up further. I know there are others out there exibiting this same problem. Surely there's someone who's seen it & solved it. Thanks Zach On Wed, 29 Sep 2004 17:40:06 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: > ok, just to make it clean. > what do You mean by "Local admins" ? > > 1) domain user (or domain group, or even "Everyone" added to local > group Administrators ? > > 2) local user added to local group Administrators ? > > > > > Power Users is what I'm trying. It seems that anything other than > > Administrators has this problem > > > > > > On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine > > <[EMAIL PROTECTED]> wrote: > > > >> maybe You should try "Power Users" instead of Local admin. > >> > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
ok, just to make it clean. what do You mean by "Local admins" ? 1) domain user (or domain group, or even "Everyone" added to local group Administrators ? 2) local user added to local group Administrators ? Power Users is what I'm trying. It seems that anything other than Administrators has this problem On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: maybe You should try "Power Users" instead of Local admin. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Unfortunately I don't have access to the SAMBA PDC (or win xp clients) right now. However the machine I'm on (RH9) has samba 2.2.x. I looked up smb.conf on this machine and the man page for smb.conf isn't explicit about where profile acls = yes should go. However, it does list profile acls under service parameters vs. global parameters. Based on that, it seems like profile acls should not go under [global]. However, I'll try anything so later today, I'll give it a try and see if it works. If anyone else following this thread gives it a try before then, let us know how it works. I'll post my smb.conf (as of last night) again below. [global] netbios name = BABYLON workgroup = CIVILIZATION browseable = no server string = Samba Server log file = /var/log/samba/smbd.log max log size = 50 security = user smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = \ *password* %n\n \ *password* %n\n \ *successfully* username map = /etc/samba/smbusers # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U logon drive = M: logon home = \\%L\%U logon script = logon.cmd wins support = yes dns proxy = no [homes] comment = Home Directories path = /home/samba/share/%U writeable = yes create mode = 0600 directory mode = 0740 browseable = No [netlogon] comment = Network Logon Service path = /home/samba/netlogon browseable = no [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes#added this line last night to no avail [share] path = /home/samba/share writeable = yes guest ok = no create mode = 0660 directory mode = 0770 browseable = yes On Wed, 29 Sep 2004 13:13:14 +0200, Xavier <[EMAIL PROTECTED]> wrote: > I not had this problem , > samba 3.0.4 > > but I putted the line : > profile acls = Yes > in the GLOBAL section of smb.conf (not in the [profile] section) > > XP > > Selon Zach <[EMAIL PROTECTED]>: > > > > > Power Users is what I'm trying. It seems that anything other than > > Administrators has this problem > > > > > > On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine > > <[EMAIL PROTECTED]> wrote: > > > > > maybe You should try "Power Users" instead of Local admin. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Unfortunately I don't have access to the SAMBA PDC (or win xp clients) right now. However the machine I'm on (RH9) has samba 2.2.x. I looked up smb.conf on this machine and the man page for smb.conf isn't explicit about where profile acls = yes should go. However, it does list profile acls under service parameters vs. global parameters. Based on that, it seems like profile acls should not go under [global]. However, I'll try anything so later today, I'll give it a try and see if it works. If anyone else following this thread gives it a try before then, let us know how it works. I'll post my smb.conf (as of last night) again below. [global] netbios name = BABYLON workgroup = CIVILIZATION browseable = no server string = Samba Server log file = /var/log/samba/smbd.log max log size = 50 security = user smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = \ *password* %n\n \ *password* %n\n \ *successfully* username map = /etc/samba/smbusers # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U logon drive = M: logon home = \\%L\%U logon script = logon.cmd wins support = yes dns proxy = no [homes] comment = Home Directories path = /home/samba/share/%U writeable = yes create mode = 0600 directory mode = 0740 browseable = No [netlogon] comment = Network Logon Service path = /home/samba/netlogon browseable = no [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes [share] path = /home/samba/share writeable = yes guest ok = no create mode = 0660 directory mode = 0770 browseable = yes On Wed, 29 Sep 2004 13:13:14 +0200, Xavier <[EMAIL PROTECTED]> wrote: > I not had this problem , > samba 3.0.4 > > but I putted the line : > profile acls = Yes > in the GLOBAL section of smb.conf (not in the [profile] section) > > XP > > Selon Zach <[EMAIL PROTECTED]>: > > > > > Power Users is what I'm trying. It seems that anything other than > > Administrators has this problem > > > > > > On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine > > <[EMAIL PROTECTED]> wrote: > > > > > maybe You should try "Power Users" instead of Local admin. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
I not had this problem , samba 3.0.4 but I putted the line : profile acls = Yes in the GLOBAL section of smb.conf (not in the [profile] section) XP Selon Zach <[EMAIL PROTECTED]>: > Power Users is what I'm trying. It seems that anything other than > Administrators has this problem > > > On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine > <[EMAIL PROTECTED]> wrote: > > > maybe You should try "Power Users" instead of Local admin. > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- Xavier mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Power Users is what I'm trying. It seems that anything other than Administrators has this problem On Wed, 29 Sep 2004 09:44:33 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: > maybe You should try "Power Users" instead of Local admin. > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Same results for me. I added the profile acls = yes to my smb.conf under [profiles] with no result. I even deleted the profile from the client machine and allowed it to reload upon next login. Same result. When the user isn't admin on the local machine, the profile doesn't load properly. maybe You should try "Power Users" instead of Local admin. I have read that having homes & profiles coexisting in the same directory is bad juju. Here are my profiles and homes sections: [homes] comment = Home Directories path = /home/samba/share/%U writeable = yes create mode = 0600 directory mode = 0740 browseable = No [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes On Tue, 28 Sep 2004 11:38:52 -0700, Tom Skeren <[EMAIL PROTECTED]> wrote: Craig White wrote: On Tue, 2004-09-28 at 09:40, Stefan Wegner wrote: Tom Skeren schrieb: ... I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: Entering the Domain wit Admin-rights everything is fine (complete local settings, etc.) As soon as i make this User a (local)User or Poweruser, i get a reduced profile from the server although i still have profile acls = yes in my "homes" section (where the profiles are stored) Does this has to be under the section "profiles" ? You are not alone and i'm very interested to get a solution as well, cause i don't want to have Admin rights all the time. Anyone has got the trick ? The 'homes' share should be differentiated from the 'profiles' share if you desire to have expected behavior. Yep, I have a seperate share called [Profiles] in smb.conf. Whether this is an absolute requirement or not, I have no idea but I do know that I don't have a problem with roaming profiles and haven't since 2.2.x and it still works on 3.0.x Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Same results for me. I added the profile acls = yes to my smb.conf under [profiles] with no result. I even deleted the profile from the client machine and allowed it to reload upon next login. Same result. When the user isn't admin on the local machine, the profile doesn't load properly. I have read that having homes & profiles coexisting in the same directory is bad juju. Here are my profiles and homes sections: [homes] comment = Home Directories path = /home/samba/share/%U writeable = yes create mode = 0600 directory mode = 0740 browseable = No [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes On Tue, 28 Sep 2004 11:38:52 -0700, Tom Skeren <[EMAIL PROTECTED]> wrote: > Craig White wrote: > > >On Tue, 2004-09-28 at 09:40, Stefan Wegner wrote: > > > > > >>Tom Skeren schrieb: > >>... > >> > >>I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: > >>Entering the Domain wit Admin-rights everything is fine (complete local > >>settings, etc.) > >>As soon as i make this User a (local)User or Poweruser, i get a reduced > >>profile from the server although i still have > >>profile acls = yes > >>in my "homes" section (where the profiles are stored) > >>Does this has to be under the section "profiles" ? > >> > >>You are not alone and i'm very interested to get a solution as well, > >>cause i don't want to have Admin rights all the time. > >> > >>Anyone has got the trick ? > >> > >> > > > >The 'homes' share should be differentiated from the 'profiles' share if > >you desire to have expected behavior. > > > Yep, I have a seperate share called [Profiles] in smb.conf. > > > > >Whether this is an absolute > >requirement or not, I have no idea but I do know that I don't have a > >problem with roaming profiles and haven't since 2.2.x and it still works > >on 3.0.x > > > >Craig > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Craig White wrote: On Tue, 2004-09-28 at 09:40, Stefan Wegner wrote: Tom Skeren schrieb: ... I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: Entering the Domain wit Admin-rights everything is fine (complete local settings, etc.) As soon as i make this User a (local)User or Poweruser, i get a reduced profile from the server although i still have profile acls = yes in my "homes" section (where the profiles are stored) Does this has to be under the section "profiles" ? You are not alone and i'm very interested to get a solution as well, cause i don't want to have Admin rights all the time. Anyone has got the trick ? The 'homes' share should be differentiated from the 'profiles' share if you desire to have expected behavior. Yep, I have a seperate share called [Profiles] in smb.conf. Whether this is an absolute requirement or not, I have no idea but I do know that I don't have a problem with roaming profiles and haven't since 2.2.x and it still works on 3.0.x Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Craig White schrieb: The 'homes' share should be differentiated from the 'profiles' share if you desire to have expected behavior. Whether this is an absolute requirement or not, I have no idea but I do know that I don't have a problem with roaming profiles and haven't since 2.2.x and it still works on 3.0.x Doesn't make any difference: profile acls = yes in "homes" is the same behaviour asin "profiles" as long as profiles are located under homes. The prob is still the same: user with local adm-rights = complete profile user with User- or Poweruser- rights = reduced profile (background and other settings) Can you switch the local Rights of your Users from User to Admin and then go back to User without loss in the profile ? Still no idea where to search... regards Stefan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
I'm posting my smb.conf below. I posted it earlier today, but evidently some of my posts are taking > 24 hrs to make it to the list. I'm going to try adding the profile acls statement to the profiles section since (for me) that's the section that actually establishes the profiles share. I'll post my results once I've tried it out. Does anyone know if the profile acls setting is related/dependent on acls support compiled into the kernel. I haven't compiled it into my kernel, but I think they're unrelated. I don't blame you for wanting to run with with less than admin privileges, especially with heinous things the windows GDI exploit [http://www.easynews.com/virus.html] in the wild. Zach If there are other, unrelated, problems with the following smb.conf, please let me know that as well. smb.conf: [global] netbios name = BABYLON workgroup = CIVILIZATION browseable = no server string = Samba Server log file = /var/log/samba/smbd.log max log size = 50 security = user smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = \ *password* %n\n \ *password* %n\n \ *successfully* username map = /etc/samba/smbusers # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U logon drive = M: logon home = \\%L\%U logon script = logon.cmd wins support = yes dns proxy = no [homes] comment = Home Directories path = /home/samba/share/%U writeable = yes create mode = 0600 directory mode = 0740 browseable = No [netlogon] comment = Network Logon Service path = /home/samba/netlogon browseable = no [Profiles] path = /home/samba/profiles browseable = No writeable = yes [share] path = /home/samba/share writeable = yes guest ok = no create mode = 0660 directory mode = 0770 browseable = yes On Tue, 28 Sep 2004 18:40:27 +0200, Stefan Wegner <[EMAIL PROTECTED]> wrote: > Tom Skeren schrieb: > ... > > I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: > Entering the Domain wit Admin-rights everything is fine (complete local > settings, etc.) > As soon as i make this User a (local)User or Poweruser, i get a reduced > profile from the server although i still have > profile acls = yes > in my "homes" section (where the profiles are stored) > Does this has to be under the section "profiles" ? > > You are not alone and i'm very interested to get a solution as well, > cause i don't want to have Admin rights all the time. > > Anyone has got the trick ? > > Stefan > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Zach wrote: I'll have to check it later today (i'm on RH9 at work). I'm guessing the man page means to remove the undesired user/group. Not having looked at it, I'm guessing that leaving only the Administrators is appropriate. I'll know more once I mess around with it this afternoon. Well the group everyone is in there. So it shouldn't be an issue. I'm going to add the group fskk to it, which is the group I created for the users-see if that helps. Tom, have you had a chance to implement profile acls = yes in your smb.conf? Did it work? Added the line in smb.conf, but I'm not at that office today, so I will travel there tomorrow and do some testing. Keep me posted. Thanks zach - Original Message - From: Tom Skeren <[EMAIL PROTECTED]> Date: Tue, 28 Sep 2004 08:59:21 -0700 Subject: Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin Snip Then for security on the XP machines, disable "bypass traverse checking" on each client. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/528.mspx There does not appear to be a disable setting. You can add and remove users and groups. I don't think you can delete the key either. Cheers TMS III -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
On Tue, 2004-09-28 at 09:40, Stefan Wegner wrote: > Tom Skeren schrieb: > ... > > I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: > Entering the Domain wit Admin-rights everything is fine (complete local > settings, etc.) > As soon as i make this User a (local)User or Poweruser, i get a reduced > profile from the server although i still have > profile acls = yes > in my "homes" section (where the profiles are stored) > Does this has to be under the section "profiles" ? > > You are not alone and i'm very interested to get a solution as well, > cause i don't want to have Admin rights all the time. > > Anyone has got the trick ? The 'homes' share should be differentiated from the 'profiles' share if you desire to have expected behavior. Whether this is an absolute requirement or not, I have no idea but I do know that I don't have a problem with roaming profiles and haven't since 2.2.x and it still works on 3.0.x Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Tom Skeren schrieb: ... I have EXACTLY the same problem with Samba 3.0.7 and W2K SP4: Entering the Domain wit Admin-rights everything is fine (complete local settings, etc.) As soon as i make this User a (local)User or Poweruser, i get a reduced profile from the server although i still have profile acls = yes in my "homes" section (where the profiles are stored) Does this has to be under the section "profiles" ? You are not alone and i'm very interested to get a solution as well, cause i don't want to have Admin rights all the time. Anyone has got the trick ? Stefan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
I'll have to check it later today (i'm on RH9 at work). I'm guessing the man page means to remove the undesired user/group. Not having looked at it, I'm guessing that leaving only the Administrators is appropriate. I'll know more once I mess around with it this afternoon. Tom, have you had a chance to implement profile acls = yes in your smb.conf? Did it work? Thanks zach - Original Message - From: Tom Skeren <[EMAIL PROTECTED]> Date: Tue, 28 Sep 2004 08:59:21 -0700 Subject: Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin Snip Then for security on the XP machines, disable "bypass traverse checking" on each client. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/528.mspx There does not appear to be a disable setting. You can add and remove users and groups. I don't think you can delete the key either. Cheers TMS III -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Snip Then for security on the XP machines, disable "bypass traverse checking" on each client. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/528.mspx There does not appear to be a disable setting. You can add and remove users and groups. I don't think you can delete the key either. Cheers TMS III Am I missing anything? Zach [EMAIL PROTECTED] (previously [EMAIL PROTECTED]) On Tue, 28 Sep 2004 20:36:02 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: maybe You guys need to read "man smb.conf" and search "profile acls" there. sith lord wrote: I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. I've googled and trolled the mailing lists and read the Samba documentation. Problem: User logs onto domain from WinXP client and profile is downloaded (you can tell because it takes a long time and lights on hub are lit up). However, unless that user is in the admin group locally, all/some of the profile isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, etc. are not loaded. No error is given. No cached or default profile is loaded. If user is added to local admin group before-hand. everything is O.K. If user is subsequently removed from admin group, problem happens again at next login. I have EXACTLY the same problem TMS III What I've tried: Upgrade Samba from 2.2 to 3 (currently 3.0.7). Set the "Check ownership of profile" option to "disabled" on WinXP client local policy (grpedit.msc) Check ownership and permissisions on the samba server (though these still might not be set properly). System configuration: Server: RH9 (all packages updated) Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) I would post smb.conf, but I don't have it right now. I can post it later, though. Clients: WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). I'm not sure if this is an issue with on the samba/linux end or the win xp client end. The same problem happens on both of my win xp clients. If it is on the samba end, I'm wondering if it's related to ownership/permissions not being quite right. It is as if being admin on the local box allows you to override whatever the problem is. Any help is appreciated. I'll post more info along with smb.conf if anyone wants to see it. _ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Okay, thanks for the tip. I'll try this later today, when I get a chance. If I understand properly, I should add profile acls = yes to smb.conf so that the profiles section looks like: [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes Then for security on the XP machines, disable "bypass traverse checking" on each client. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/528.mspx I guess that "bypass traverse checking" is already enabled by default. well, I didn't try XP SP2 yet :) maybe they have changed it. Am I missing anything? no. Zach [EMAIL PROTECTED] (previously [EMAIL PROTECTED]) On Tue, 28 Sep 2004 20:36:02 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: maybe You guys need to read "man smb.conf" and search "profile acls" there. sith lord wrote: I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. I've googled and trolled the mailing lists and read the Samba documentation. Problem: User logs onto domain from WinXP client and profile is downloaded (you can tell because it takes a long time and lights on hub are lit up). However, unless that user is in the admin group locally, all/some of the profile isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, etc. are not loaded. No error is given. No cached or default profile is loaded. If user is added to local admin group before-hand. everything is O.K. If user is subsequently removed from admin group, problem happens again at next login. I have EXACTLY the same problem TMS III What I've tried: Upgrade Samba from 2.2 to 3 (currently 3.0.7). Set the "Check ownership of profile" option to "disabled" on WinXP client local policy (grpedit.msc) Check ownership and permissisions on the samba server (though these still might not be set properly). System configuration: Server: RH9 (all packages updated) Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) I would post smb.conf, but I don't have it right now. I can post it later, though. Clients: WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). I'm not sure if this is an issue with on the samba/linux end or the win xp client end. The same problem happens on both of my win xp clients. If it is on the samba end, I'm wondering if it's related to ownership/permissions not being quite right. It is as if being admin on the local box allows you to override whatever the problem is. Any help is appreciated. I'll post more info along with smb.conf if anyone wants to see it. _ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
Okay, thanks for the tip. I'll try this later today, when I get a chance. If I understand properly, I should add profile acls = yes to smb.conf so that the profiles section looks like: [Profiles] path = /home/samba/profiles browseable = No writeable = yes profile acls = yes Then for security on the XP machines, disable "bypass traverse checking" on each client. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/528.mspx Am I missing anything? Zach [EMAIL PROTECTED] (previously [EMAIL PROTECTED]) On Tue, 28 Sep 2004 20:36:02 +0600 (YEKST), Ilia Chipitsine <[EMAIL PROTECTED]> wrote: > maybe You guys need to read "man smb.conf" and search "profile acls" > there. > > > > > sith lord wrote: > > > >> I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. > >> I've googled and trolled the mailing lists and read the Samba > >> documentation. > >> > >> Problem: > >> User logs onto domain from WinXP client and profile is downloaded (you can > >> tell because it takes a long time and lights on hub are lit up). However, > >> unless that user is in the admin group locally, all/some of the profile > >> isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, > >> etc. are not loaded. No error is given. No cached or default profile is > >> loaded. If user is added to local admin group before-hand. everything is > >> O.K. If user is subsequently removed from admin group, problem happens > >> again at next login. > > > > I have EXACTLY the same problem > > > > TMS III > > > >> > >> > >> What I've tried: > >> Upgrade Samba from 2.2 to 3 (currently 3.0.7). > >> Set the "Check ownership of profile" option to "disabled" on WinXP client > >> local policy (grpedit.msc) > >> Check ownership and permissisions on the samba server (though these still > >> might not be set properly). > >> > >> System configuration: > >> Server: > >> RH9 (all packages updated) > >> Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) > >> I would post smb.conf, but I don't have it right now. I can post it later, > >> though. > >> > >> Clients: > >> WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). > >> > >> I'm not sure if this is an issue with on the samba/linux end or the win xp > >> client end. The same problem happens on both of my win xp clients. If it > >> is on the samba end, I'm wondering if it's related to ownership/permissions > >> not being quite right. It is as if being admin on the local box allows > >> you to override whatever the problem is. > >> > >> Any help is appreciated. I'll post more info along with smb.conf if anyone > >> wants to see it. > >> > >> _ > >> Check out Election 2004 for up-to-date election news, plus voter tools and > >> more! http://special.msn.com/msn/election2004.armx > >> > > > > > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
maybe You guys need to read "man smb.conf" and search "profile acls" there. sith lord wrote: I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. I've googled and trolled the mailing lists and read the Samba documentation. Problem: User logs onto domain from WinXP client and profile is downloaded (you can tell because it takes a long time and lights on hub are lit up). However, unless that user is in the admin group locally, all/some of the profile isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, etc. are not loaded. No error is given. No cached or default profile is loaded. If user is added to local admin group before-hand. everything is O.K. If user is subsequently removed from admin group, problem happens again at next login. I have EXACTLY the same problem TMS III What I've tried: Upgrade Samba from 2.2 to 3 (currently 3.0.7). Set the "Check ownership of profile" option to "disabled" on WinXP client local policy (grpedit.msc) Check ownership and permissisions on the samba server (though these still might not be set properly). System configuration: Server: RH9 (all packages updated) Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) I would post smb.conf, but I don't have it right now. I can post it later, though. Clients: WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). I'm not sure if this is an issue with on the samba/linux end or the win xp client end. The same problem happens on both of my win xp clients. If it is on the samba end, I'm wondering if it's related to ownership/permissions not being quite right. It is as if being admin on the local box allows you to override whatever the problem is. Any help is appreciated. I'll post more info along with smb.conf if anyone wants to see it. _ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
sith lord wrote: I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. I've googled and trolled the mailing lists and read the Samba documentation. Problem: User logs onto domain from WinXP client and profile is downloaded (you can tell because it takes a long time and lights on hub are lit up). However, unless that user is in the admin group locally, all/some of the profile isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, etc. are not loaded. No error is given. No cached or default profile is loaded. If user is added to local admin group before-hand. everything is O.K. If user is subsequently removed from admin group, problem happens again at next login. I have EXACTLY the same problem TMS III What I've tried: Upgrade Samba from 2.2 to 3 (currently 3.0.7). Set the "Check ownership of profile" option to "disabled" on WinXP client local policy (grpedit.msc) Check ownership and permissisions on the samba server (though these still might not be set properly). System configuration: Server: RH9 (all packages updated) Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) I would post smb.conf, but I don't have it right now. I can post it later, though. Clients: WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). I'm not sure if this is an issue with on the samba/linux end or the win xp client end. The same problem happens on both of my win xp clients. If it is on the samba end, I'm wondering if it's related to ownership/permissions not being quite right. It is as if being admin on the local box allows you to override whatever the problem is. Any help is appreciated. I'll post more info along with smb.conf if anyone wants to see it. _ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming Profiles:Samba PDC:WinXP:User must be local admin
I'm having a problem with Roaming profiles in Windows XP with Samba as PDC. I've googled and trolled the mailing lists and read the Samba documentation. Problem: User logs onto domain from WinXP client and profile is downloaded (you can tell because it takes a long time and lights on hub are lit up). However, unless that user is in the admin group locally, all/some of the profile isn't loaded. eg, Desktop wallpaper, WinXP theme, start menu settings, etc. are not loaded. No error is given. No cached or default profile is loaded. If user is added to local admin group before-hand. everything is O.K. If user is subsequently removed from admin group, problem happens again at next login. What I've tried: Upgrade Samba from 2.2 to 3 (currently 3.0.7). Set the "Check ownership of profile" option to "disabled" on WinXP client local policy (grpedit.msc) Check ownership and permissisions on the samba server (though these still might not be set properly). System configuration: Server: RH9 (all packages updated) Samba 3.0.7 (from rpm) (problem happened with 2.2 as well) I would post smb.conf, but I don't have it right now. I can post it later, though. Clients: WinXP Pro SP2 (problem happened with pre sp1, & sp1a as well). I'm not sure if this is an issue with on the samba/linux end or the win xp client end. The same problem happens on both of my win xp clients. If it is on the samba end, I'm wondering if it's related to ownership/permissions not being quite right. It is as if being admin on the local box allows you to override whatever the problem is. Any help is appreciated. I'll post more info along with smb.conf if anyone wants to see it. _ Check out Election 2004 for up-to-date election news, plus voter tools and more! http://special.msn.com/msn/election2004.armx -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
