Apparently my problem is a bad combination of mystifying and uninteresting :-) since I've not had a reply.
Can anyone maybe suggest how to debug this? How can I find out what name it's looking for when it gets "The network name cannot be found" ? Is it true that I should be able to have a Samba-3 Domain without roaming profiles by just specifying logon path = logon home = in smb.conf and not providing any *sambaProfilePath* attribute in LDAP ? On Fri, Oct 5, 2012 at 5:42 PM, Jeff Dickens <[email protected]> wrote: > I have a Samba PDC (Ubuntu 12, OpenLDAP 2.4.28, Samba 3.6.3), and at two > remote sites, I have some Samba BDCs. > > For now I've manually entered the DCs as WINS servers on the workstations > I'm using for testing. At the remote sites, I can log in with an account > that has no logon path or logon home specified, and it works perfectly. > But at the main site, when I try to log on to one of these accounts I get > first get the "can't find the server copy of the roaming profile" and then > "can't find the local profile logging you in with a temporary profile" > errors. I can't figure this one out. I'm using the same account, and the > samba setups are nearly identical - just one is a BDC and one a PDC. > > This is smb.conf on the PDC: > > [global] > workgroup = SEAMANPAPER > server string = %h server (Samba, Ubuntu) > map to guest = Bad User > obey pam restrictions = Yes > passdb backend = ldapsam:ldap://localhost > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > smb ports = 137 138 139 445 > name resolve order = wins bcast hosts > load printers = No > printcap name = /dev/null > disable spoolss = Yes > rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' > delete user script = /usr/sbin/smbldap-userdel '%u' > add group script = /usr/sbin/smbldap-groupadd -p '%g' > delete group script = /usr/sbin/smbldap-groupdel '%g' > add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' > delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' > '%g' > set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' > add machine script = /usr/sbin/smbldap-useradd -W '%u' -t 1 > logon path = > logon home = > domain logons = Yes > os level = 65 > domain master = Yes > dns proxy = No > wins support = Yes > ldap admin dn = cn=admin,dc=intranet,dc=seamanpaper,dc=com > ldap group suffix = ou=Groups > ldap idmap suffix = ou=Idmap > ldap machine suffix = ou=Computers > ldap passwd sync = yes > ldap suffix = dc=intranet,dc=seamanpaper,dc=com > ldap ssl = no > ldap user suffix = ou=People > panic action = /usr/share/samba/panic-action %d > idmap config * : range = 1000000-1999999 > idmap config * : backend = ldap > printing = bsd > print command = lpr -r -P'%p' %s > lpq command = lpq -P'%p' > lprm command = lprm -P'%p' %j > > [profiles] > comment = Windows Profiles > path = /home/samba/profiles > read only = No > create mask = 0600 > directory mask = 0700 > store dos attributes = Yes > browseable = No > csc policy = disable > > [netlogon] > comment = Network Logon Service > path = /home/samba/netlogon > guest ok = Yes > > [homes] > comment = Home Directories > valid users = %S > read only = No > browseable = No > > and on the BDC: > > > [global] > workgroup = SEAMANPAPER > server string = %h server (Samba, Ubuntu) > map to guest = Bad User > obey pam restrictions = Yes > passdb backend = ldapsam:ldap://localhost > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > smb ports = 137 138 139 445 > name resolve order = wins bcast hosts > load printers = No > printcap name = /dev/null > disable spoolss = Yes > rename user script = /usr/sbin/smbldap-usermod -r '%unew' '%uold' > delete user script = /usr/sbin/smbldap-userdel '%u' > add group script = /usr/sbin/smbldap-groupadd -p '%g' > delete group script = /usr/sbin/smbldap-groupdel '%g' > add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' > delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' > '%g' > set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' > add machine script = /usr/sbin/smbldap-useradd -W '%u' -t 1 > logon path = > logon home = > domain logons = Yes > os level = 65 > domain master = No > dns proxy = No > wins proxy = Yes > wins server = 192.168.10.127 > ldap admin dn = cn=admin,dc=intranet,dc=seamanpaper,dc=com > ldap group suffix = ou=Groups > ldap idmap suffix = ou=Idmap > ldap machine suffix = ou=Computers > ldap passwd sync = yes > ldap suffix = dc=intranet,dc=seamanpaper,dc=com > ldap ssl = no > ldap user suffix = ou=People > panic action = /usr/share/samba/panic-action %d > idmap config * : range = 1000000-1999999 > idmap config * : backend = ldap > printing = bsd > print command = lpr -r -P'%p' %s > lpq command = lpq -P'%p' > lprm command = lprm -P'%p' %j > > [profiles] > comment = Windows Profiles > path = /home/samba/profiles > read only = No > create mask = 0600 > directory mask = 0700 > store dos attributes = Yes > browseable = No > csc policy = disable > > [netlogon] > comment = Network Logon Service > path = /home/samba/netlogon > guest ok = Yes > > [homes] > comment = Home Directories > valid users = %S > read only = No > browseable = No > > > Also notice that my account (which has a roaming profile and works fine at > all sites) has a "sambaProfilePath" attribute and the boris and rpoole > accounts don't. This should make them no-roaming-profile accounts but it > doesn't work consistently. It works at the two satellite sites but not at > my main site. > > root@grackle:~# ldapsearch -W -D > cn=admin,dc=intranet,dc=seamanpaper,dc=com -H ldap:// > grackle.intranet.seamanpaper.com -b dc=intranet,dc=seamanpaper,dc=com > "(uid=*jeff*)" | grep Path > Enter LDAP Password: > sambaHomePath: \\wilkins1\home > *sambaProfilePath: \\wilkins1\home\.winProfile* > root@grackle:~# > > root@grackle:~# ldapsearch -W -D > cn=admin,dc=intranet,dc=seamanpaper,dc=com -H ldap:// > grackle.intranet.seamanpaper.com -b dc=intranet,dc=seamanpaper,dc=com > "(uid=*boris*)" | grep Path > Enter LDAP Password: > sambaHomePath: \\wilkins1\home > > root@grackle:~# ldapsearch -W -D > cn=admin,dc=intranet,dc=seamanpaper,dc=com -H ldap:// > grackle.intranet.seamanpaper.com -b dc=intranet,dc=seamanpaper,dc=com > "(uid=*rpoole*)" | grep Path > Enter LDAP Password: > sambaHomePath: \\wilkins1\home > > > > -- > * Jeff Dickens* > IT Manager 978-632-1513 > > > -- * Jeff Dickens* IT Manager 978-632-1513 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
