I've inherited a small office network I didn't build. We're running Novell's eDirectory, and using Samba as a PDC.
Everyone's profile roams but mine. I didn't build our smb.conf file, but I've read tutorials on roaming profiles, and it seems to be set up correctly. I've included the text of that file at the end of this message. I bungled creating my account in eDirectory, deleted it, and recreated it with the same name. In particular, I didn't have the profile directory set up properly the first time I tried to login. I don't know if that could have caused problems. My account seems to be set up like the older ones now. Also, logon.bat doesn't seem to run for me. I end up with the X: drive mapped, but logon.bat sets up other shares for every other user that I don't get. I see a command prompt window flash by on the screen when I start, but it doesn't work. I tried to put a "pause" in logon.bat, to stop the command prompt, but it flashed by just the same. I'm really puzzled by this. Everything I've read suggests that the action happens in smb.conf, which doesn't differentiate between users -- so I don't understand how I could manage to break it for one account. Anyway, here is my smb.conf -- we had a lot of comments from the example file, which I've removed for brevity. Thanks in advance. -- #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH workgroup = DOMINION netbios name = MAXIMUS server string = EnsembleTravel FileServer security = user hosts allow = 192.168.128. 192.168.60. 127. printing = cups printcap name = cups load printers = yes log file = /usr/local/samba/var/log.%m max log size = 500 interfaces = 192.168.128.0/24 local master = yes os level = 33 domain master = yes preferred master = yes domain logons = yes wins support = yes nt acl support = yes time server = yes encrypt passwords = yes obey pam restrictions = No unix password sync = No dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd show add printer wizard = yes log level = 0 ########################################### # this is for roaming profiles ########################################### logon path = \\%L\profiles\%U ########################################### logon script = logon.bat logon drive = X: passdb backend = NDS_ldapsam:ldap://mailserver.ensembletravel.net ldap admin dn = cn=admin,ou=users,o=EnsembleTravel ldap suffix = o=EnsembleTravel ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes #delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" #delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" #============================ Share Definitions ============================== [netlogon] path = /usr/local/samba/netlogon browseable = No read only = Yes [profiles] path = /data/profiles writeable = Yes read only = No create mask = 0600 directory mask = 0700 browseable = No guest ok = Yes profile acls = Yes csc policy = disable # next line is a great way to secure the profiles force user = %U # next line allows administrator to access all profiles valid users = %U @"Domain Admins" [homes] comment = Home directory for %U writeable = Yes read only = No browseable = No create mask = 0700 directory mask = 0700 force directory mode = 0700 [printers] comment = Printers printable = Yes path = /usr/local/samba/spool browseable = Yes guest ok = Yes public = Yes read only = Yes writable = No [print$] path = /usr/local/samba/drivers guest ok =Yes browseable = Yes read only = No valid users = @"Domain Users" write list = @"Domain Admins" [public] comment = Public directory path = /data/common public = yes browseable = yes guest ok = Yes read only = No [sales] comment = Sales path = /data/sales browseable = Yes guest ok = Yes read only = No create mask = 0777 force create mode = 0777 directory mask = 0777 force directory mode = 0777 [apps] comment = APPS path = /data/apps browseable = Yes guest ok = Yes read only = No create mask = 0777 force create mode = 0777 directory mask = 0777 force directory mode = 0777 [groups] comment = Groups path = /data/groups browseable = Yes guest ok = No read only = No directory mask = 0770 create mask = 0770 [snaps] comment = Snapshot backups of maximus path = /snapshots browseable = Yes guest ok = No read only = Yes valid users = @"Domain Users" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
