steve.hallam@propero.net
2004-Jan-22 16:46 UTC
[Samba] Odd Roaming Profile behaviour from a Samba PDC
Hey All.. I've been trying to track down the source of this problem for some time now and am hoping that someone may have seen this in the past... I picked up a system that has Samba V. 2.2.8a, acting as a PDC and serving roaming profiles to Two Windows 2K Terminal Servers running SP4. However, as a user attempts to login for the first time, the PDC authenticates the user and attempts to retrieve its roaming profile from the relevant share. The user's profile doesn't exist, therefore smbd creates profiles/[USERNAME] directory and the user logs in to the Terminal Server with the default profile as normal. However, when the user logs out, their fresh and shiny new profile is not written back to the samba server and is left on the TS in c:\documents and settings\[USERNAME], with UsrClass.dat being used by another process and unable to be deleted ! Now for the really confusing bit.. After a few logins, the profile starts to work as normal, I.e. loaded from and written back to the samba server as expected and deleted from the TS after the user logs out. Initially I thought that this was related to the 'SP4 Breaks roaming profiles' issue and tried forcing profile acls = yes in the profiles share and acl compatibility = Win2k in the global section, both to no avail. Additionally I've opened up the permissions on the 'Documents and Settings' directories on both of the Terminal Servers so that all users have full control. Again to no avail.. Any ideas would be greatly appreciated.. Cheers S. FYI, below is a copy of the smb.conf, edited (removed some shares that aren't relevent) for brevity and the usual obfuscations of hostnames etc. [global] netbios name = foo-bar workgroup = FOO server string = Samba %v os level = 64 preferred master = yes domain master = yes local master = yes security = user encrypt passwords = yes domain logons = yes logon path = \\%L\profiles\%u logon drive = H: logon home = \\%L\%u guest account = nobody domain admin group = @WinAdmins time server = yes log file = /var/log/samba/log.smbd log level = 1 dns proxy = no max log size = 500 deadtime = 1 ldap server = ldap.foo-bar.someone.com ldap port = 389 ldap suffix = ou=Current,dc=foo,dc=someone,dc=com ldap admin dn = uid=someone,ou=People,ou=Current,dc=foo,dc=someone,dc=com ldap ssl = no [homes] comment = Home Directories browseable = no writable = yes inherit permissions = yes [profiles] path = /home/profiles read only = no create mask = 0600 directory mask = 0700 browseable = no nt acl support = no csc policy = disable [netlogon] path = /home/netlogon write list = root guest ok = no browseable = yes writeable = yes <SNIP> <!-- Other shares --> </SNIP>
Possibly Parallel Threads
- Samba 3.0.9 PDC - Saving roaming user profiles from windows 2000 sp4 (w2k) failed
- roaming profiles - Unable to unmarshall SAMR_Q_SET_USERINFO
- [Samba} Can't do roaming profiles (Solved)
- KB824141 on Win2K and Samba PDC with a mandatory profile
- XP roaming profile problem (access denied)