Re: [Samba] temporary profiles problem - don't want roaming profiles
Apparently my problem is a bad combination of mystifying and uninteresting :-) since I've not had a reply. Can anyone maybe suggest how to debug this? How can I find out what name it's looking for when it gets The network name cannot be found ? Is it true that I should be able to have a Samba-3 Domain without roaming profiles by just specifying logon path = logon home = in smb.conf and not providing any *sambaProfilePath* attribute in LDAP ? On Fri, Oct 5, 2012 at 5:42 PM, Jeff Dickens j...@seamanpaper.com wrote: I have a Samba PDC (Ubuntu 12, OpenLDAP 2.4.28, Samba 3.6.3), and at two remote sites, I have some Samba BDCs. For now I've manually entered the DCs as WINS servers on the workstations I'm using for testing. At the remote sites, I can log in with an account that has no logon path or logon home specified, and it works perfectly. But at the main site, when I try to log on to one of these accounts I get first get the can't find the server copy of the roaming profile and then can't find the local profile logging you in with a temporary profile errors. I can't figure this one out. I'm using the same account, and the samba setups are nearly identical - just one is a BDC and one a PDC. This is smb.conf on the PDC: [global] workgroup = SEAMANPAPER server string = %h server (Samba, Ubuntu) map to guest = Bad User obey pam restrictions = Yes passdb backend = ldapsam:ldap://localhost syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 smb ports = 137 138 139 445 name resolve order = wins bcast hosts load printers = No printcap name = /dev/null disable spoolss = Yes rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -W '%u' -t 1 logon path = logon home = domain logons = Yes os level = 65 domain master = Yes dns proxy = No wins support = Yes ldap admin dn = cn=admin,dc=intranet,dc=seamanpaper,dc=com ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap machine suffix = ou=Computers ldap passwd sync = yes ldap suffix = dc=intranet,dc=seamanpaper,dc=com ldap ssl = no ldap user suffix = ou=People panic action = /usr/share/samba/panic-action %d idmap config * : range = 100-199 idmap config * : backend = ldap printing = bsd print command = lpr -r -P'%p' %s lpq command = lpq -P'%p' lprm command = lprm -P'%p' %j [profiles] comment = Windows Profiles path = /home/samba/profiles read only = No create mask = 0600 directory mask = 0700 store dos attributes = Yes browseable = No csc policy = disable [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = Yes [homes] comment = Home Directories valid users = %S read only = No browseable = No and on the BDC: [global] workgroup = SEAMANPAPER server string = %h server (Samba, Ubuntu) map to guest = Bad User obey pam restrictions = Yes passdb backend = ldapsam:ldap://localhost syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 smb ports = 137 138 139 445 name resolve order = wins bcast hosts load printers = No printcap name = /dev/null disable spoolss = Yes rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' delete user script = /usr/sbin/smbldap-userdel '%u' add group script = /usr/sbin/smbldap-groupadd -p '%g' delete group script = /usr/sbin/smbldap-groupdel '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' add machine script = /usr/sbin/smbldap-useradd -W '%u' -t 1 logon path = logon home = domain logons = Yes os level = 65 domain master = No dns proxy = No wins proxy = Yes wins server = 192.168.10.127 ldap admin dn = cn=admin,dc=intranet,dc=seamanpaper,dc=com ldap group suffix =
Re: [Samba] temporary profiles problem - don't want roaming profiles
Here I am replying to my own post, but I hope this information will be
useful. The following events appeared in the log when a Windows 7
workstation tries to log into the boris domain account at the main site:
*First the login events:
*KeywordsDate and TimeSourceEvent IDTask Category
Audit Success10/8/2012 4:27:42 PM
Microsoft-Windows-Security-Auditing4648LogonA logon was
attempted using explicit credentials.
Subject:
Security ID:SYSTEM
Account Name:WCOMPRM3$
Account Domain:SEAMANPAPER
Logon ID:0x3e7
Logon GUID:{----}
Account Whose Credentials Were Used:
Account Name:boris
Account Domain:SEAMANPAPER
Logon GUID:{----}
Target Server:
Target Server Name:localhost
Additional Information:localhost
Process Information:
Process ID:0x28a0
Process Name:C:\Windows\System32\winlogon.exe
Network Information:
Network Address:127.0.0.1
Port:0
This event is generated when a process attempts to log on an account by
explicitly specifying that account’s credentials. This most commonly
occurs in batch-type configurations such as scheduled tasks, or when using
the RUNAS command.
Audit Success10/8/2012 4:27:42 PM
Microsoft-Windows-Security-Auditing4624LogonAn account was
successfully logged on.
Subject:
Security ID:SYSTEM
Account Name:WCOMPRM3$
Account Domain:SEAMANPAPER
Logon ID:0x3e7
Logon Type:2
New Logon:
Security ID:SEAMANPAPER\Domain Users
Account Name:boris
Account Domain:SEAMANPAPER
Logon ID:0x121d2a1f
Logon GUID:{----}
Process Information:
Process ID:0x28a0
Process Name:C:\Windows\System32\winlogon.exe
Network Information:
Workstation Name:WCOMPRM3
Source Network Address:127.0.0.1
Source Port:0
Detailed Authentication Information:
Logon Process:User32
Authentication Package:Negotiate
Transited Services:-
Package Name (NTLM only):-
Key Length:0
This event is generated when a logon session is created. It is generated on
the computer that was accessed.
The subject fields indicate the account on the local system which requested
the logon. This is most commonly a service such as the Server service, or a
local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most
common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was
created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated.
Workstation name is not always available and may be left blank in some
cases.
The authentication information fields provide detailed information about
this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this
event with a KDC event.
- Transited services indicate which intermediate services have
participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM
protocols.
- Key length indicates the length of the generated session key. This
will be 0 if no session key was requested.
*Then some profile events:
*
Does this tell you anything about what my problem might be ? I don't see
where it says the name of the location where it's trying to find the
non-existant roaming profile.
LevelDate and TimeSourceEvent IDTask Category
Warning10/8/2012 4:27:22 PMMicrosoft-Windows-User Profiles
Service1530NoneWindows detected your registry file is still in
use by other applications or services. The file will be unloaded now. The
applications or services that hold your registry file may not function
properly afterwards.
DETAIL -
15 user registry handles leaked from
\Registry\User\S-1-5-21-3331739098-3736223119-3628203672-500:
Process 1396 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft
Shared\Windows Live\WLIDSVC.EXE) has opened key
\REGISTRY\USER\S-1-5-21-3331739098-3736223119-3628203672-500
Process 1396 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft
Shared\Windows Live\WLIDSVC.EXE) has opened key
\REGISTRY\USER\S-1-5-21-3331739098-3736223119-3628203672-500
Process 1396 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft
Shared\Windows Live\WLIDSVC.EXE) has opened key
\REGISTRY\USER\S-1-5-21-3331739098-3736223119-3628203672-500
Process 1396 (\Device\HarddiskVolume3\Program Files\Common Files\Microsoft
Shared\Windows Live\WLIDSVC.EXE) has opened key
\REGISTRY\USER\S-1-5-21-3331739098-3736223119-3628203672-500
Process 1396 (\Device\HarddiskVolume3\Program Files\Common
Re: [Samba] Temporary Profiles
Hallo Joel, I have tried that solution from the start, but it didn't solve the problem. If i put an empty logon path in the smb.con than I get a temporary LOCAL profile It doesn't matter what I change, it remains temporary... 2005/12/12, Joel Franco [EMAIL PROTECTED]: On Sex Dez 02 05 13:48, Oliver Schneider wrote: If you are sure there is a solution in your book, I am going to buy it. That shouldn't be a problem. I don't want roaming profiles. It would be enough, if i get a local NOT temporary profile. if you clear the global logon path = the profile should be local. It's enough to do it. I have tried to get roaming profiles to work as a part of the solution for the local profiles but that didn't helped neither. All I get then was a temporary serverside profile. All I want is a not temporary profile, where my changes are saved... Oliver Schneider 2005/12/1, John H Terpstra [EMAIL PROTECTED]: On Thursday 01 December 2005 03:01, Oliver Schneider wrote: Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Please follow the examples in my book Samba-3 by Example. This book is the official Samba deployment guide. If you experince any problems with the examples in this book I will help you to find the cause by which the book mis-directed you. After all, I want the documentation to be correct and of true value. Samba-3 by Example provides fully documented, step-by-step, installation and depoyment instructions for complete networking solutions. It coveres simple networks and progressively introduces complex networking examples. Every necessary configuration file is provided. Every time I have helped people on this list who have reported problems with Samba deployment - issues such as logon scripts that will not run, roaming profiles that fail to work correctly, not being able to join a domain, and so on, the solutions in this book solved the users' problem. If you do not follow the documentation provided, you will possibly go through a more painful learning process. The choice is yours. - John T. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path =
[Samba] Re: Samba Temporary Profiles?
That's right. I get the same behavior here, if i change that option. I get a local temporary profile instead of a serverside temporary profile. That's not much better. Oliver 2005/12/14, Mike Urban [EMAIL PROTECTED]: Did you ever get a solution to your problem? I seem to be facing the same thing. Setting login path = with nothing after '=' does _NOT_ solve the problem for me. Users get TEMP profiles, not a new permanent one. Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Temporary Profiles
On Sex Dez 02 05 13:48, Oliver Schneider wrote: If you are sure there is a solution in your book, I am going to buy it. That shouldn't be a problem. I don't want roaming profiles. It would be enough, if i get a local NOT temporary profile. if you clear the global logon path = the profile should be local. It's enough to do it. I have tried to get roaming profiles to work as a part of the solution for the local profiles but that didn't helped neither. All I get then was a temporary serverside profile. All I want is a not temporary profile, where my changes are saved... Oliver Schneider 2005/12/1, John H Terpstra [EMAIL PROTECTED]: On Thursday 01 December 2005 03:01, Oliver Schneider wrote: Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Please follow the examples in my book Samba-3 by Example. This book is the official Samba deployment guide. If you experince any problems with the examples in this book I will help you to find the cause by which the book mis-directed you. After all, I want the documentation to be correct and of true value. Samba-3 by Example provides fully documented, step-by-step, installation and depoyment instructions for complete networking solutions. It coveres simple networks and progressively introduces complex networking examples. Every necessary configuration file is provided. Every time I have helped people on this list who have reported problems with Samba deployment - issues such as logon scripts that will not run, roaming profiles that fail to work correctly, not being able to join a domain, and so on, the solutions in this book solved the users' problem. If you do not follow the documentation provided, you will possibly go through a more painful learning process. The choice is yours. - John T. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, 2 Ed., ISBN: 0131882228 Samba-3 by Example, 2 Ed., ISBN: 0131882221X Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions:
Re: Re: [Samba] Temporary Profiles
Can nobody help me? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Temporary Profiles
Hi, here is some more output of /var/log/messeges there are some errors... Thanks for your help Oliver Dec 6 07:57:53 fileserver smbd[10638]: write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection reset by peer Dec 6 07:57:53 fileserver smbd[10638]: [2005/12/06 07:57:53, 0] lib/util_sock.c:send_smb(647) Dec 6 07:57:53 fileserver smbd[10638]: Error writing 4 bytes to client. -1. (Connection reset by peer) Dec 6 08:00:01 fileserver /usr/sbin/cron[10647]: (root) CMD (/etc/webmin/bandwidth/rotate.pl) Dec 6 08:00:01 fileserver syslog-ng[3807]: STATS: dropped 0 Dec 6 08:04:06 fileserver smbd[10673]: [2005/12/06 08:04:06, 0] lib/util_sock.c:write_socket_data(430) Dec 6 08:04:06 fileserver smbd[10673]: write_socket_data: write failure. Error = Connection reset by peer Dec 6 08:04:06 fileserver smbd[10673]: [2005/12/06 08:04:06, 0] lib/util_sock.c:write_socket(455) Dec 6 08:04:06 fileserver smbd[10673]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Dec 6 08:04:06 fileserver smbd[10673]: [2005/12/06 08:04:06, 0] lib/util_sock.c:send_smb(647) Dec 6 08:04:06 fileserver smbd[10673]: Error writing 4 bytes to client. -1. (Connection reset by peer) Dec 6 08:04:06 fileserver smbd[10676]: [2005/12/06 08:04:06, 0] lib/util_sock.c:get_peer_addr(1150) Dec 6 08:04:06 fileserver smbd[10676]: getpeername failed. Error was Transport endpoint is not connected Dec 6 08:04:06 fileserver smbd[10676]: [2005/12/06 08:04:06, 0] lib/util_sock.c:write_socket_data(430) Dec 6 08:04:06 fileserver smbd[10676]: write_socket_data: write failure. Error = Connection reset by peer Dec 6 08:04:06 fileserver smbd[10676]: [2005/12/06 08:04:06, 0] lib/util_sock.c:write_socket(455) Dec 6 08:04:06 fileserver smbd[10676]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Dec 6 08:04:06 fileserver smbd[10676]: [2005/12/06 08:04:06, 0] lib/util_sock.c:send_smb(647) Dec 6 08:04:06 fileserver smbd[10676]: Error writing 4 bytes to client. -1. (Connection reset by peer) Dec 6 08:07:41 fileserver smbd[10642]: [2005/12/06 08:07:41, 0] lib/util_sock.c:read_socket_data(384) Dec 6 08:07:41 fileserver smbd[10642]: read_socket_data: recv failure for 4. Error = Connection reset by peer Dec 6 08:14:25 fileserver smbd[10726]: [2005/12/06 08:14:25, 0] lib/util_sock.c:get_peer_addr(1150) Dec 6 08:14:25 fileserver smbd[10726]: getpeername failed. Error was Transport endpoint is not connected Dec 6 08:14:25 fileserver smbd[10726]: [2005/12/06 08:14:25, 0] lib/util_sock.c:write_socket_data(430) Dec 6 08:14:25 fileserver smbd[10726]: write_socket_data: write failure. Error = Connection reset by peer Dec 6 08:14:25 fileserver smbd[10726]: [2005/12/06 08:14:25, 0] lib/util_sock.c:write_socket(455) Dec 6 08:14:25 fileserver smbd[10726]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Dec 6 08:14:25 fileserver smbd[10726]: [2005/12/06 08:14:25, 0] lib/util_sock.c:send_smb(647) Dec 6 08:14:25 fileserver smbd[10726]: Error writing 4 bytes to client. -1. (Connection reset by peer) Dec 6 08:22:53 fileserver smbd[10769]: [2005/12/06 08:22:53, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) Dec 6 08:22:53 fileserver smbd[10769]: api_pipe_bind_req: unknown auth type 1 requested. Dec 6 08:30:14 fileserver smbd[10819]: [2005/12/06 08:30:14, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) Dec 6 08:30:14 fileserver smbd[10819]: api_pipe_bind_req: unknown auth type 1 requested. Dec 6 08:30:59 fileserver smbd[10823]: [2005/12/06 08:30:59, 0] lib/util_sock.c:read_socket_data(384) Dec 6 08:30:59 fileserver smbd[10823]: read_socket_data: recv failure for 4. Error = Connection reset by peer Dec 6 08:53:26 fileserver smbd[10891]: [2005/12/06 08:53:26, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) Dec 6 08:53:26 fileserver smbd[10891]: api_pipe_bind_req: unknown auth type 1 requested. Dec 6 08:56:58 fileserver smbd[10918]: [2005/12/06 08:56:58, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) Dec 6 08:56:58 fileserver smbd[10918]: api_pipe_bind_req: unknown auth type 1 requested. Dec 6 08:59:18 fileserver smbd[10929]: [2005/12/06 08:59:18, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) Dec 6 08:59:18 fileserver smbd[10929]: api_pipe_bind_req: unknown auth type 1 requested. Dec 6 09:00:01 fileserver syslog-ng[3807]: STATS: dropped 0 Dec 6 09:00:01 fileserver /usr/sbin/cron[10933]: (root) CMD (/etc/webmin/bandwidth/rotate.pl) Dec 6 09:00:23 fileserver smbd[10893]: [2005/12/06 09:00:23, 0] lib/util_sock.c:read_socket_with_timeout(321) Dec 6 09:00:23 fileserver smbd[10893]: read_socket_with_timeout: timeout read. read error = Connection reset by peer. Dec 6 09:00:23 fileserver smbd[10893]: [2005/12/06 09:00:23, 0] smbd/oplock.c:oplock_break(835) Dec 6 09:00:23 fileserver smbd[10893]: oplock_break: receive_smb error (Connection reset by peer) Dec 6 09:00:23 fileserver smbd[10893]:
Re: [Samba] Temporary Profiles
Hi, I have looked at that PDF file, but I don't get my mistake. I was told, to go with roaming profiles, so I try it. Like I mentioned before, root can log on from everywhere and root gets his roaming profile. If i put a customized userprofile in the profile - path, then it gets loadet on login. But again, it't only a temporary profile, so no update on logoff. So again, here are all informations I can get from my system. [global] time server = yes log level = 3 include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator, oliver.schneider logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = \\fileserver\profiles\%U logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = /var/lib/samba/profiles browseable = no writeable = yes write list = @users # store dos attributes = Yes # create mask = 0600 # directory mask = 0700 profile acls = yes read only = no [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root oliver.schneider force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = root #net groupmap list fileserver:/var/lib/samba # net groupmap list System Operators (S-1-5-32-549) - -1 Domain Guests (S-1-5-21-3376943168-3023405898-1803579022-514) - users Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Power Users (S-1-5-32-547) - users Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Domain Users (S-1-5-21-3376943168-3023405898-1803579022-513) - users S-1-5-21-1161395039-3549078232-660113211-513 (S-1-5-21-1161395039-3549078232-660113211-513) - users Domain Admins (S-1-5-21-1161395039-3549078232-660113211-512) - -1 Account Operators (S-1-5-32-548) - -1 Domain Guests (S-1-5-21-1161395039-3549078232-660113211-514) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 Power Users (S-1-5-21-3376943168-3023405898-1803579022-1201) - users Domain Admins (S-1-5-21-3376943168-3023405898-1803579022-512) - -1 fileserver:/var/lib/samba # ls -l insgesamt 255 drwxr-xr-x 6 root root 664 2005-12-05 15:56 . drwxr-xr-x 37 root root 984 2005-11-15 08:54 .. -rw--- 1 root root 8192 2005-07-12 18:23 account_policy.tdb -rw-r--r-- 1 root root 8192 2005-12-05 15:12 brlock.tdb -rw-r--r-- 1 root root 1179 2005-12-05 15:54 browse.dat -rw-r--r-- 1 root root 24576 2005-12-05 15:19 connections.tdb drwxr-xr-x 7 root ntadmin 1032 2005-12-05 15:47 drivers -rw-r--r-- 1 root root 8192 2005-07-13 15:36 gencache.tdb -rw--- 1 root root 8192 2005-07-12 18:23 group_mapping.tdb -rw-r--r-- 1 root root114688 2005-12-05 15:20 locking.tdb -rw--- 1 root root 8192 2005-11-16 07:13 messages.tdb drwxrwxrwx 3 root users 144 2005-12-05 15:28 netlogon -rw--- 1 root root 8192 2005-07-13 09:24 ntdrivers.tdb -rw--- 1 root root 696 2005-07-13 09:24 ntforms.tdb -rw--- 1 root root 8192 2005-07-13 09:24 ntprinters.tdb drwxr-xr-x 2 root root 416 2005-12-05 15:56 printing drwxrws--- 11 root users 320 2005-12-05 14:48 profiles -rw--- 1 root root 8192 2005-07-13 09:24 registry.tdb -rw-r--r-- 1 root root 24576 2005-12-05 14:50 sessionid.tdb -rw--- 1 root root 8192 2005-07-13 09:24 share_info.tdb -rw-r--r-- 1 root root 8192 2005-12-05 14:50 unexpected.tdb
Re: [Samba] Temporary Profiles
If you are sure there is a solution in your book, I am going to buy it. That shouldn't be a problem. I don't want roaming profiles. It would be enough, if i get a local NOT temporary profile. I have tried to get roaming profiles to work as a part of the solution for the local profiles but that didn't helped neither. All I get then was a temporary serverside profile. All I want is a not temporary profile, where my changes are saved... Oliver Schneider 2005/12/1, John H Terpstra [EMAIL PROTECTED]: On Thursday 01 December 2005 03:01, Oliver Schneider wrote: Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Please follow the examples in my book Samba-3 by Example. This book is the official Samba deployment guide. If you experince any problems with the examples in this book I will help you to find the cause by which the book mis-directed you. After all, I want the documentation to be correct and of true value. Samba-3 by Example provides fully documented, step-by-step, installation and depoyment instructions for complete networking solutions. It coveres simple networks and progressively introduces complex networking examples. Every necessary configuration file is provided. Every time I have helped people on this list who have reported problems with Samba deployment - issues such as logon scripts that will not run, roaming profiles that fail to work correctly, not being able to join a domain, and so on, the solutions in this book solved the users' problem. If you do not follow the documentation provided, you will possibly go through a more painful learning process. The choice is yours. - John T. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, 2 Ed., ISBN: 0131882228 Samba-3 by Example, 2 Ed., ISBN: 0131882221X Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions:
RE [Samba] Temporary Profiles
Are you sure that the path of profiles path are correct ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/12/2005 11:01:05 : Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] Temporary Profiles
Roaming Profiles: The path is right. When a new user logs in, a new directory ist created (username) in the profiles path. The problem there is, the directory remains empty, no profile information. Greetings Oliver 2005/12/1, [EMAIL PROTECTED] [EMAIL PROTECTED]: Are you sure that the path of profiles path are correct ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/12/2005 11:01:05 : Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Temporary Profiles
On Thursday 01 December 2005 03:01, Oliver Schneider wrote: Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Please follow the examples in my book Samba-3 by Example. This book is the official Samba deployment guide. If you experince any problems with the examples in this book I will help you to find the cause by which the book mis-directed you. After all, I want the documentation to be correct and of true value. Samba-3 by Example provides fully documented, step-by-step, installation and depoyment instructions for complete networking solutions. It coveres simple networks and progressively introduces complex networking examples. Every necessary configuration file is provided. Every time I have helped people on this list who have reported problems with Samba deployment - issues such as logon scripts that will not run, roaming profiles that fail to work correctly, not being able to join a domain, and so on, the solutions in this book solved the users' problem. If you do not follow the documentation provided, you will possibly go through a more painful learning process. The choice is yours. - John T. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, 2 Ed., ISBN: 0131882228 Samba-3 by Example, 2 Ed., ISBN: 0131882221X Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
