I notice that in the LDAP the profiles are store in a network share. Is it possible to use a different samba server not setup as a PDC/BDC to share these profile. for an example maybe setup a little samba box on a remote site, that stores profiles and home dirs, but still auth against the PDC. wouldnt that help keep network traffic on the WAN down?
On Thu, 2006-11-02 at 17:05 -0800, timothy johnson wrote:> I notice that in the LDAP the profiles are store in a network share. Is it > possible to use a different samba server not setup as a PDC/BDC to share > these profile. for an example maybe setup a little samba box on a remote > site, that stores profiles and home dirs, but still auth against the PDC. > wouldnt that help keep network traffic on the WAN down?---- shouldn't be difficult at all - with LDAP, each user's profile can be any path as designated. A samba member server can still use LDAP (via winbind or ldap) for authentication of users. Craig
Please keep replies on list... I think the solution is given in the below - which doesn't have anything to do with the Windows machine having the local user profile...the problem is the server where you are attempting to write the profile, neither the user nor the 'Administrators Group' has permissions to write the profile on that server. Probably a good idea to fix the permissions on that server share so profiles can be written there. Craig On Thu, 2006-11-02 at 17:34 -0800, timothy johnson wrote:> I tired this. setup a profiles share, same permissions as the PDC. > When I redir to the samba server I get the following. > > Windows did not load your roaming profile and is attempting to log you > on with your local profile. Changes to the profile will not be copied > to the server when you logoff. Windows did not load your profile > because a server copy of the profile folder already exists that does > not have the correct security. Either the current user or the > Administrator's group must be the owner of the folder. Contact your > network administrator. > > This is with a brand new user, so the machine doesnt have a local > profile. > > > On 11/2/06, Craig White <craigwhite@azapple.com> wrote: > On Thu, 2006-11-02 at 17:05 -0800, timothy johnson wrote: > > I notice that in the LDAP the profiles are store in a > network share. Is it > > possible to use a different samba server not setup as a > PDC/BDC to share > > these profile. for an example maybe setup a little samba box > on a remote > > site, that stores profiles and home dirs, but still auth > against the PDC. > > wouldnt that help keep network traffic on the WAN down? > ---- > shouldn't be difficult at all - with LDAP, each user's profile > can be > any path as designated. > > A samba member server can still use LDAP (via winbind or ldap) > for > authentication of users. > > Craig > > -- > To unsubscribe from this list go to the following URL and read > the > instructions: https://lists.samba.org/mailman/listinfo/samba >
I can state definitively that this works fine. It's an excellent way to reduce WAN traffic, and makes the login process MUCH faster. You're looking for the following LDAP attributes (taken from my PDC's smb.conf): sambaHomePath: \\SERVER\homes sambaProfilePath: \\SERVER\homes\PROFILE_DIR In my case, SERVER is a domain member server. Not sure if it'll work any other way.>>> "timothy johnson" <mr2bigjohnson@gmail.com> 11/2/2006 7:05 PM >>>I notice that in the LDAP the profiles are store in a network share. Is it possible to use a different samba server not setup as a PDC/BDC to share these profile. for an example maybe setup a little samba box on a remote site, that stores profiles and home dirs, but still auth against the PDC. wouldnt that help keep network traffic on the WAN down? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -------------- next part -------------- ------------------------------------------------- This email transmission and any documents, files or previous email messages attached to it may contain information that is confidential or legally privileged. If you are not the intended recipient, you are hereby notified that any disclosure, copying, printing, distributing or use of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by telephone or return email and delete the original transmission and its attachments without reading or saving in any manner. The Evangelical Lutheran Good Samaritan Society. ---------------------------------------------------------