Jobst Schmalenbach
2017-Jun-07 06:13 UTC
[CentOS] Domain Logout, then domain login again, profile corrupt -> replaced by TEMP profile
Hi I have had this problem for a while, but waited to post this until I upgraded to see whether the upgrade would fix it. I upgraded samba to the 4.2.X stream from 3.6.X stream, but it happens on both, 3.6.X and 4.2.10. Whenever someone logs out, then in again the profile gets corrupted and a new TEMP profile is created (the dreadful "creating new desktop"). Now I do not know where this problem is - the desktop or the server. It also happens if you wait 1/2 hour or so, never tried it longer. I can quickly fix this by: - tell the user to log out - rsync -avHAX the profile with yesterdays profile - tell the user to log in again Now if I log out on my workstation, then on the server I do a "smb reload", then log in again this problem does not happen. This morning a person logged out of his workstation, went over to the bigscreen in one of our training rooms and logged in there, then logged out, went over to his machine but got the dreadful "preparing desktop" on login .... Anybody got any idea? thanks Jobst Here is some info: ~~~~~~~~~~~~~~~~~~ All latest patches installed on everything. OS server: CentOS 6.X OS Workstations: Windows 7 Prof Samba: 4.2.10 (was 3.6.23) Other: roaming profiles (as we log into other stations, e.g. training rooms) smb.conf (important bits): [global] workgroup = LALA server string = Domain Server netbios name = LALAMACHINE username map = /etc/samba/smbusers interfaces = eth0, lo bind interfaces only = yes # these flags were recommended. socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=131072 SO_SNDBUF=131072 # Logging, what, how much, etc log level = 1 syslog = 0 log file = /var/log/samba/samba.log max log size = 10000000 # Auditing vfs objects = full_audit full_audit:prefix = %u|%I|%m|%S full_audit:failure = none full_audit:facility = LOCAL4 full_audit:priority = NOTICE full_audit:success = none full_audit:failure = none idmap config *: backend = tdb idmap config *: range = 1000000-1999999 idmap config LALA : default = Yes idmap config LALA : backend = <idmap backend> idmap config LALA : range = 500-999999 winbind use default domain = Yes winbind nested groups = Yes winbind normalize names = no # domain stuff logon script = user.cmd logon path = \\lalamachine\profiles\%u logon drive = Z: logon home = \\lalamachine\%u\samba-homeshare domain logons = Yes os level = 200 domain master = Yes dns proxy = No wins support = Yes security = user encrypt passwords = Yes hosts allow = 192.168.0., 127. guest account = nobody usershare allow guests = No # printer setup load printers = Yes printing = cups printcap name = cups printcap = cups printcap cache time = 750 cups options = raw read raw = yes write raw = yes oplocks = yes max xmit = 65535 dead time = 15 getwd cache = yes # Samba implements the CIFS UNIX unix extensions = no [netlogon] comment = Network Logon Service path = /samba/NetLogon browseable = Yes guest ok = yes admin users = root full_audit:success = none full_audit:failure = none # this is required for log files to be written to read only = No write list = @lalausers, @lalaadmins [profiles] comment = Roaming Profile Share path = /samba/Profiles/ read only = No create mask = 0600 directory mask = 0700 browseable = yes # you MUST disable caching on shares that have roaming profiles stored csc policy = disable guest ok = no valid users = @lalausers, @lalaadmins admin users = root store dos attributes = yes profile acls = yes full_audit:success = none full_audit:failure = none -- Keyboard not found - please clean up desktop! | |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager | | |0| Barrett Consulting Group P/L & The Meditation Room P/L |0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia
Jobst Schmalenbach
2017-Jun-07 07:12 UTC
[CentOS] Domain Logout, then domain login again, profile corrupt -> replaced by TEMP profile
I am sorry, wrong list. Jobst On Wed, Jun 07, 2017 at 04:13:30PM +1000, Jobst Schmalenbach (jobst at barrett.com.au) wrote:> Hi > > I have had this problem for a while, but waited to post this until I upgraded to see whether the upgrade would fix it. > I upgraded samba to the 4.2.X stream from 3.6.X stream, but it happens on both, 3.6.X and 4.2.10. > > Whenever someone logs out, then in again the profile gets corrupted and a new TEMP profile is created (the dreadful "creating new desktop"). Now I do not know where this problem is - the desktop or the server. > It also happens if you wait 1/2 hour or so, never tried it longer. > > I can quickly fix this by: > > - tell the user to log out > - rsync -avHAX the profile with yesterdays profile > - tell the user to log in again > > Now if I log out on my workstation, then on the server I do a "smb reload", then log in again this problem does not happen. > > This morning a person logged out of his workstation, went over to the bigscreen in one of our training rooms and logged in there, then logged out, went over to his machine but got the dreadful "preparing desktop" on login .... > > Anybody got any idea? > > thanks > Jobst > > Here is some info: > ~~~~~~~~~~~~~~~~~~ > All latest patches installed on everything. > > OS server: CentOS 6.X > OS Workstations: Windows 7 Prof > Samba: 4.2.10 (was 3.6.23) > Other: roaming profiles (as we log into other stations, e.g. training rooms) > > smb.conf (important bits): > [global] > workgroup = LALA > server string = Domain Server > netbios name = LALAMACHINE > username map = /etc/samba/smbusers > interfaces = eth0, lo > bind interfaces only = yes > # these flags were recommended. > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=131072 SO_SNDBUF=131072 > > # Logging, what, how much, etc > log level = 1 > syslog = 0 > log file = /var/log/samba/samba.log > max log size = 10000000 > > # Auditing > vfs objects = full_audit > full_audit:prefix = %u|%I|%m|%S > full_audit:failure = none > full_audit:facility = LOCAL4 > full_audit:priority = NOTICE > full_audit:success = none > full_audit:failure = none > > idmap config *: backend = tdb > idmap config *: range = 1000000-1999999 > idmap config LALA : default = Yes > idmap config LALA : backend = <idmap backend> > idmap config LALA : range = 500-999999 > > winbind use default domain = Yes > winbind nested groups = Yes > winbind normalize names = no > > # domain stuff > logon script = user.cmd > logon path = \\lalamachine\profiles\%u > logon drive = Z: > logon home = \\lalamachine\%u\samba-homeshare > domain logons = Yes > os level = 200 > domain master = Yes > dns proxy = No > wins support = Yes > security = user > encrypt passwords = Yes > hosts allow = 192.168.0., 127. > guest account = nobody > usershare allow guests = No > > # printer setup > load printers = Yes > printing = cups > printcap name = cups > printcap = cups > printcap cache time = 750 > cups options = raw > read raw = yes > write raw = yes > oplocks = yes > max xmit = 65535 > dead time = 15 > getwd cache = yes > > # Samba implements the CIFS UNIX > unix extensions = no > > [netlogon] > comment = Network Logon Service > path = /samba/NetLogon > browseable = Yes > guest ok = yes > admin users = root > full_audit:success = none > full_audit:failure = none > # this is required for log files to be written to > read only = No > write list = @lalausers, @lalaadmins > > [profiles] > comment = Roaming Profile Share > path = /samba/Profiles/ > read only = No > create mask = 0600 > directory mask = 0700 > browseable = yes > # you MUST disable caching on shares that have roaming profiles stored > csc policy = disable > guest ok = no > valid users = @lalausers, @lalaadmins > admin users = root > store dos attributes = yes > profile acls = yes > full_audit:success = none > full_audit:failure = none > > > -- > Keyboard not found - please clean up desktop! > > | |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager > | | |0| Barrett Consulting Group P/L & The Meditation Room P/L > |0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos-- This message represents the official view of the voices in my head! | |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager | | |0| Barrett Consulting Group P/L & The Meditation Room P/L |0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia
Maybe Matching Threads
- Domain Logout, then domain login again, profile corrupt -> replaced by TEMP profile
- Domain Logout, then domain login again, profile corrupt -> replaced by TEMP profile
- "net view" gets me "System error 71 has occured" and "no more connections ...."
- AD issue....
- Remove records from a large dataframe