Re: [Samba] Unable to re-connect to roaming profile in samba4
In case this helps anyone else with this issue:
Both these problems were resolved by switching from the Ubuntu/Debian
package (4.0.0+dfsg1-1) to the current git head (c932b139c8).
- Nick
On Fri, Feb 8, 2013 at 7:22 PM, Nick Semenkovich seme...@syndetics.net wrote:
Still can't figure this out.
The client-side logs show two entries:
1. The error in the first message The processing of Group Policy failed.
2. A DNS processing failure:
The system failed to register host (A or ) resource records
(RRs) for network adapter with settings ...
At debug level 5, Samba4 shows no DNS problems, and says Got a dns
update request. All updates allowed. http://pastebin.com/fYrd9F1W
- Nick
On Thu, Feb 7, 2013 at 8:59 PM, Nick Semenkovich seme...@syndetics.net
wrote:
I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem
to get roaming profiles working (I followed the guide at
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO )
1. Logons work just fine.
2. DNS is configured and working, running through SAMBA_INTERNAL
3. Clients can talk to the server and see/access shares at
\\server.corp.domain.com
4. Clients are all Windows 8 and NTP time synced
5. Permissions seem OK (the profiles directory is currently chmod
777 -- without that, only the Administrator seemed to be able to
create their own profile ...)
6. General users can log in/out (which creates a profile, if profiles
is chmod 777) but a subsequent login can't access it, with a generic
Windows 8 roaming profile error.
Not really sure where to go from here. I've tried:
- Rebuilding the domain re-joining machines
- Ultra-lax permissions
- Adding users via the samba-tool versus AD tools in Windows
At client logon, the samba4 logs (with a debug level of 4) show a collection
of:
Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
and a few
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
(Not sure if they're related)
Notably, the client machines (all on Win 8) show nearly nothing in the
Event Log, except a Group Policy failure:
The processing of Group Policy failed. Windows attempted to read the
file
\\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini
from a domain controller and was not successful. Group Policy settings
may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain
controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
(Manually connecting to that gpi.ini file works perfectly)
Not really sure what's going on here. The only oddities I see are:
* I can't get the old add user script function to work.
As a result, client usernames seem to just have a UID on the linux
side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb
7 20:34 test.V2)
Any way around that?
* When profiles are created, they're appended with .V2 -- Do I need
to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't
imagine that's the case ...)
I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv
Any advice?
Thanks!
Nick
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to re-connect to roaming profile in samba4
Still can't figure this out.
The client-side logs show two entries:
1. The error in the first message The processing of Group Policy failed.
2. A DNS processing failure:
The system failed to register host (A or ) resource records
(RRs) for network adapter with settings ...
At debug level 5, Samba4 shows no DNS problems, and says Got a dns
update request. All updates allowed. http://pastebin.com/fYrd9F1W
- Nick
On Thu, Feb 7, 2013 at 8:59 PM, Nick Semenkovich seme...@syndetics.net wrote:
I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem
to get roaming profiles working (I followed the guide at
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO )
1. Logons work just fine.
2. DNS is configured and working, running through SAMBA_INTERNAL
3. Clients can talk to the server and see/access shares at
\\server.corp.domain.com
4. Clients are all Windows 8 and NTP time synced
5. Permissions seem OK (the profiles directory is currently chmod
777 -- without that, only the Administrator seemed to be able to
create their own profile ...)
6. General users can log in/out (which creates a profile, if profiles
is chmod 777) but a subsequent login can't access it, with a generic
Windows 8 roaming profile error.
Not really sure where to go from here. I've tried:
- Rebuilding the domain re-joining machines
- Ultra-lax permissions
- Adding users via the samba-tool versus AD tools in Windows
At client logon, the samba4 logs (with a debug level of 4) show a collection
of:
Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
and a few
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
(Not sure if they're related)
Notably, the client machines (all on Win 8) show nearly nothing in the
Event Log, except a Group Policy failure:
The processing of Group Policy failed. Windows attempted to read the
file
\\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini
from a domain controller and was not successful. Group Policy settings
may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain
controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
(Manually connecting to that gpi.ini file works perfectly)
Not really sure what's going on here. The only oddities I see are:
* I can't get the old add user script function to work.
As a result, client usernames seem to just have a UID on the linux
side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb
7 20:34 test.V2)
Any way around that?
* When profiles are created, they're appended with .V2 -- Do I need
to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't
imagine that's the case ...)
I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv
Any advice?
Thanks!
Nick
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] Unable to re-connect to roaming profile in samba4
I've just configured Samba4 on Ubuntu (4.0.0+dfsg1-1), and can't seem
to get roaming profiles working (I followed the guide at
https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO )
1. Logons work just fine.
2. DNS is configured and working, running through SAMBA_INTERNAL
3. Clients can talk to the server and see/access shares at
\\server.corp.domain.com
4. Clients are all Windows 8 and NTP time synced
5. Permissions seem OK (the profiles directory is currently chmod
777 -- without that, only the Administrator seemed to be able to
create their own profile ...)
6. General users can log in/out (which creates a profile, if profiles
is chmod 777) but a subsequent login can't access it, with a generic
Windows 8 roaming profile error.
Not really sure where to go from here. I've tried:
- Rebuilding the domain re-joining machines
- Ultra-lax permissions
- Adding users via the samba-tool versus AD tools in Windows
At client logon, the samba4 logs (with a debug level of 4) show a collection of:
Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
and a few
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
(Not sure if they're related)
Notably, the client machines (all on Win 8) show nearly nothing in the
Event Log, except a Group Policy failure:
The processing of Group Policy failed. Windows attempted to read the
file
\\corp.domain.com\sysvol\corp.domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini
from a domain controller and was not successful. Group Policy settings
may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain
controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
(Manually connecting to that gpi.ini file works perfectly)
Not really sure what's going on here. The only oddities I see are:
* I can't get the old add user script function to work.
As a result, client usernames seem to just have a UID on the linux
side (their profiles show up as: drwxr-xr-x 14 315 users 4.0K Feb
7 20:34 test.V2)
Any way around that?
* When profiles are created, they're appended with .V2 -- Do I need
to add .V2 to the profile path setting, e.g. %USERNAME%.V2? (I can't
imagine that's the case ...)
I've pasted my smb.conf to: http://pastebin.com/DQDkGxsv
Any advice?
Thanks!
Nick
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
