"David González Herrera - [DGHVoIP]"
2013-May-30 15:52 UTC
[Samba] Samba 4 and Profile directory issues.
Hi, On 5/30/2013 8:17 AM, Ricky Nance wrote:> Are you logged in as DOMAIN\Administrator to the windows machine?My own dumb mistakes, I created a remote desktop connection to that server and hadn't noticed I as logged in as a non admin user. Now home directories are created as it should and profile directories are too, but with the .V2 extension. I stheis the expected behavior?, I read that this might happoen uf I had mixed Windows clients WXP, Win7 but I just have one client and it's a Win7 one. Thanks for your advise it really helped. me.> > Ricky > > > On Thu, May 30, 2013 at 12:16 AM, "David Gonz?lez Herrera - [DGHVoIP]" > <info at dghvoip.com <mailto:info at dghvoip.com>> wrote: > > On 5/28/2013 6:59 PM, Ricky Nance wrote: >> Odd thing, your mail was from several days ago, but it just came >> through on my stuff today. Lets try a couple of things, try >> changing [users] to [homes] and also adding a line under global: > Done >> >> template homedir = /home/%ACCOUNTNAME% > Done > >> >> Also, comment out the directory_mode line, restart samba and then >> try setting it in in your active directory users and computers as >> \\10.10.10.5\homes\%USERNAME% and see if it works. Also can you >> double check after these changes that your windows user can still >> write to \\10.10.10.5\homes as well? > Done too but now, when I select a group of users and try to change > their properties the Home and Profile fields to > \\10.10.10.5\homes\%USERNAME% it returns Access is Denied (I > haven't created any home directory) it usually created the > directories automatically after the PAM changes and all of your > suggestions it can't be done anymore, I-m sure it's due to some > permission thing but I just can't fiure it out myself. > > Thanks for your help. > >> >> Thanks, >> Ricky >> >> >> On Tue, May 28, 2013 at 6:43 PM, "David Gonz?lez Herrera - >> [DGHVoIP]" <info at dghvoip.com <mailto:info at dghvoip.com>> wrote: >> >> Hi Ricky, >> >> Thank you very much for your reply, I dropped my subscription >> to the list because no one seems to care about these >> questions in there, then I guess what's that list for if they >> won't answer or at least point people to a link that won't >> take 30secs, well anyways.... >> >> >> On 5/28/2013 4:44 PM, Ricky Nance wrote: >>> First think you should check is to see if winbind is setup >>> properly (resolving names in Ubuntu as it should be) if not, >>> have a look at >>> https://wiki.samba.org/index.php/Samba4/Winbind#Using_libnss_winbind (section >>> 2 is the important one, section 3 is if you need *nix to >>> authenticate using samba). >> Ok, did all of these steps and everything seems to work, >> except that I can't login to the *nix box (ubuntu Serevr >> 12.04) using the AD users but system users can, that's good :) >> >> >> >>> A quick test would be mkdir /home/test && chown someADuser >>> /home/test && ls -alhd /home/test (replace someADuser with >>> one of your AD users). If that is working as expected, then >>> the user you are logged into windows with may not have >>> permissions to write to your Users share, if both of those >>> are good, paste your [users] section of your smb.conf and we >>> will go from there. >> This worked fine indeed, >> >> root at samba:~# mkdir /home/test && chown dominic /home/test && >> ls -alhd /home/test >> drwxr-xr-x 2 MUNDO\dominic root 4.0K May 29 01:34 /home/test >> >> >> My smb.conf looks like this: >> >> root at samba:~# cat /usr/local/samba/etc/smb.conf >> # Global parameters >> [global] >> workgroup = MUNDO >> realm = mundo.local >> netbios name = SAMBA >> server role = active directory domain controller >> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, >> kdc, drepl, winbind, ntp_signd, kcc, dnsupdate >> template shell = /bin/bash >> >> # Debug logging information >> log level = 4 >> log file = /var/log/samba.log >> max log size = 50 >> debug timestamp = yes >> bind interfaces only = yes >> interfaces = eth1 >> wins support = yes >> >> [users] >> directory_mode: parameter = 0700 >> path = /home >> comment = Users Home Share >> read only = no >> browsable = yes >> >> [profiles] >> path = /usr/local/samba/var/profiles >> browseable = no >> read only = no >> writable = yes >> store dos attributes = Yes >> directory mask = 0700 >> create mask = 0600 >> printable = no >> profile acls = yes >> csc policy = disable >> >> >> [netlogon] >> path >> /usr/local/samba/var/locks/sysvol/mundo.local/scripts >> read only = No >> >> [sysvol] >> path = /usr/local/samba/var/locks/sysvol >> read only = No >> >> Thanks again. >> >> >>> >>> Ricky >>> >>> >>> On Mon, May 20, 2013 at 7:50 PM, "David Gonz?lez Herrera - >>> [DGHVoIP]" <info at dghvoip.com <mailto:info at dghvoip.com>> wrote: >>> >>> Hi List, >>> >>> I've been using S4 for some time now and I'm deploying >>> it on our company, I'm using it as backend auth for many >>> of our services, OpenVPN*AS, GroupOffice, Openfire and >>> some others and it works like a charm. >>> >>> Now I want to tell you what I'm facing, I have a Win7 >>> running the AD admin. too and I can see everything >>> users, groups all, I've created a dozen users and I want >>> them to have a home directory but when I try to do that >>> from the admin control tools and on the profile tab I >>> input \\10.10.10.5\Users\%username% and I see no errors >>> and the weirdest thing si thatwhen I browse the Users >>> share on the server I see the directory, can write to >>> it, create directories, files etc; but the directory is >>> not created on the physical server which has my head >>> spinning, might this be a bug, or something I'm doing wrong. >>> >>> Samba Version >>> Version 4.1.0pre1-GIT-1a7bd5e >>> >>> Linux Version >>> root at samba:~# uname -a >>> Linux samba 3.5.0-30-generic #51~precise1-Ubuntu SMP Wed >>> May 15 08:48:19 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux >>> >>> Everything was done as per the Samba4 wiki, sorry if >>> this has been answered before and if you can please >>> refer me to the proper thread so I can see if I can >>> solve the issue. >>> >>> Thanks for a great project. >>> >>> Cheers. >>> >>> >> --- >> David >> >> > >
Yes, with all versions of windows after XP the .V2 will be appended to the usernames, if you have a mix of pre-XP and post-XP machines you will end up with 2 profiles per user. Glad its working for you, Ricky On Thu, May 30, 2013 at 10:52 AM, "David Gonz?lez Herrera - [DGHVoIP]" < info at dghvoip.com> wrote:> Hi, > > > On 5/30/2013 8:17 AM, Ricky Nance wrote: > > Are you logged in as DOMAIN\Administrator to the windows machine? > > My own dumb mistakes, I created a remote desktop connection to that server > and hadn't noticed I as logged in as a non admin user. > > Now home directories are created as it should and profile directories are > too, but with the .V2 extension. I stheis the expected behavior?, I read > that this might happoen uf I had mixed Windows clients WXP, Win7 but I just > have one client and it's a Win7 one. > > > Thanks for your advise it really helped. me. > > > Ricky > > > On Thu, May 30, 2013 at 12:16 AM, "David Gonz?lez Herrera - [DGHVoIP]" < > info at dghvoip.com> wrote: > >> On 5/28/2013 6:59 PM, Ricky Nance wrote: >> >> Odd thing, your mail was from several days ago, but it just came through >> on my stuff today. Lets try a couple of things, try changing [users] to >> [homes] and also adding a line under global: >> >> Done >> >> >> template homedir = /home/%ACCOUNTNAME% >> >> Done >> >> >> Also, comment out the directory_mode line, restart samba and then try >> setting it in in your active directory users and computers as >> \\10.10.10.5\homes\%USERNAME% and see if it works. Also can you double >> check after these changes that your windows user can still write to >> \\10.10.10.5\homes as well? >> >> Done too but now, when I select a group of users and try to change their >> properties the Home and Profile fields to \\10.10.10.5\homes\%USERNAME% it >> returns Access is Denied (I haven't created any home directory) it usually >> created the directories automatically after the PAM changes and all of your >> suggestions it can't be done anymore, I-m sure it's due to some permission >> thing but I just can't fiure it out myself. >> >> Thanks for your help. >> >> >> Thanks, >> Ricky >> >> >> On Tue, May 28, 2013 at 6:43 PM, "David Gonz?lez Herrera - [DGHVoIP]" < >> info at dghvoip.com> wrote: >> >>> Hi Ricky, >>> >>> Thank you very much for your reply, I dropped my subscription to the >>> list because no one seems to care about these questions in there, then I >>> guess what's that list for if they won't answer or at least point people to >>> a link that won't take 30secs, well anyways.... >>> >>> >>> On 5/28/2013 4:44 PM, Ricky Nance wrote: >>> >>> First think you should check is to see if winbind is setup properly >>> (resolving names in Ubuntu as it should be) if not, have a look at >>> https://wiki.samba.org/index.php/Samba4/Winbind#Using_libnss_winbind (section >>> 2 is the important one, section 3 is if you need *nix to authenticate using >>> samba). >>> >>> Ok, did all of these steps and everything seems to work, except that I >>> can't login to the *nix box (ubuntu Serevr 12.04) using the AD users but >>> system users can, that's good :) >>> >>> >>> >>> A quick test would be mkdir /home/test && chown someADuser /home/test >>> && ls -alhd /home/test (replace someADuser with one of your AD users). If >>> that is working as expected, then the user you are logged into windows with >>> may not have permissions to write to your Users share, if both of those are >>> good, paste your [users] section of your smb.conf and we will go from there. >>> >>> This worked fine indeed, >>> >>> root at samba:~# mkdir /home/test && chown dominic /home/test && ls -alhd >>> /home/test >>> drwxr-xr-x 2 MUNDO\dominic root 4.0K May 29 01:34 /home/test >>> >>> >>> My smb.conf looks like this: >>> >>> root at samba:~# cat /usr/local/samba/etc/smb.conf >>> # Global parameters >>> [global] >>> workgroup = MUNDO >>> realm = mundo.local >>> netbios name = SAMBA >>> server role = active directory domain controller >>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >>> drepl, winbind, ntp_signd, kcc, dnsupdate >>> template shell = /bin/bash >>> >>> # Debug logging information >>> log level = 4 >>> log file = /var/log/samba.log >>> max log size = 50 >>> debug timestamp = yes >>> bind interfaces only = yes >>> interfaces = eth1 >>> wins support = yes >>> >>> [users] >>> directory_mode: parameter = 0700 >>> path = /home >>> comment = Users Home Share >>> read only = no >>> browsable = yes >>> >>> [profiles] >>> path = /usr/local/samba/var/profiles >>> browseable = no >>> read only = no >>> writable = yes >>> store dos attributes = Yes >>> directory mask = 0700 >>> create mask = 0600 >>> printable = no >>> profile acls = yes >>> csc policy = disable >>> >>> >>> [netlogon] >>> path = /usr/local/samba/var/locks/sysvol/mundo.local/scripts >>> read only = No >>> >>> [sysvol] >>> path = /usr/local/samba/var/locks/sysvol >>> read only = No >>> >>> Thanks again. >>> >>> >>> >>> Ricky >>> >>> >>> On Mon, May 20, 2013 at 7:50 PM, "David Gonz?lez Herrera - [DGHVoIP]" < >>> info at dghvoip.com> wrote: >>> >>>> Hi List, >>>> >>>> I've been using S4 for some time now and I'm deploying it on our >>>> company, I'm using it as backend auth for many of our services, OpenVPN*AS, >>>> GroupOffice, Openfire and some others and it works like a charm. >>>> >>>> Now I want to tell you what I'm facing, I have a Win7 running the AD >>>> admin. too and I can see everything users, groups all, I've created a dozen >>>> users and I want them to have a home directory but when I try to do that >>>> from the admin control tools and on the profile tab I input >>>> \\10.10.10.5\Users\%username% and I see no errors and the weirdest thing si >>>> thatwhen I browse the Users share on the server I see the directory, can >>>> write to it, create directories, files etc; but the directory is not >>>> created on the physical server which has my head spinning, might this be a >>>> bug, or something I'm doing wrong. >>>> >>>> Samba Version >>>> Version 4.1.0pre1-GIT-1a7bd5e >>>> >>>> Linux Version >>>> root at samba:~# uname -a >>>> Linux samba 3.5.0-30-generic #51~precise1-Ubuntu SMP Wed May 15 >>>> 08:48:19 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux >>>> >>>> Everything was done as per the Samba4 wiki, sorry if this has been >>>> answered before and if you can please refer me to the proper thread so I >>>> can see if I can solve the issue. >>>> >>>> Thanks for a great project. >>>> >>>> Cheers. >>>> >>> >>> --- >>> David >>> >> >> >> > >