Hi,
thanks for your answer. I have found the problem, was not as complicated as it looked.
I did not read the error message well enough to see that only some files could not be saved in the profile.
These were files the user was not the owner and so he did not have access to them.
Reason was he copied them from the local admin profile.
Once I got this fixed everything is working as expected.
Thank you Rainer
Thomas M. Skeren III wrote:
Rainer Traut wrote:
Hi,
I am in the process of migrating our windows workstations to a samba domain.
Here is the problem:
When creating the domain user I put every user additionalyy in the domain admin group so that he/she can copy his old files on the local profile to his new domain account.
Then after this is done I put them to the domain users group but some (!) of the user the lose then access to the profile.
Yeah, that's what happens. It's mostly a Windows problem...well not problem, rather it's security related.
If you're using WinXP, the best way to do this is to using the file and setting transfer wizard in the non domain account and export the settings. Then login to the domain account and import those settings. This way the user needs no special permissions and the profile is fully restored for the user.
I've done this numerous times, and this is by far the best way to do it. TMS III
When I look at permissions on their workstation everything looks ok, but he/she has no write access, though he is listed as owner.
samba is samba-3.0.13-1.4E.2 on Redhat EL4.
Here are parts of smb.conf
[Profiles] comment = Roaming profiles share path = /shares/profiles writeable = yes create mask = 0700 directory mask = 0770 browsable = no valid users = @domusers root force user = %U profile acls = yes
[EMAIL PROTECTED] Eigene Dateien]# net groupmap list
Domain Admins (S-1-5-21-2187243289-1530508873-3638611354-512) -> domadmins
System Operators (S-1-5-32-549) -> -1
Domain Guests (S-1-5-21-2187243289-1530508873-3638611354-514) -> -1
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Domain Users (S-1-5-21-2187243289-1530508873-3638611354-513) -> domusers
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
This works: [EMAIL PROTECTED] Eigene Dateien]# id koe uid=24446(koe) gid=1000(domusers) Gruppen=1000(domusers),1003(domadmins) [EMAIL PROTECTED] Eigene Dateien]#
This does not: [EMAIL PROTECTED] Eigene Dateien]# id koe uid=24446(koe) gid=1000(domusers) Gruppen=1000(domusers) [EMAIL PROTECTED] Eigene Dateien]#
Thanks for help Rainer
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
