samba - Apr 2004 - Samba (2.2.8a or 3.0.2a) + WinXP not updating roaming profiles on logout

I have a linux box running samba configured as my PDC with roaming
profiles.  Everything was running great until I upgraded to WinXP
instead of Win2K.  Now, when I log out of my XP session, my profile
doesn't get uploaded to the server.  The local copy remains in effect
until I reboot.  When I log out, the following message gets sent to the
event logger:

[quote]
Windows has detected that Offline Caching is enabled on the Roaming
Profile share - to avoid potential profile corruption, Offline Caching
must be disabled on shares where roaming user profiles are stored. 



For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
[/quote]

I searched around and found an email which suggested adding the
following to my profiles share to fix this warning message (not sure if
it's supposed to fix my problem, but I figured it was worth a shot):

   csc policy = disabled
   share modes = no

The warning still occurs (yes, I restarted samba and I restarted
windows).

Here's my smb.conf file with comments stripped

[global]
   workgroup = HOME
  netbios name = ERADICATOR
   server string = Samba Server %v
   printcap name = lpstat
   load printers = yes
   printing = cups
   printer admin = @adm
   log file = /var/log/samba/log.%m
   max log size = 50
  guest account = guest
   security = user
  encrypt passwords = yes
  smb passwd file = /etc/samba/private/smbpasswd
  username map = /etc/samba/smbusers
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   interfaces = eth1
   local master = yes
   os level = 65
   domain master = yes 
   preferred master = yes
   domain logons = yes
   logon path = \\%L\%U\profile
   logon home = \\%L\%U
   logon drive = I:
add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine
Account' -s /bin/false -M %u
domain admin group = root @wheel
domain guest group = nobody guest @nobody @nogroup @guest
   wins support = yes
   dns proxy = no 
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   profile acls = yes
   csc policy = disabled
   share modes = no
[netlogon]
   comment = Network Logon Service
   path = /var/lib/samba/netlogon
   guest ok = yes
   writable = no
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = yes
   writable = no
   printable = yes
   create mode = 0700
   print command = lpr -P %p %s # using cups own drivers (use generic
PostScript on clients).
   lpq command = lpq -P %p
   lprm command = cancel %p-%j
[download]
   comment = Downloads
   path = /usr/local/download
   public = yes
   writable = no
   write list = @adm
   
   create mode = 0664
   directory mode = 2775
   force create mode = 0660
   force directory mode = 2770
[music]
   comment = Music
   path = /home/jeremy/Music
   public = yes
   writable = no
   write list = @adm
   
   create mode = 0664
   directory mode = 2775
   force create mode = 0660
   force directory mode = 2770
[movies]
   comment = Movies
   path = /home/jeremy/Movies
   public = yes
   writable = no
   write list = @adm
   
   create mode = 0664
   directory mode = 2775
   force create mode = 0660
   force directory mode = 2770
[root]
        comment = Root Directory
        path = /
        read only = No
[raid0]
        comment = RAID 0
        path = /mnt/raid0
        read only = No


---

As another note, I get the following message in log.<machine name> since
going to samba3... 

[2004/04/05 23:16:16, 0]
rpc_server/srv_util.c:get_domain_user_groups(372)
  get_domain_user_groups: primary gid of user [jeremy] is not a Domain
group !
  get_domain_user_groups: You should fix it, NT doesn't like that
[2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705)
  aerith (192.168.0.3) connect to service jeremy initially as user
jeremy (uid=1000, gid=4) (pid 22991)

---

Thanks in advance for any help you have to offer.  It is very much
appreciated.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040405/914f74f5/attachment.bin

I have working 3.0.2a and 2.2.8a domain controllers.  The only thing that
I see that is significantly different in your conifguration to our
configuration is that we have a [profiles] share.

[profiles]
        comment = Personal Profile Folder
        path = \\%L\%U\profile
        read only = No
        profile acls = Yes
        browseable = No

Hope it helps,
Jim
> I have a linux box running samba configured as my PDC with roaming
> profiles.  Everything was running great until I upgraded to WinXP
> instead of Win2K.  Now, when I log out of my XP session, my profile
> doesn't get uploaded to the server.  The local copy remains in effect
> until I reboot.  When I log out, the following message gets sent to the
> event logger:
>
> [quote]
> Windows has detected that Offline Caching is enabled on the Roaming
> Profile share - to avoid potential profile corruption, Offline Caching
> must be disabled on shares where roaming user profiles are stored.
>
>
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> [/quote]
>
> I searched around and found an email which suggested adding the
> following to my profiles share to fix this warning message (not sure if
> it's supposed to fix my problem, but I figured it was worth a shot):
>
>    csc policy = disabled
>    share modes = no
>
> The warning still occurs (yes, I restarted samba and I restarted
> windows).
>
> Here's my smb.conf file with comments stripped
>
> [global]
>    workgroup = HOME
>   netbios name = ERADICATOR
>    server string = Samba Server %v
>    printcap name = lpstat
>    load printers = yes
>    printing = cups
>    printer admin = @adm
>    log file = /var/log/samba/log.%m
>    max log size = 50
>   guest account = guest
>    security = user
>   encrypt passwords = yes
>   smb passwd file = /etc/samba/private/smbpasswd
>   username map = /etc/samba/smbusers
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    interfaces = eth1
>    local master = yes
>    os level = 65
>    domain master = yes
>    preferred master = yes
>    domain logons = yes
>    logon path = \\%L\%U\profile
>    logon home = \\%L\%U
>    logon drive = I:
> add user script = /usr/sbin/useradd -d /dev/null -g machines -c
'Machine
> Account' -s /bin/false -M %u
> domain admin group = root @wheel
> domain guest group = nobody guest @nobody @nogroup @guest
>    wins support = yes
>    dns proxy = no
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
>    profile acls = yes
>    csc policy = disabled
>    share modes = no
> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = no
>    guest ok = yes
>    writable = no
>    printable = yes
>    create mode = 0700
>    print command = lpr -P %p %s # using cups own drivers (use generic
> PostScript on clients).
>    lpq command = lpq -P %p
>    lprm command = cancel %p-%j
> [download]
>    comment = Downloads
>    path = /usr/local/download
>    public = yes
>    writable = no
>    write list = @adm
>
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [music]
>    comment = Music
>    path = /home/jeremy/Music
>    public = yes
>    writable = no
>    write list = @adm
>
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [movies]
>    comment = Movies
>    path = /home/jeremy/Movies
>    public = yes
>    writable = no
>    write list = @adm
>
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [root]
>         comment = Root Directory
>         path = /
>         read only = No
> [raid0]
>         comment = RAID 0
>         path = /mnt/raid0
>         read only = No
>
>
> ---
>
> As another note, I get the following message in log.<machine name>
since
> going to samba3...
>
> [2004/04/05 23:16:16, 0]
> rpc_server/srv_util.c:get_domain_user_groups(372)
>   get_domain_user_groups: primary gid of user [jeremy] is not a Domain
> group !
>   get_domain_user_groups: You should fix it, NT doesn't like that
> [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705)
>   aerith (192.168.0.3) connect to service jeremy initially as user
> jeremy (uid=1000, gid=4) (pid 22991)
>
> ---
>
> Thanks in advance for any help you have to offer.  It is very much
> appreciated.
>
>

Hi,

Please post to the list how you solved this.

Thanks

Jeremy Huddleston wrote:
> I have a linux box running samba configured as my PDC with roaming
> profiles.  Everything was running great until I upgraded to WinXP
> instead of Win2K.  Now, when I log out of my XP session, my profile
> doesn't get uploaded to the server.  The local copy remains in effect
> until I reboot.  When I log out, the following message gets sent to the
> event logger:
> 
> [quote]
> Windows has detected that Offline Caching is enabled on the Roaming
> Profile share - to avoid potential profile corruption, Offline Caching
> must be disabled on shares where roaming user profiles are stored. 
> 
> 
> 
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> [/quote]
> 
> I searched around and found an email which suggested adding the
> following to my profiles share to fix this warning message (not sure if
> it's supposed to fix my problem, but I figured it was worth a shot):
> 
>    csc policy = disabled
>    share modes = no
> 
> The warning still occurs (yes, I restarted samba and I restarted
> windows).
> 
> Here's my smb.conf file with comments stripped
> 
> [global]
>    workgroup = HOME
>   netbios name = ERADICATOR
>    server string = Samba Server %v
>    printcap name = lpstat
>    load printers = yes
>    printing = cups
>    printer admin = @adm
>    log file = /var/log/samba/log.%m
>    max log size = 50
>   guest account = guest
>    security = user
>   encrypt passwords = yes
>   smb passwd file = /etc/samba/private/smbpasswd
>   username map = /etc/samba/smbusers
>    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>    interfaces = eth1
>    local master = yes
>    os level = 65
>    domain master = yes 
>    preferred master = yes
>    domain logons = yes
>    logon path = \\%L\%U\profile
>    logon home = \\%L\%U
>    logon drive = I:
> add user script = /usr/sbin/useradd -d /dev/null -g machines -c
'Machine
> Account' -s /bin/false -M %u
> domain admin group = root @wheel
> domain guest group = nobody guest @nobody @nogroup @guest
>    wins support = yes
>    dns proxy = no 
> [homes]
>    comment = Home Directories
>    browseable = no
>    writable = yes
>    profile acls = yes
>    csc policy = disabled
>    share modes = no
> [netlogon]
>    comment = Network Logon Service
>    path = /var/lib/samba/netlogon
>    guest ok = yes
>    writable = no
> [printers]
>    comment = All Printers
>    path = /var/spool/samba
>    browseable = no
>    guest ok = yes
>    writable = no
>    printable = yes
>    create mode = 0700
>    print command = lpr -P %p %s # using cups own drivers (use generic
> PostScript on clients).
>    lpq command = lpq -P %p
>    lprm command = cancel %p-%j
> [download]
>    comment = Downloads
>    path = /usr/local/download
>    public = yes
>    writable = no
>    write list = @adm
>    
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [music]
>    comment = Music
>    path = /home/jeremy/Music
>    public = yes
>    writable = no
>    write list = @adm
>    
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [movies]
>    comment = Movies
>    path = /home/jeremy/Movies
>    public = yes
>    writable = no
>    write list = @adm
>    
>    create mode = 0664
>    directory mode = 2775
>    force create mode = 0660
>    force directory mode = 2770
> [root]
>         comment = Root Directory
>         path = /
>         read only = No
> [raid0]
>         comment = RAID 0
>         path = /mnt/raid0
>         read only = No
> 
> 
> ---
> 
> As another note, I get the following message in log.<machine name>
since
> going to samba3... 
> 
> [2004/04/05 23:16:16, 0]
> rpc_server/srv_util.c:get_domain_user_groups(372)
>   get_domain_user_groups: primary gid of user [jeremy] is not a Domain
> group !
>   get_domain_user_groups: You should fix it, NT doesn't like that
> [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705)
>   aerith (192.168.0.3) connect to service jeremy initially as user
> jeremy (uid=1000, gid=4) (pid 22991)
> 
> ---
> 
> Thanks in advance for any help you have to offer.  It is very much
> appreciated.
> 
>

Here's the smb.conf on my test server, I tried it last night, and the
profiles are storing fine.  You should note the %a at the end of the
profiles share.  That allow you to differentiate between different
versions of the OS (NT/2K/XP) etc.  I used SWAT to create this one, so it
has been optimized and some of the unneeded/default perameters don't show
up.  If you open this one in SWAT, you will see all of the defaults.

Jim

# Samba config file created using SWAT
# from 192.168.0.3 (192.168.0.3)
# Date: 2004/02/28 10:33:24

# Global parameters
[global]
        workgroup = TEST
        server string = Test Samba Domain Controller
        interfaces = eth1, lo
        update encrypted = Yes
        smb passwd file = /etc/samba/passdb.tdb
        passdb backend = tdbsam
        passwd program = /bin/passwd %u
        unix password sync = Yes
        log file = /var/log/samba/log.%m
        max log size = 50
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u;passwd -l %u
        logon script = netlogon.bat
        logon path = \\%L\%U\.profile\%a
        logon drive = H:
        logon home = \\%L\%U
        os level = 65
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        ldap ssl = no
        idmap uid = 10000-19999
        idmap gid = 10000-19999
        admin users = root
        printer admin = root
        hosts allow = 127.0.0.1, 192.168.0.0/24
        hosts deny = 0.0.0.0/0
        printing = cups

[homes]
        comment = Home Directories
        read only = No
        profile acls = Yes
        map acl inherit = Yes
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

[archives]
        comment = Archive Files
        path = /home/archives
        read only = No

[netlogon]
        comment = Network Logon Service
        path = /home/samba/netlogon
        browseable = No

[profiles]
        comment = Personal Profile Folder
        path = \\%L\%U\.profile\%a
        read only = No
        profile acls = Yes
        browseable = No

> Nope... still erroring out...
>
> Could you send me your complete smb.conf?
>
> On Tue, 2004-04-06 at 06:53, Jim Shanks wrote:
>> I have working 3.0.2a and 2.2.8a domain controllers.  The only thing
>> that
>> I see that is significantly different in your conifguration to our
>> configuration is that we have a [profiles] share.
>>
>> [profiles]
>>         comment = Personal Profile Folder
>>         path = \\%L\%U\profile
>>         read only = No
>>         profile acls = Yes
>>         browseable = No
>>
>> Hope it helps,
>> Jim
>>
>> > I have a linux box running samba configured as my PDC with roaming
>> > profiles.  Everything was running great until I upgraded to WinXP
>> > instead of Win2K.  Now, when I log out of my XP session, my
profile
>> > doesn't get uploaded to the server.  The local copy remains in
effect
>> > until I reboot.  When I log out, the following message gets sent
to
>> the
>> > event logger:
>> >
>> > [quote]
>> > Windows has detected that Offline Caching is enabled on the
Roaming
>> > Profile share - to avoid potential profile corruption, Offline
Caching
>> > must be disabled on shares where roaming user profiles are stored.
>> >
>> >
>> >
>> > For more information, see Help and Support Center at
>> > http://go.microsoft.com/fwlink/events.asp.
>> > [/quote]
>> >
>> > I searched around and found an email which suggested adding the
>> > following to my profiles share to fix this warning message (not
sure
>> if
>> > it's supposed to fix my problem, but I figured it was worth a
shot):
>> >
>> >    csc policy = disabled
>> >    share modes = no
>> >
>> > The warning still occurs (yes, I restarted samba and I restarted
>> > windows).
>> >
>> > Here's my smb.conf file with comments stripped
>> >
>> > [global]
>> >    workgroup = HOME
>> >   netbios name = ERADICATOR
>> >    server string = Samba Server %v
>> >    printcap name = lpstat
>> >    load printers = yes
>> >    printing = cups
>> >    printer admin = @adm
>> >    log file = /var/log/samba/log.%m
>> >    max log size = 50
>> >   guest account = guest
>> >    security = user
>> >   encrypt passwords = yes
>> >   smb passwd file = /etc/samba/private/smbpasswd
>> >   username map = /etc/samba/smbusers
>> >    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>> >    interfaces = eth1
>> >    local master = yes
>> >    os level = 65
>> >    domain master = yes
>> >    preferred master = yes
>> >    domain logons = yes
>> >    logon path = \\%L\%U\profile
>> >    logon home = \\%L\%U
>> >    logon drive = I:
>> > add user script = /usr/sbin/useradd -d /dev/null -g machines -c
>> 'Machine
>> > Account' -s /bin/false -M %u
>> > domain admin group = root @wheel
>> > domain guest group = nobody guest @nobody @nogroup @guest
>> >    wins support = yes
>> >    dns proxy = no
>> > [homes]
>> >    comment = Home Directories
>> >    browseable = no
>> >    writable = yes
>> >    profile acls = yes
>> >    csc policy = disabled
>> >    share modes = no
>> > [netlogon]
>> >    comment = Network Logon Service
>> >    path = /var/lib/samba/netlogon
>> >    guest ok = yes
>> >    writable = no
>> > [printers]
>> >    comment = All Printers
>> >    path = /var/spool/samba
>> >    browseable = no
>> >    guest ok = yes
>> >    writable = no
>> >    printable = yes
>> >    create mode = 0700
>> >    print command = lpr -P %p %s # using cups own drivers (use
generic
>> > PostScript on clients).
>> >    lpq command = lpq -P %p
>> >    lprm command = cancel %p-%j
>> > [download]
>> >    comment = Downloads
>> >    path = /usr/local/download
>> >    public = yes
>> >    writable = no
>> >    write list = @adm
>> >
>> >    create mode = 0664
>> >    directory mode = 2775
>> >    force create mode = 0660
>> >    force directory mode = 2770
>> > [music]
>> >    comment = Music
>> >    path = /home/jeremy/Music
>> >    public = yes
>> >    writable = no
>> >    write list = @adm
>> >
>> >    create mode = 0664
>> >    directory mode = 2775
>> >    force create mode = 0660
>> >    force directory mode = 2770
>> > [movies]
>> >    comment = Movies
>> >    path = /home/jeremy/Movies
>> >    public = yes
>> >    writable = no
>> >    write list = @adm
>> >
>> >    create mode = 0664
>> >    directory mode = 2775
>> >    force create mode = 0660
>> >    force directory mode = 2770
>> > [root]
>> >         comment = Root Directory
>> >         path = /
>> >         read only = No
>> > [raid0]
>> >         comment = RAID 0
>> >         path = /mnt/raid0
>> >         read only = No
>> >
>> >
>> > ---
>> >
>> > As another note, I get the following message in log.<machine
name>
>> since
>> > going to samba3...
>> >
>> > [2004/04/05 23:16:16, 0]
>> > rpc_server/srv_util.c:get_domain_user_groups(372)
>> >   get_domain_user_groups: primary gid of user [jeremy] is not a
Domain
>> > group !
>> >   get_domain_user_groups: You should fix it, NT doesn't like
that
>> > [2004/04/05 23:16:20, 1] smbd/service.c:make_connection_snum(705)
>> >   aerith (192.168.0.3) connect to service jeremy initially as user
>> > jeremy (uid=1000, gid=4) (pid 22991)
>> >
>> > ---
>> >
>> > Thanks in advance for any help you have to offer.  It is very much
>> > appreciated.
>> >
>> >
>>
>