Re: [Samba] Unable to re-connect to roaming profile in samba4
In case this helps anyone else with this issue: Both these problems were resolved by switching from the Ubuntu/Debian package (4.0.0+dfsg1-1) to the current git head (c932b139c8). - Nick On Fri, Feb 8, 2013 at 7:22 PM, Nick Semenkovich seme...@syndetics.net wrote: Still can't figure this out. The client-side logs show two entries: 1. The error in the first message The processing of Group Policy failed. 2. A DNS processing failure: The system failed to register host (A or ) resource records (RRs) for network adapter with settings ... At debug level 5, Samba4 shows no DNS problems, and says Got a dns update request. All updates allowed. http://pastebin.com/fYrd9F1W - Nick On Thu, Feb 7, 2013 at 8:59 PM, Nick Semenkovich seme...@syndetics.net wrote: I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem to get roaming profiles working (I followed the guide at https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO ) 1. Logons work just fine. 2. DNS is configured and working, running through SAMBA_INTERNAL 3. Clients can talk to the server and see/access shares at \\server.corp.domain.com 4. Clients are all Windows 8 and NTP time synced 5. Permissions seem OK (the profiles directory is currently chmod 777 -- without that, only the Administrator seemed to be able to create their own profile ...) 6. General users can log in/out (which creates a profile, if profiles is chmod 777) but a subsequent login can't access it, with a generic Windows 8 roaming profile error. Not really sure where to go from here. I've tried: - Rebuilding the domain re-joining machines - Ultra-lax permissions - Adding users via the samba-tool versus AD tools in Windows At client logon, the samba4 logs (with a debug level of 4) show a collection of: Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] and a few Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] (Not sure if they're related) Notably, the client machines (all on Win 8) show nearly nothing in the Event Log, except a Group Policy failure: The processing of Group Policy failed. Windows attempted to read the file \\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled. (Manually connecting to that gpi.ini file works perfectly) Not really sure what's going on here. The only oddities I see are: * I can't get the old add user script function to work. As a result, client usernames seem to just have a UID on the linux side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb 7 20:34 test.V2) Any way around that? * When profiles are created, they're appended with .V2 -- Do I need to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't imagine that's the case ...) I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv Any advice? Thanks! Nick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to re-connect to roaming profile in samba4
Still can't figure this out. The client-side logs show two entries: 1. The error in the first message The processing of Group Policy failed. 2. A DNS processing failure: The system failed to register host (A or ) resource records (RRs) for network adapter with settings ... At debug level 5, Samba4 shows no DNS problems, and says Got a dns update request. All updates allowed. http://pastebin.com/fYrd9F1W - Nick On Thu, Feb 7, 2013 at 8:59 PM, Nick Semenkovich seme...@syndetics.net wrote: I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem to get roaming profiles working (I followed the guide at https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO ) 1. Logons work just fine. 2. DNS is configured and working, running through SAMBA_INTERNAL 3. Clients can talk to the server and see/access shares at \\server.corp.domain.com 4. Clients are all Windows 8 and NTP time synced 5. Permissions seem OK (the profiles directory is currently chmod 777 -- without that, only the Administrator seemed to be able to create their own profile ...) 6. General users can log in/out (which creates a profile, if profiles is chmod 777) but a subsequent login can't access it, with a generic Windows 8 roaming profile error. Not really sure where to go from here. I've tried: - Rebuilding the domain re-joining machines - Ultra-lax permissions - Adding users via the samba-tool versus AD tools in Windows At client logon, the samba4 logs (with a debug level of 4) show a collection of: Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] and a few Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] (Not sure if they're related) Notably, the client machines (all on Win 8) show nearly nothing in the Event Log, except a Group Policy failure: The processing of Group Policy failed. Windows attempted to read the file \\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled. (Manually connecting to that gpi.ini file works perfectly) Not really sure what's going on here. The only oddities I see are: * I can't get the old add user script function to work. As a result, client usernames seem to just have a UID on the linux side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb 7 20:34 test.V2) Any way around that? * When profiles are created, they're appended with .V2 -- Do I need to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't imagine that's the case ...) I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv Any advice? Thanks! Nick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Unable to re-connect to roaming profile in samba4
I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem to get roaming profiles working (I followed the guide at https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO ) 1. Logons work just fine. 2. DNS is configured and working, running through SAMBA_INTERNAL 3. Clients can talk to the server and see/access shares at \\server.corp.domain.com 4. Clients are all Windows 8 and NTP time synced 5. Permissions seem OK (the profiles directory is currently chmod 777 -- without that, only the Administrator seemed to be able to create their own profile ...) 6. General users can log in/out (which creates a profile, if profiles is chmod 777) but a subsequent login can't access it, with a generic Windows 8 roaming profile error. Not really sure where to go from here. I've tried: - Rebuilding the domain re-joining machines - Ultra-lax permissions - Adding users via the samba-tool versus AD tools in Windows At client logon, the samba4 logs (with a debug level of 4) show a collection of: Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] and a few Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] (Not sure if they're related) Notably, the client machines (all on Win 8) show nearly nothing in the Event Log, except a Group Policy failure: The processing of Group Policy failed. Windows attempted to read the file \\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following: a) Name Resolution/Network Connectivity to the current domain controller. b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller). c) The Distributed File System (DFS) client has been disabled. (Manually connecting to that gpi.ini file works perfectly) Not really sure what's going on here. The only oddities I see are: * I can't get the old add user script function to work. As a result, client usernames seem to just have a UID on the linux side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb 7 20:34 test.V2) Any way around that? * When profiles are created, they're appended with .V2 -- Do I need to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't imagine that's the case ...) I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv Any advice? Thanks! Nick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba