On 1/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I wasn't explicitely wanting roaming profiles (as I view them as evil).
May I ask why? I've generally found they make things a lot better. Lock down the workstations, no "root" access for the lusers, use domain authentication and roaming profiles. When a Windoze workstation gets screwed up (not like *that* ever happens), swap it out or re-image it. One profile sync later, the user is back up and running like nothing happened. This assumes all the clients are Win NT4/2000/XP. Win 95/98/Me are to Win NT4/2000/XP as Win NT4/2000/XP are to *nix. I've done this with both Microsoft and Samba servers, too, so it's not completely off-topic. For Samba, the critical part is to have something like logon path = \\server\profiles\%U\ in your smb.conf on the Samba DC, and [profiles] comment = Windows Roaming User Profiles path = /path/to/some/dir/ browseable = no guest ok = no writable = yes create mask = 600 directory mask = 700 csc policy = disable on the Samba server holding the roaming profile share (which can be the same server). Note that the share holding the roaming profile must *NOT* be a "magic" share. That is, the "path" must be the same for every user who connects to the share. Not the "homes" share. No Samba variables in the "path" directive. -- Ben "Show me a $HOME where the buffer 'flows roam..." Scott _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss