On Thu, 2005-10-13 at 14:03 -0500, Gerald (Jerry) Carter wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jörn Nettingsmeier wrote: > > | win2k clients, samba 3.0.20 pdc. > | a new user, who has never logged on, does so for the > | first time. the domain uses roaming profiles, and the > | netlogon share provides a custom Default User dir > | as well as an NTConfig.POL. > | > | problem: > | > | the default profile and policy are not downloaded > | successfully from the server. instead the user gets > | a local profile, missing all our folder redirections. > | the userenv.log on the client reports this error: > | USERENV(bc.a4) 12:46:47:804 MyRegLoadKey: Failed > | to load subkey > | <S-1-5-21-1503970882-379070074-3014308087-3158>, error =87 > | USERENV(bc.a4) 12:46:47:804 MyRegLoadKey: Mutex released. > | Returning 87. USERENV(bc.a4) 12:46:47:804 IssueDefaultProfile: > | MyRegLoadKey failed with error 87 > | > | "net helpmsg 87" says "Falscher Parameter." (on my > | german windows) which translates to "illegal parameter" > | in english. > | > | the problem was clearly introduced in 3.0.20. i just > | reverted to 3.0.16a, and it disappeared. > > Assuming you mean 3.0.14a here. > > | an interesting datapoint is that the failure is specific to win2k > | clients. i tried using an xp client, and it does pull a default profile > | correctly even from 3.0.20. it seems some backwards-compatibility cruft > | was omitted... > | > | this is a somewhat urgent issue to me, and i would appreciate a quick > | ACK from some knowledgeable people or (if it's my fault) a hint as to > | what mistakes i'm making. i have not yet entered this into the bug > | tracker, as i would like some sort of comment first. maybe you can > | suggest further relevant data that i should include? > > Excellent bug report. This sounds very similar to the > mandatory profiles but I spent a day tracking down > prior to the 3.0.20 release. I'm trying to remember the > exact nature of it. Do you by chance 'store dos attributes = yes' > set in smb.conf either globally for for the [netlogon] share? > > When you view the properties of the NTUSER.DAT file in the > default user profile on the server, is the readonly attribute > set?
A [netlogon] share is typically 'read only = yes', and in the 3.0.20
release, the default configuration ('acl check permissions = yes') sets
read only attributes on all files, including NTUSER.DAT. Hence 3.0.20b.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
