Re: [Samba] How to use local profiles in samba PDC?
On Tue, Jul 28, 2009 at 5:38 PM, Miguel Medalhamiguelmeda...@sapo.pt wrote: Ah. I thought that the stanza would just disable roaming profiles. logon path = I misunderstood your question because your subject line says How to use local profiles in samba PDC. Well, you must have a netlogon share containing a Default User profile. The process is described in the Samba documents I pointed you to. I was hoping to use a mix, and not just one or the other. I did try having a Default User profile in netlogon, and in profiles, but it didn't do anything. I tried with various permissions and ownerships, with a blank directory, with a blank directory tree (empty dirs for the common things like My documents, etc), and with a copy of the Default User directory from an XP Pro box. None of the combinations seemed to work. I'm not positive I tried all combinations in both netlogon and profiles though. The samba PDC will replace an old NT domain we have here, so to start with, it needs to support local profiles. I'd like to move to roaming, with the redirection, but the important part right now is that local work. So far the only way I've gotten local profiles to work is by disabling roaming via the logon path = line you suggested. Before disabling them I was playing with the redirected folders via an NTConfig.POL file I made using the custom.adm template from http://www.pcc-services.com/custom_poledit.html . The results were mixed, but that was probably due to my being new to it. Anyway I digress. You say that if I enable roaming profiles, and have a Default User profile in netlogon, I should be able to have a mix of local and roaming profiles? --Kyle -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
Kyle, You might also need to populate this setting: A) Only allowing local profiles and disabling roaming profiles: (start-run-gpedit.msc-Local Computer Policy-Computer Configuration-Administratrive Templates-System-User Profiles As a result, each user gets a profile created in C:\Documents and Settings\username Kyle Schmitt wrote: How do you enable local profile creation on machines connected to a samba PDC? I thought it would be automatic, but it doesn't seem to be. If there isn't a roving profile, windows complains it can't find your profile on the server, then instead of creating a local one, it throws up this message: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. I thought perhaps it needed a Default User profile served over the network, but adding such a profile to my config didn't help anything. I wouldn't think it was something to do in my smb.conf, but it's below, just in case it helps. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
On Wed, Jul 29, 2009 at 10:52 AM, Christopher Perrycpe...@hmdc.harvard.edu wrote: A) Only allowing local profiles and disabling roaming profiles: (start-run-gpedit.msc-Local Computer Policy-Computer Configuration-Administratrive Templates-System-User Profiles Why don't you just use pdbedit? smb.conf: logon path = /path/to/logon Then: # pdbedit -p user-with-no-roaming-profile The default is to have a roaming profile. You disable it for certain users. I remember doing this once for a customer. It worked perfectly. HTH, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] How to use local profiles in samba PDC?
How do you enable local profile creation on machines connected to a samba PDC? I thought it would be automatic, but it doesn't seem to be. If there isn't a roving profile, windows complains it can't find your profile on the server, then instead of creating a local one, it throws up this message: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. I thought perhaps it needed a Default User profile served over the network, but adding such a profile to my config didn't help anything. I wouldn't think it was something to do in my smb.conf, but it's below, just in case it helps. Thanks --Kyle [global] workgroup = DEVDOMAIN passdb backend = ldapsam log level = 1 name resolve order = wins lmhosts hosts bcast logon script = logon.bat #This is used for roaming profiles logon path = \\dvpdc01.testcompany.com\profiles\%U logon drive = U: logon home = \\dvpdc01.testcompany.com\%U domain logons = Yes os level = 64 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=admin,dc=devdomain,dc=com ldap delete dn = Yes ldap group suffix = ou=groups ldap idmap suffix = ou=idmap ldap machine suffix = ou=computers ldap suffix = dc=devdomain,dc=com ldap user suffix = ou=users ldap password sync = yes idmap domains = DEVDOMAIN idmap backend = ldap:ldap://localhost idmap alloc backend = ldap winbind use default domain = Yes idmap alloc config:range = 5-50 idmap alloc config:ldap_url = ldap://localhost idmap alloc config:ldap_user_dn = cn=admin,dc=devdomain,dc=com idmap alloc config:ldap_base_dn = ou=idmap,dc= devdomain,dc=com idmap config DEVDOMAIN:range = 5-50 idmap config DEVDOMAIN:ldap_url = ldap://localhost idmap config DEVDOMAIN:ldap_user_dn = cn=admin,dc= devdomain,dc=com idmap config DEVDOMAIN:ldap_base_dn = ou=idmap,dc= devdomain,dc=com idmap config DEVDOMAIN:default = yes idmap config DEVDOMAIN:readonly = no idmap config DEVDOMAIN:backend = ldap ldapsam:editposix = yes ldapsam:trusted = yes #Templates template homedir = /home/%U template shell = /bin/false [homes] comment = Home Directories valid users = %S read only = No create mask = 0640 directory mask = 0750 browseable = No [IT] path = /home/IT comment= IT stuff valid users = @IT read only = no create mask = 0660 directory mask = 0770 browseable = yes [netlogon] path = /var/lib/samba/netlogon browseable = no write list = @wheel @domadmins [profiles] path = /var/lib/samba/profiles writeable = yes create mask = 0700 directory mask = 0700 browsable = no valid users = @wheel @domusers @domadmins -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
How do you enable local profile creation on machines connected to a samba PDC? In smb.conf: logon path = [meaning nothing after the = sign] Samba HOWTO Collection Desktop Profile Management http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ProfileMgmt.html Samba 3 by Example: Windows Client Configuration http://us1.samba.org/samba/docs/man/Samba-Guide/happy.html#id2581407 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
On Tue, Jul 28, 2009 at 3:56 PM, Miguel Medalhamiguelmeda...@sapo.pt wrote: How do you enable local profile creation on machines connected to a samba PDC? In smb.conf: logon path = [meaning nothing after the = sign] Ah. I thought that the stanza would just disable roaming profiles. logon path = Do I take it that there is no good way to have a mix of local roaming profiles? IE: where if the user has a profile on the server they get it, otherwise they use a local? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
logon path = will disable automatic roaming profile settings. You can still define roaming (or mandatory) profiles on a per user basis using user manager from the NT admin tools. Tony Hoover, Network Administrator KSU - Salina, College of Technology and Aviation (785) 826-2660 Don't Blend in... -Original Message- From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] On Behalf Of Kyle Schmitt Sent: Tuesday, July 28, 2009 4:17 PM Cc: samba Subject: Re: [Samba] How to use local profiles in samba PDC? On Tue, Jul 28, 2009 at 3:56 PM, Miguel Medalhamiguelmeda...@sapo.pt wrote: How do you enable local profile creation on machines connected to a samba PDC? In smb.conf: logon path = [meaning nothing after the = sign] Ah. I thought that the stanza would just disable roaming profiles. logon path = Do I take it that there is no good way to have a mix of local roaming profiles? IE: where if the user has a profile on the server they get it, otherwise they use a local? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
Ah. I thought that the stanza would just disable roaming profiles. logon path = I misunderstood your question because your subject line says How to use local profiles in samba PDC. Well, you must have a netlogon share containing a Default User profile. The process is described in the Samba documents I pointed you to. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to use local profiles in samba PDC?
Do I take it that there is no good way to have a mix of local roaming profiles? IE: where if the user has a profile on the server they get it, otherwise they use a local? You will benefit a lot by reading the section about redirected profile folders. I suppose it will do what you want. I sometimes use local profiles for my users except for the My Documents, Desktop, Favorites, Application Settings, etc. which are redirected and reside on the PDC. Besides some particular cases, the use of full roaming profiles is just not convenient these days because users keep gigabytes of files in their folders. The workstation would take a eternity to login to the domain. Redirected folders solve this problem since the files never leave the server and are available to all workstations from which the user logs in. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba