samba - Aug 2006 - samba pdc & ldap without roaming profiles

Hi list
At the momtent I use samba as a pdc with tdbsam as passwd backend. I 
plan to use ldap and I already tried it out. Unfortunately I didn't find 
a way to disable roaming profiles. I used the smbldap tools.
First there is the question if I should use
add user script = /usr/sbin/smbldap-useradd -m "%u"
with the -a (is a Windows User) option.
If I don't, then windows account specific information like last passwd 
change isn't stored in the ldap backend.. Where are they stored then ?
Second, the main problem is that I can't remove entries like
Home Directory
HomeDir Drive
Logon Script
Profile Path
from the users. Neither by using srvtools nor ldap directly nor pdbedit.
Therefore I am forced to use all my accs as roaming profiles which I 
don't really want.
I  would appreciate any hints for solving this problem.
Thank you, Alex Kretschmer

to disable roaming profile for everybody, i'd use this un smb.conf:
	logon drive 	logon home yes, it's blank ;)

Greating Alexander,

And you can disable roaming profile on Microsoft professional client (I 
don't have try local profile with 9x clients). Open /MMC /and add the 
snap-in /Group Policy/.

Browse in /Local Computer Policy/ / /Computer Configuration/ / 
Administrative Template / /System // /Login
and change //Only allow local user profiles/ value. For Windows 2000, 
you need SP3 and more install.

And run /secedit /refreshpolicy machine_policy (W2K) or //gpupdate (XP)./

     Robert
> Hi list
> At the momtent I use samba as a pdc with tdbsam as passwd backend. I 
> plan to use ldap and I already tried it out. Unfortunately I didn't 
> find a way to disable roaming profiles. I used the smbldap tools.
> First there is the question if I should use
> add user script = /usr/sbin/smbldap-useradd -m "%u"
> with the -a (is a Windows User) option.
> If I don't, then windows account specific information like last passwd 
> change isn't stored in the ldap backend.. Where are they stored then ?
> Second, the main problem is that I can't remove entries like
> Home Directory
> HomeDir Drive
> Logon Script
> Profile Path
> from the users. Neither by using srvtools nor ldap directly nor pdbedit.
> Therefore I am forced to use all my accs as roaming profiles which I 
> don't really want.
> I  would appreciate any hints for solving this problem.
> Thank you, Alex Kretschmer
>