Samba PDC roaming profiles problem

Mon, 02 Aug 2010 04:33:02 -0700 

Hi,

I've setup a LDAP backend Samba PDC. I can gain access to shares and

login with a user that is in LDAP, but have a prblem setting up the
roaming profile stuff. I've been trying to solve this problem for some
time now, and have tried everything I could think of, but without much
luck. I keep getting the following error messages:

"Windows cannot locate the server copy of your roaming profile and is
attempting to log you on with your local profile. Changes to the profile
will not be copied to the server when you logoff. Plausible causes of
this error include network problem or insufficient security rights. If
this problem persists, contact your network administrators. DETAILS -
The network path was not found."

Followed by:

"Windows cannot find the local profile and is logging on with a tempory
profiles. Changes to this profile will be lost when you logoff."

Here is my smb.conf:


[global]
     security = user
     name resolve order = wins lmhosts hosts bcast
     deadtime = 15
     map to guest = Never
     csc policy = disable
     hosts allow = 127. 192.168.
     server string =
     workgroup = Nieuwegein
     time server = yes
     wins support = yes
     domain master = yes
     domain logons = yes
    encrypt passwords = yes
     local master = yes
     logon drive = Z:
     logon path = \\%L\profiles\%U
     preferred master = yes
     os level = 255
     encrypt passwords = yes
     passdb backend = ldapsam:ldap://localhost/
     enable privileges = Yes
     pam password change = yes
     passwd program = /usr/local/sbin/smbldap-passwd %u
     passwd chat = *New*password* %n\n *Retype*new*password* %n\n

*all*authentication*tokens*updated*

     unix password sync = Yes
     ldap delete dn = Yes
     ldap ssl = Off
     ldap passwd sync = Yes
     ldap admin dn = cn=admin,dc=specialisterren,dc=nl
     ldap suffix = dc=specialisterren,dc=nl
     ldap group suffix = ou=Groups
     ldap idmap suffix = ou=Users
     ldap machine suffix = ou=Computers
     ldap user suffix = ou=Users
     idmap backend = ldap:ldap://localhost
     idmap uid = 10000-20000
     idmap gid = 10000-20000
     add user script = /usr/local/sbin/smbldap-useradd -a -m "%u"
     delete user script = /usr/local/sbin/smbldap-userdel "%u"
     add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
     delete group script = /usr/local/sbin/smbldap-groupdel "%g"
     add user to group script = /usr/local/sbin/smbldap-groupmod -m

"%u" "%g"

     delete user from group script = /usr/local/sbin/smbldap-groupmod

-x "%u" "%g"

    set primary group script = /usr/local/sbin/smbldap-usermod -g "%g"

"%u"

     add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
    template homedir = /home/%U
     template shell = /bin/csh
    getwd cache = yes
    socket options = SO_KEEPALIVE TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=819
    use sendfile = yes
    mangle prefix = 6 # How to mangle Long Filenames in to 8.3 DOS
    log level = 1
    log file = /var/log/samba/log.%m
    max log size = 50
     syslog = 0

 [template]
 # edited out, has no path

 [homes]
    comment = Home users
    inherit owner = yes
    dos filemode = yes
    writable = yes
    read list = @wheel @"Domain Admins"
    valid users = "%S"
     create mask = 0740
     directory mask = 0750
     aio read size = 16384

 [netlogon]
     comment = Network Logon Service
     path = /disk/netlogon
     browseable = no
     read only = yes
     aio read size = 16384

 [profiles]
     comment = Roaming Profiles Directory
     path = /disk/profiles
     administrative share = true
     browseable = no
    writable = yes
     create mask = 0600
     directory mask = 0700
     aio read size = 16384
     public = yes
     # The root preexec command performs:
    # mkdir -pm 750 /disk/profiles/%U-%a; chown %U /disk/profiles/%U-%a
     # I started off without this.
     root preexec = /root/sbin/profiles.sh %U %a

# edited out other shares


ldapsearch gives me:

 # tester, Users, specialisterren.nl
 dn: uid=tester,ou=Users,dc=specialisterren,dc=nl
 objectClass: top
 objectClass: person
 objectClass: organizationalPerson
 objectClass: inetOrgPerson
 objectClass: posixAccount
 objectClass: shadowAccount
 objectClass: sambaSamAccount
 cn: tester
 sn: tester
 givenName: tester
 uid: tester
 uidNumber: 10005
 gidNumber: 513
 homeDirectory: /home/tester
 loginShell: /bin/sh
 gecos: Tes ter
 sambaLogonTime: 0

(Edited out the other stuff)

I can acces \\Server\profiles, \\Server\netlogon using my tester
account. /etc/passwd contains no line with the user tester. And I can
login under SSH with the tester account.

ll -d /disk/{netlogon,profiles}gives me:
drwxr-xr-x  2 root  wheel  512 Mar 16 11:09 /disk/netlogon/
drwxrwxrwt  2 root  wheel  512 Aug  2 12:41 /disk/profiles/

Alex


_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[email protected]"

Reply via email to