On Mon, 2005-10-03 at 02:42 -0400, Chris Robinson wrote: > Yeah I looked into that fix you mentioned. No luck there. Didn't think > it would because I am only having problems with SP2. > > My groupmaps look good. > > Basically with XP SP2 I can log in and do whatever then logout. None of > my changes are saved next time I log back into that account unless I > give that account Administrative privileges...but only with SP2...very > strange. > > Craig White wrote: > > On Sun, 2005-10-02 at 21:38 -0400, Chris Robinson wrote: > > > >>The reason acls are commented out is because I tried them and it made no > >>difference. As I understand it csc policy = disable would be for > >>roaming profiles which generally I don't use but leave the ability for > >>special circumstances. > >> > >>Didn't know if the XP firewall settings would make a difference here or > >>not, but I figured the more info the better. > >> > >>My permissions on /home/samba-ntprof are almost identical to yours > >>except I use a different group. > >> > >>Just to reiterate...XP SP1 does work exactly as I want it to. It's only > >>XP SP2 that is causing problems. > >> > > > > ---- > > there was an issue with SP1 which sounds almost identical to what you > > are experiencing...I thought that this was fixed though. > > > > yes, the csc policy is for roaming profiles (I thought that this was the > > intended use). > > > > <http://lists.samba.org/archive/samba/2002-November/056182.html> > > > > I may not be a help here though it seems odd that you should be having > > difficulties with this. Perhaps your group mapping is wrong or the SID > > isn't correct for the users... > > > > you might want to check... > > > > net groupmap list (it should be similar - obviously different SID base > > codes but the -513 for Domain Users is significant) > > > > # net groupmap list > > Domain Computers (S-1-5-21-1423820788-2381578139-3432021425-553) -> > > Domain Computers > > Domain Admins (S-1-5-21-1423820788-2381578139-3432021425-512) -> root > > Domain Users (S-1-5-21-1423820788-2381578139-3432021425-513) -> > > dom_users > > Domain Guests (S-1-5-21-1423820788-2381578139-3432021425-514) -> Domain > > Guests > > Administrators (S-1-5-21-1423820788-2381578139-3432021425-544) -> > > Administrators > > Guests (S-1-5-21-1423820788-2381578139-3432021425-546) -> Guests > > Power Users (S-1-5-21-1423820788-2381578139-3432021425-547) -> Power > > Users > > Account Operators (S-1-5-21-1423820788-2381578139-3432021425-548) -> > > Account Operators > > Server Operators (S-1-5-21-1423820788-2381578139-3432021425-549) -> > > Server Operators > > Print Operators (S-1-5-21-1423820788-2381578139-3432021425-550) -> Print > > Operators > > Backup Operators (S-1-5-21-1423820788-2381578139-3432021425-551) -> > > Backup Operators > > Replicator (S-1-5-21-1423820788-2381578139-3432021425-552) -> Replicator ---- Well your comment about very strange tells me that you don't think that the problem is of your own doing but I would bet that it is.
I use CentOS 4.1 (samba-3.0.10-1.4E) and have a WinXP SP2 sitting right here and have no such problems as well as several networks using RHEL 3 & 4 (and also CentOS) and those users are all non-privileged users and I don't have those problems. I would bet that there are millions of people using samba 3.0.x with WinXP SP2 clients that aren't having that problem. Those users profiles which are having a problem...either their primary group membership isn't the 'Domain Users' -513 RID or you have mucked somewhere else with permissions. From your first post where you suggested that you have been playing with firewall settings, it's pretty clear that you have engaged in a shotgun, change settings that you don't understand and pray that something fixes your problem. Since you chose to show us no details, I can be of little help beyond this. You might try 'pdbedit -v USER_NAME' it should look something like... User SID: S-1-5-21-1423820788-2381578139-3432021425-1000 Primary Group SID: S-1-5-21-1423820788-2381578139-3432021425-513 Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
