Hi; Thanks for reply. Jurgen I tryed your settings in smb.conf but still the same
I attach log durin logon jas user. For me there are no error - but still see error in windows about roaming profiles not created ... maybe this is a bug in samba or ldap ? oot@debldap4:~# tail -f /var/log/samba/jas_172.16.220.136.log [2012/02/24 17:49:16.156253, 1] smbd/service.c:1070(make_connection_snum) tester (::ffff:172.16.220.136) connect to service netlogon initially as user jas (uid=1002, gid=512) (pid 2177) [2012/02/24 17:49:26.032109, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:49:26.033237, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:16.705954, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:16.708110, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:40.043034, 2] lib/smbldap.c:950(smbldap_open_connection) smbldap_open_connection: connection opened [2012/02/24 17:50:40.044292, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:40.045255, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 512 [2012/02/24 17:50:40.045616, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [jas] -> [jas] -> [jas] succeeded [2012/02/24 17:50:40.055071, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:40.055623, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:40.056102, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:40.066467, 2] rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain) Returning domain sid for domain TESTADM -> S-1-5-21-3986075260-1976875605-3695878225 [2012/02/24 17:50:40.079195, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:40.782999, 1] smbd/service.c:1251(close_cnum) tester (::ffff:172.16.220.136) closed connection to service netlogon [2012/02/24 17:50:43.297758, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:43.298137, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 512 [2012/02/24 17:50:43.298334, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [jas] -> [jas] -> [jas] succeeded [2012/02/24 17:50:43.300114, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:43.300549, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:43.303237, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:43.303929, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:43.304730, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:43.305311, 1] smbd/service.c:1070(make_connection_snum) tester (::ffff:172.16.220.136) connect to service profiles initially as user jas (uid=1002, gid=512) (pid 2204) [2012/02/24 17:50:44.257013, 1] smbd/service.c:1251(close_cnum) tester (::ffff:172.16.220.136) closed connection to service profiles [2012/02/24 17:50:47.965091, 2] lib/smbldap.c:950(smbldap_open_connection) smbldap_open_connection: connection opened [2012/02/24 17:50:47.967680, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:47.969245, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 512 [2012/02/24 17:50:47.969445, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [jas] -> [jas] -> [jas] succeeded [2012/02/24 17:50:47.971263, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:47.971580, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:47.971906, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:47.980087, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 513 [2012/02/24 17:50:47.983239, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:47.983742, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:47.988375, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:47.989128, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:47.990546, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:47.990923, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:47.991353, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:47.991517, 1] smbd/service.c:1070(make_connection_snum) tester (::ffff:172.16.220.136) connect to service profiles initially as user jas (uid=1002, gid=512) (pid 2207) [2012/02/24 17:50:48.000578, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:48.053803, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:48.055718, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:48.072541, 2] rpc_server/srv_samr_nt.c:4124(_samr_LookupDomain) Returning domain sid for domain TESTADM -> S-1-5-21-3986075260-1976875605-3695878225 [2012/02/24 17:50:48.075953, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:50.525614, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: jas [2012/02/24 17:50:50.526719, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [jas] -> [jas] -> [jas] succeeded [2012/02/24 17:50:50.536994, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:50.537923, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: domainadm [2012/02/24 17:50:50.539590, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap) init_group_from_ldap: Entry found for group: 1001 [2012/02/24 17:50:50.540070, 1] smbd/service.c:1070(make_connection_snum) tester (::ffff:172.16.220.136) connect to service netlogon initially as user jas (uid=1002, gid=512) (pid 2205) [2012/02/24 17:50:50.931935, 2] smbd/open.c:633(open_file) jas opened file Default User/NTUSER.DAT read=Yes write=No (numopen=1) [2012/02/24 17:50:51.884020, 2] smbd/open.c:633(open_file) jas opened file Default User/ntuser.dat.LOG read=Yes write=No (numopen=2) [2012/02/24 17:50:51.905456, 2] smbd/open.c:633(open_file) jas opened file Default User/ntuser.ini read=Yes write=No (numopen=3) [2012/02/24 17:50:53.244238, 2] smbd/open.c:633(open_file) jas opened file Default User/Moje dokumenty/desktop.ini read=Yes write=No (numopen=4) [2012/02/24 17:50:53.246132, 2] smbd/open.c:633(open_file) jas opened file Default User/Moje dokumenty/Moja muzyka/Przyk�adowa muzyka.lnk read=Yes write=No (numopen=5) [2012/02/24 17:50:53.247875, 2] smbd/open.c:633(open_file) jas opened file Default User/Moje dokumenty/Moja muzyka/Desktop.ini read=Yes write=No (numopen=6) [2012/02/24 17:50:53.250202, 2] smbd/open.c:633(open_file) jas opened file Default User/Moje dokumenty/Moje obrazy/Przyk�adowe obrazy.lnk read=Yes write=No (numopen=7) [2012/02/24 17:50:53.250414, 2] smbd/open.c:633(open_file) jas opened file Default User/Moje dokumenty/Moje obrazy/Desktop.ini read=Yes write=No (numopen=8) [2012/02/24 17:50:53.250589, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/��cza/Windows Media.url read=Yes write=No (numopen=9) [2012/02/24 17:50:53.251275, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/��cza/Windows.url read=Yes write=No (numopen=10) [2012/02/24 17:50:53.257908, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/��cza/Bezp�atna us�uga pocztowa Hotmail.url read=Yes write=No (numopen=11) [2012/02/24 17:50:53.264517, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/MSN.com.url read=Yes write=No (numopen=12) [2012/02/24 17:50:53.266022, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/Desktop.ini read=Yes write=No (numopen=13) [2012/02/24 17:50:53.266235, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/��cza/Dostosuj ��cza.url read=Yes write=No (numopen=14) [2012/02/24 17:50:53.266620, 2] smbd/open.c:633(open_file) jas opened file Default User/Ulubione/Przewodnik po stacjach radiowych.url read=Yes write=No (numopen=15) [2012/02/24 17:50:53.267454, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/desktop.ini read=Yes write=No (numopen=16) [2012/02/24 17:50:53.268578, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Free Pascal/Free Pascal.lnk read=Yes write=No (numopen=17) [2012/02/24 17:50:53.268876, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/desktop.ini read=Yes write=No (numopen=18) [2012/02/24 17:50:53.278394, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Free Pascal/Uninstall Free Pascal.lnk read=Yes write=No (numopen=19) [2012/02/24 17:50:53.278552, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Free Pascal/Free Pascal on the Web.lnk read=Yes write=No (numopen=20) [2012/02/24 17:50:53.280413, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Windows Media Player.lnk read=Yes write=No (numopen=21) [2012/02/24 17:50:53.287024, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Internet Explorer.lnk read=Yes write=No (numopen=22) [2012/02/24 17:50:53.288310, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Autostart/desktop.ini read=Yes write=No (numopen=23) [2012/02/24 17:50:53.288463, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Outlook Express.lnk read=Yes write=No (numopen=24) [2012/02/24 17:50:53.290466, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/desktop.ini read=Yes write=No (numopen=25) [2012/02/24 17:50:53.290586, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Pomoc zdalna.lnk read=Yes write=No (numopen=26) [2012/02/24 17:50:53.293580, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/Synchronizuj.lnk read=Yes write=No (numopen=27) [2012/02/24 17:50:53.293742, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/Kreator zgodno�ci program�w.lnk read=Yes write=No (numopen=28) [2012/02/24 17:50:53.302409, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/Notatnik.lnk read=Yes write=No (numopen=29) [2012/02/24 17:50:53.312223, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/U�atwienia dost�pu/desktop.ini read=Yes write=No (numopen=30) [2012/02/24 17:50:53.312483, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/Rozrywka/desktop.ini read=Yes write=No (numopen=31) [2012/02/24 17:50:53.312779, 2] smbd/open.c:633(open_file) jas opened file Default User/Menu Start/Programy/Akcesoria/Rozrywka/Windows Media Player.lnk read=Yes write=No (numopen=32) [2012/02/24 17:50:53.314770, 2] smbd/open.c:633(open_file) My entry for user in ldap looks like smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=TESTADM))] smbldap_open_connection: connection opened init_sam_from_ldap: Entry found for user: jas init_group_from_ldap: Entry found for group: 512 init_group_from_ldap: Entry found for group: 512 Unix username: jas NT username: jas Account Flags: [U ] User SID: S-1-5-21-3986075260-1976875605-3695878225-3004 Primary Group SID: S-1-5-21-3986075260-1976875605-3695878225-512 Full Name: jas Home Directory: \\172.16.220.131\jas HomeDir Drive: H: Logon Script: %G Profile Path: \\172.16.220.131\profiles\jas Domain: TESTADM Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: never Kickoff time: never Password last set: Thu, 08 Sep 2011 10:35:19 CEST Password can change: Thu, 08 Sep 2011 10:35:19 CEST Password must change: never Last bad password : 0 Bad password count : 0 Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF Please help! I fight with them few monts and dead line for new server is coming :( 2012/2/24 Jürgen Echter <[email protected]> > Am 23.02.2012 14:06, schrieb Adam Sienkiewicz: > >> Hi; >> >> It didn't help. Now for /profiles I have permissions: >> >> drwxrwxrwt 13 root root 4096 Feb 17 20:05 profiles >> >> and if user login to domain firth time its profile dir is created but >> nothing else ... >> >> Now /profiles looks lie: >> >> /profiles >> ├── [drwx------ czarus Domain U] czarus >> ├── [drwx------ domainad domainad] domainadm >> ├── [drwxrwxrwx jas Domain A] jas >> ├── [drwx------ root root ] root >> ├── [drwx------ sambaroo Domain U] sambaroot2 >> ├── [drwx------ sambaroo Domain U] sambaroot2.V2 >> ├── [drwx------ sambaroo Domain U] sambaroot3 >> ├── [drwx------ sambaroo Domain U] sambaroot3.V2 >> ├── [drwx------ test2 Domain U] test2 >> │ └── [drwx------ test2 Domain U] dfd >> ├── [drwx------ test5 domainad] test5 >> >> >> >> 2012/2/23 steve<[email protected]> >> >> I googled few days I tryed all what I can find but with no luck. It will >>> be great if somebody could help me with this because I have no idea what >>> is >>> a root cause of my issue. >>> Hi >>> The cause is usually because of wrong permissions on the profiles folder. >>> Try the big hammer first: >>> Backup /profiles >>> chmod -R 0777 /profiles >>> comment out: >>> >>> create mask = 0600 >>> directory mask = 0700 >>> create a new user >>> login as the new user. That user should have his profile OK. >>> >>> Then put the security back one stage at a time until it doesn't work >>> again. >>> HTH >>> Steve >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: >>> https://lists.samba.org/****mailman/options/samba<https://lists.samba.org/**mailman/options/samba> >>> <https://**lists.samba.org/mailman/**options/samba<https://lists.samba.org/mailman/options/samba> >>> > >>> >>> Hi, > > i got this in my smb.conf (local smb server) > > [profile] > comment = Profildateien > path = /DATEN/samba/profile > guest ok = yes > browseable = no > > create mask = 0600 > directory mask = 0700 > writeable = yes > profile acls = yes > > valid users = %U @"Domain Admins" > force user = %U > csc policy = disable > > and this on bdc (backup domain controller) > > [profile] > comment = Profildateien > path = \\mule\profile > guest ok = yes > browseable = no > > create mask = 0600 > directory mask = 0700 > writeable = yes > profile acls = yes > > valid users = %U @"Domain Admins" > force user = %U > csc policy = disable > > > pdbedit -L -v says (for one user here) > > --------------- > Unix username: stefan > NT username: stefan > Account Flags: [UX ] > User SID: S-1-5-21-3842863818-**2180709222-141296495-3436 > Primary Group SID: S-1-5-21-3842863818-**2180709222-141296495-513 > Full Name: Stefan > Home Directory: \\mule\stefan > HomeDir Drive: H: > Logon Script: stefan.bat > Profile Path: \\mule\profile\stefan > Domain: WORKGROUP > Account desc: > Workstations: > Munged dial: > Logon time: 0 > Logoff time: never > Kickoff time: 0 > Password last set: Do, 20 Okt 2011 18:18:19 CEST > Password can change: Do, 20 Okt 2011 18:18:19 CEST > Password must change: never > Last bad password : 0 > Bad password count : 0 > Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF**FFFFFFFFFFFF > --------------- > > maybe you can see anything related to you. :) > > -- > To unsubscribe from this list go to the following URL and read the > instructions: > https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
