Re: samba server as a PDC
As a small Thank-You for all your help a little bit of information I found during reading manuals: If you whish to delete user's profiles automagically from your local machines after user logged off: Open regedt32.exe and set HKEY_LOCALMACHINE\Software\Microsoft\WindowsNT\CurrentVersion \WinLogon\DeleteRoamingCache to 1 (Data Type REG_SZ). I think this is very useful on networks with few machines and many users - it will prevent them from using old profiles lying around on some local machine. Regards, Uli. On Wed, 25 Sep 2002, Peter Ulrich Kruppa wrote: Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
On Wed, 25 Sep 2002, D. Penev wrote: On Wed, Sep 25, 2002 at 10:10:34PM +, Peter Ulrich Kruppa wrote: Date: Wed, 25 Sep 2002 22:10:34 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: [EMAIL PROTECTED] Subject: samba server as a PDC Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . What ls -al /usr/local/samba/profiles show? My is : # ls -al profiles total 4 drwxr-xr-x 4 DomainAdmin DomainAdmins 512 Jul 15 23:04 . drwxr-xr-x 5 root wheel 512 Jul 15 21:16 .. drwx-- 13 DomainAdmin DomainAdmins 512 Jul 19 23:32 DomainAdmin drwx-- 13 DomainUser DomainUsers 512 Jul 26 22:15 DomainUser [snip] Hmm ... I have got --- total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxrwx--- 4 root 512 26 Sep 21:02 .. drwxr-xr-x 14 lukas_mueller samba 512 26 Sep 20:33 lukas_mueller drwxr-xr-x 13 root samba 512 26 Sep 20:24 root - ... and I have to admit, I don't know who group is. I don't have it in my /etc/group. How do I change permissions for .. then? Uli. Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
On Wed, 25 Sep 2002, Dave Young wrote: The following is a minimal profile share [profile] path = /export/profile create mask = 0600 directory mask = 0700 nt acl support = no read only = no looks like nt acl support = no I have added this to my smb.conf (it was important for something) but it doesn't solve my problem. I still guess it must have something to do with the permissions to my /usr/local/samba/profiles . Uli. is key from README.Win2kSP2 hth, Dave On Wed, 25 Sep 2002 22:10:34 + (GMT) [EMAIL PROTECTED] (Peter Ulrich Kruppa) wrote: Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
On Thu, Sep 26, 2002 at 09:09:08PM +, Peter Ulrich Kruppa wrote: Date: Thu, 26 Sep 2002 21:09:08 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: D. Penev [EMAIL PROTECTED] cc: Peter Ulrich Kruppa [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: samba server as a PDC On Wed, 25 Sep 2002, D. Penev wrote: On Wed, Sep 25, 2002 at 10:10:34PM +, Peter Ulrich Kruppa wrote: Date: Wed, 25 Sep 2002 22:10:34 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: [EMAIL PROTECTED] Subject: samba server as a PDC Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . What ls -al /usr/local/samba/profiles show? My is : # ls -al profiles total 4 drwxr-xr-x 4 DomainAdmin DomainAdmins 512 Jul 15 23:04 . drwxr-xr-x 5 root wheel 512 Jul 15 21:16 .. drwx-- 13 DomainAdmin DomainAdmins 512 Jul 19 23:32 DomainAdmin drwx-- 13 DomainUser DomainUsers 512 Jul 26 22:15 DomainUser [snip] Hmm ... I have got --- total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxrwx--- 4 root 512 26 Sep 21:02 .. I don't think that this causing the problem. drwxr-xr-x 14 lukas_mueller samba 512 26 Sep 20:33 lukas_mueller Is this user have problems with write permission ? I don't see any incorrect permissions, and hi must save his profile without any problems but users that haven't profiles cannot create them because they haven't write permission to /usr/local/samba/profiles. I see two sollutions: 1. chmod 775 /usr/local/samba/profiles 2. manualy create users directories as root and each of them chown to user drwxr-xr-x 13 root samba 512 26 Sep 20:24 root - ... and I have to admit, I don't know who group is. I don't have it in my /etc/group. How do I change permissions for .. then? Uli. Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
Yes, thanks to *everybody* ! I think I mixed up chown chgrp and chmod somehow. Now # ls -al /usr/local/samba/profiles delivers total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxr-xr-x 4 root samba 512 26 Sep 21:05 .. drwxr-xr-x 15 lukas_mueller samba 512 26 Sep 22:41 lukas_mueller drwxr-xr-x 13 root samba 512 26 Sep 20:24 root and everything works. His is just in time because we are going to set up a second computer room in our school during the next weeks. Regards, Uli. On Thu, 26 Sep 2002, D. Penev wrote: On Thu, Sep 26, 2002 at 09:09:08PM +, Peter Ulrich Kruppa wrote: Date: Thu, 26 Sep 2002 21:09:08 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: D. Penev [EMAIL PROTECTED] cc: Peter Ulrich Kruppa [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: samba server as a PDC On Wed, 25 Sep 2002, D. Penev wrote: On Wed, Sep 25, 2002 at 10:10:34PM +, Peter Ulrich Kruppa wrote: Date: Wed, 25 Sep 2002 22:10:34 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: [EMAIL PROTECTED] Subject: samba server as a PDC Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . What ls -al /usr/local/samba/profiles show? My is : # ls -al profiles total 4 drwxr-xr-x 4 DomainAdmin DomainAdmins 512 Jul 15 23:04 . drwxr-xr-x 5 root wheel 512 Jul 15 21:16 .. drwx-- 13 DomainAdmin DomainAdmins 512 Jul 19 23:32 DomainAdmin drwx-- 13 DomainUser DomainUsers 512 Jul 26 22:15 DomainUser [snip] Hmm ... I have got --- total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxrwx--- 4 root 512 26 Sep 21:02 .. I don't think that this causing the problem. drwxr-xr-x 14 lukas_mueller samba 512 26 Sep 20:33 lukas_mueller Is this user have problems with write permission ? I don't see any incorrect permissions, and hi must save his profile without any problems but users that haven't profiles cannot create them because they haven't write permission to /usr/local/samba/profiles. I see two sollutions: 1. chmod 775 /usr/local/samba/profiles 2. manualy create users directories as root and each of them chown to user drwxr-xr-x 13 root samba 512 26 Sep 20:24 root - ... and I have to admit, I don't know who group is. I don't have it in my /etc/group. How do I change permissions for .. then? Uli. Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
On Thu, Sep 26, 2002 at 10:48:45PM +, Peter Ulrich Kruppa wrote: Date: Thu, 26 Sep 2002 22:48:45 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: D. Penev [EMAIL PROTECTED] Cc: Peter Ulrich Kruppa [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: samba server as a PDC Yes, thanks to *everybody* ! I think I mixed up chown chgrp and chmod somehow. Now # ls -al /usr/local/samba/profiles delivers total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxr-xr-x 4 root samba 512 26 Sep 21:05 .. drwxr-xr-x 15 lukas_mueller samba 512 26 Sep 22:41 lukas_mueller drwxr-xr-x 13 root samba 512 26 Sep 20:24 root and everything works. His is just in time because we are going to set up a second computer room in our school during the next weeks. Regards, Uli. On Thu, 26 Sep 2002, D. Penev wrote: On Thu, Sep 26, 2002 at 09:09:08PM +, Peter Ulrich Kruppa wrote: Date: Thu, 26 Sep 2002 21:09:08 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: D. Penev [EMAIL PROTECTED] cc: Peter Ulrich Kruppa [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: samba server as a PDC On Wed, 25 Sep 2002, D. Penev wrote: On Wed, Sep 25, 2002 at 10:10:34PM +, Peter Ulrich Kruppa wrote: Date: Wed, 25 Sep 2002 22:10:34 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: [EMAIL PROTECTED] Subject: samba server as a PDC Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . What ls -al /usr/local/samba/profiles show? My is : # ls -al profiles total 4 drwxr-xr-x 4 DomainAdmin DomainAdmins 512 Jul 15 23:04 . drwxr-xr-x 5 root wheel 512 Jul 15 21:16 .. drwx-- 13 DomainAdmin DomainAdmins 512 Jul 19 23:32 DomainAdmin drwx-- 13 DomainUser DomainUsers 512 Jul 26 22:15 DomainUser [snip] Hmm ... I have got --- total 4 drwxr-xr-x 4 root samba 512 26 Sep 20:48 . drwxrwx--- 4 root 512 26 Sep 21:02 .. I don't think that this causing the problem. What I don't saw is that /usr/local/samba is not world readable, but below suggestions that I gave are still valid for roaming profiles. drwxr-xr-x 14 lukas_mueller samba 512 26 Sep 20:33 lukas_mueller Is this user have problems with write permission ? I don't see any incorrect permissions, and hi must save his profile without any problems but users that haven't profiles cannot create them because they haven't write permission to /usr/local/samba/profiles. I see two sollutions: 1. chmod 775 /usr/local/samba/profiles 2. manualy create users directories as root and each of them chown to user drwxr-xr-x 13 root samba 512 26 Sep 20:24 root - ... and I have to admit, I don't know who group is. I don't have it in my /etc/group. How do I change permissions for .. then? Uli. Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
samba server as a PDC
Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
On Wed, Sep 25, 2002 at 10:10:34PM +, Peter Ulrich Kruppa wrote: Date: Wed, 25 Sep 2002 22:10:34 + (GMT) From: [EMAIL PROTECTED] (Peter Ulrich Kruppa) To: [EMAIL PROTECTED] Subject: samba server as a PDC Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . What ls -al /usr/local/samba/profiles show? My is : # ls -al profiles total 4 drwxr-xr-x 4 DomainAdmin DomainAdmins 512 Jul 15 23:04 . drwxr-xr-x 5 root wheel 512 Jul 15 21:16 .. drwx-- 13 DomainAdmin DomainAdmins 512 Jul 19 23:32 DomainAdmin drwx-- 13 DomainUser DomainUsers 512 Jul 26 22:15 DomainUser [snip] Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: samba server as a PDC
The following is a minimal profile share [profile] path = /export/profile create mask = 0600 directory mask = 0700 nt acl support = no read only = no looks like nt acl support = no is key from README.Win2kSP2 hth, Dave On Wed, 25 Sep 2002 22:10:34 + (GMT) [EMAIL PROTECTED] (Peter Ulrich Kruppa) wrote: Hi, I am trying to set up a samba server as a primary domain controller for about 30 NT and Win2000 machines (and about 800 users). Password administration and homes services seem to work ok. But the machines should also be able to read the user's profile from the server when logging on and write them back when logging off(roaming profiles). This only works for users with root access to the server. Ordinary users can read their profile when starting up, but logging off they receive an access denied message. I guess, I have to set permissions correctly, but I have no idea how. My users belong to group called samba, their profiles are stored in a directory /usr/local/samba/profiles . Any idea what could be done? Thanks for your answers. Uli. *---* *Peter Ulrich Kruppa* * - Wuppertal - * * Germany * *---* To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message