Hello All, I am getting this error when I try to join my Win2K m/c to Samba, Windows cannot log you on because the profile cannot be loaded. Contact your network administrator. DETAIL - The system cannot find the file specified. I dont want Roaming profile to be implemented, I just want to give users local profiles only. When the client tries to logon to the PDC it looks for a profile to download where do I put this default profile. Please help me I am totally lost with this error from past two days I tried everything & googled around quite a bit but of no help. Please help me. TIA Manjunath DISCLAIMER: This e-mail and any attachment (s) is for authorised use by the intended recipient (s) only. It may contain proprietary material, confidential information and/or be subject to the legal privilege of iWave Systems Technologies Private Limited. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from retaining, using, copying, alerting or disclosing the content of this message. Thank you for your co-operation.
On Tue, 4 Feb 2003, Manjunath H N wrote:> Hello All, > > I am getting this error when I try to join my Win2K m/c to Samba, > > Windows cannot log you on because the profile cannot be loaded. Contact your > network administrator.Send me your smb.conf off-line. I'll check it out.> DETAIL - The system cannot find the file specified. > > I dont want Roaming profile to be implemented, I just want to give users > local profiles only.Your choices are: 1. Local profiles - I know of no registry keys that will allow auto-deletion of LOCAL profiles on log out 2. Roaming profiles - your options here are: - can use auto-delete on logout option - requires a registry key change on workstation a) Personal Roaming profiles - should be preserved on a central server - workstations 'cache' (store) a local copy - used in case the profile can not be downloaded at next logon b) Group profiles - loaded from a cetral place c) Mandatory profiles - can be personal or group - can NOT be changed (except by an administrator A WinNT4/2K/XP profile can vary in size from 130KB to off the scale. Outlook PST files are most often part of the profile and can be many GB in size. On average (in a well controlled environment) roaming profie size of 2MB is a good rule of thumb to use for planning purposes. In an undisciplined environment I have seen up to 2GB profiles. Users tend to complain when it take an hour to log onto a workstation but they harvest the fuits of folly (and ignorance). The point of all the above is to show that roaming profiles and good controls of how they can be changed as well as good discipline make up for a problem free site. PS: Microsoft's answer to the PST problem is to store all email in an MS Exchange Server back-end. But this is another story ...! So, having LOCAL profiles means: a) If lots of users user each machine - lot's of local disk storage needed for local profiles b) Every workstation the user logs into has it's own profile - can be very different from machine to machine On the other hand, having roaming profiles means: a) The network administrator can control EVERY aspect of user profiles b) With the use of mandatory profiles - a drastic reduction in network management overheads c) User unhappiness about not being able to change their profiles soon fades as they get used to being able to work reliably But note: I have managed and installed MANY NT/2K networks and have NEVER found one where users who move from machine to machine are happy with local profiles. In the long run local profiles bite them.> When the client tries to logon to the PDC it looks for a profile to download > where do I put this default profile.Firstly, your samba server need to be configured as a domain controller. server = user os level = 32 (or more) domain logons = Yes Plus you need to have a NETLOGON share that is world readable. It is a good idea to add a logon script to pre-set printer and drive connections. There is also a facility for automatically synchronizing the workstation time clock with that of the logon server (another good thing to do). Note: To invoke auto-deletion of roaming profile from the local workstation cache (disk storage) you need to use the Group Policy Editor to create a file called NTConfig.POL with the appropriate entries. This file needs to be located in the NETLOGON share root directory. Oh, of course the windows clients need to be members of the domain. Workgroup machines do NOT do network logons - so they never see domain profiles. Secondly, for roaming profiles you need: logon path = \\%N\profiles\%U (with some such path) logon drive = H: (Z: is the default) Plus you need a PROFILES share that is world writable.> Please help me I am totally lost with this error from past two days I tried > everything & googled around quite a bit but of no help. Please help me.I hope this helps you. - John T. -- John H Terpstra Email: jht@samba.org
Also with the same settings & Roaming profiles enabled I can log onto the server from a NT & 98 m/c but only Win2K m/c I am getting the following error Windows cannot log you on because the profile cannot be loaded. Contact your network administrator. DETAIL - The system cannot find the file specified. On Tuesday, February 04, 2003 10:42 PM Manjunath H N <manjunath@iwavesystems.com> wrote:> On Tuesday, February 04, 2003 9:59 PM > John H Terpstra <jht@samba.org> wrote: > >> On Tue, 4 Feb 2003, Manjunath H N wrote: >> >>> Hello All, >>> >>> I am getting this error when I try to join my Win2K m/c to Samba, >>> >>> Windows cannot log you on because the profile cannot be loaded. >>> Contact your network administrator. >> >> Send me your smb.conf off-line. I'll check it out. > > This is my smb.conf file > > # Global parameters > [global] > workgroup = MYGROUP > netbios name = SERVER > server string = Samba Server > encrypt passwords = Yes > obey pam restrictions = Yes > pam password change = Yes > passwd program = /usr/bin/passwd %u > passwd chat = *New*password* %n\n *Retype*new*password* %n\n > *passwd:*all*authentication*tokens*updated*successfully* > password level = 23 > username level = 23 > unix password sync = Yes > log file = /var/log/samba/%m.log > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > load printers = No > domain admin group = root > add user script = /usr/sbin/useradd -d /dev/null -g 100 -s > /bin/false -M %u > delete user script = /usr/sbin/userdel %u > logon path = \\%L\profiles\%a\%U > logon home = \\%L\%U\.profiles > domain logons = Yes > os level = 64 > preferred master = True > domain master = True > dns proxy = No > wins server = 192.168.2.253 > winbind uid = 500-1000 > winbind gid = 500-1000 > admin users = root administrator > printing = lprng > > [homes] > comment = Home Directories > # valid users = %S > read only = No > create mask = 0664 > directory mask = 0775 > browseable = No > > [netlogon] > comment = Logon Scripts & Policies > path = /home/netlogon > create mask = 0644 > directory mask = 0755 > writeable = no > guest ok = no > > [profiles] > comment = Profiles Directory > path = /home/profiles > read only = No > create mask = 0700 > directory mask = 0700 > nt acl support = No > > [home] > comment = Home Directories > path = /home > valid users = administrator root > read only = No > >> Plus you need to have a NETLOGON share that is world readable. >> It is a good idea to add a logon script to pre-set printer and >> drive connections. There is also a facility for automatically >> synchronizing the workstation time clock with that of the logon >> server (another good thing to do). > > [manjunath@server home]$ ll > total 44 > drwx------ 3 administrator administrator 4096 Jan 28 > 12:01 administrator > drwx------ 6 manjunath manjunath 4096 Feb 4 > 21:53 manjunath > drwxrwxr-x 2 root root 4096 Feb > 4 13:21 netlogon > drwxrwxrwt 4 root root 4096 Feb > 4 21:43 profiles > > >> Secondly, for roaming profiles you need: >> >> logon path = \\%N\profiles\%U (with some such path) >> logon drive = H: (Z: is the default) >> >> Plus you need a PROFILES share that is world writable. > > It has been done > >>> Please help me I am totally lost with this error from past two days >>> I tried everything & googled around quite a bit but of no help. >>> Please help me. >> >> I hope this helps you. >> >> - John T. > Awaiting more help from you. > > -- ManjunathDISCLAIMER: This e-mail and any attachment (s) is for authorised use by the intended recipient (s) only. It may contain proprietary material, confidential information and/or be subject to the legal privilege of iWave Systems Technologies Private Limited. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from retaining, using, copying, alerting or disclosing the content of this message. Thank you for your co-operation.