Dear all, I have created two virtual machines on my computer (With Vmware 5.5.3). One is running SuSE Linux Enterprise Server 10 with Samba 3.0.22. The other one is runnung a WinXP SP2 client (name: test01). I can browse the shares of the Samba Server. Furthermore I can connect to them with different user names. When trying to join the client to the domain I get an error message that the user does not exist (although connecting to the shares works with this username). Furthermore the user has the SeMachineAccountPrivilege set. What might cause this error? I have added the log.test01, log.smbd and the smb.conf file. Hope somebody can help me Regards Thomas log.test01: ----------- [2007/05/16 17:51:41, 2] lib/smbldap.c:smbldap_open_connection(724) smbldap_open_connection: connection opened [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) init_sam_from_ldap: Entry found for user: root [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_group_from_ldap(2222) init_group_from_ldap: Entry found for group: 512 [2007/05/16 17:51:41, 2] smbd/server.c:exit_server(614) Closing connections [2007/05/16 17:51:41, 2] auth/auth.c:check_ntlm_password(307) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2007/05/16 17:51:41, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) Returning domain sid for domain LTE -> S-1-5-21-4205727931-4131263253-1851132061 [2007/05/16 17:51:42, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2415) _samr_create_user: Running the command `/usr/local/sbin/smbldap-useradd -w "test01$"' gave 9 [2007/05/16 17:51:42, 2] smbd/server.c:exit_server(614) Closing connections the error message in smbldap-useradd script only means that the account has already been created in the LDAP directory (only unix attributes are set, no win or samba specific stuff). When deleting the user from the directory the message disappears, but nothing else changes. log.smbd: --------- [2007/05/16 17:51:36, 0] smbd/server.c:main(805) smbd version 3.0.22-13.16-SUSE-SLES10 started. Copyright Andrew Tridgell and the Samba Team 1992-2006 [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[homes]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[profiles]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[netlogon]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[intranet]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[literatur]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[projekte]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[software]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[transfer]" [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) Processing section "[sekretariat]" [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) Unable to connect to CUPS server localhost - Connection refused [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) Unable to connect to CUPS server localhost - Connection refused [2007/05/16 17:51:36, 2] lib/interface.c:add_interface(81) added interface ip=192.168.1.50 bcast=192.168.1.255 nmask=255.255.255.0 [2007/05/16 17:51:36, 2] lib/smbldap_util.c:smbldap_search_domain_info(228) Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=LTE))] [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) smbldap_open_connection: connection opened [2007/05/16 17:51:36, 2] lib/tallocmsg.c:register_msg_pool_usage(61) Registered MSG_REQ_POOL_USAGE [2007/05/16 17:51:36, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) smbldap_open_connection: connection opened [2007/05/16 17:51:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) init_sam_from_ldap: Entry found for user: root [2007/05/16 17:51:36, 2] smbd/server.c:open_sockets_smbd(336) waiting for a connection smb.conf: --------- [global] workgroup = LTE netbios name = david enable privileges = yes server string = LTE Datei-Server security = user encrypt passwords = yes domain logons = Yes domain master = Yes local master = Yes preferred master = Yes os level = 65 wins support = no dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd # hosts allow = 192.168.2.0/255.255.255.0, 127.0.0.1 # interfaces = 192.168.2.240/255.255.255.0 # vfs object = vscan-clamav # vscan-clamav: config-file = /etc/samba/vscan-clamav.conf log level = 2 syslog = 1 log file = /var/log/samba/log.%m time server = yes Dos charset = 850 Unix charset = UTF8 # Unix charset = ISO8859-1 username map = /etc/samba/smbusers # logon path = \\%L\profiles\.msprofile # falsch? logon path = \\%L\profiles\%U # logon home = \\%L\%U\.9xprofile logon drive = H: logon script = logon.bat ldap passwd sync = yes ldap ssl = Off passdb backend = ldapsam:ldap://127.0.0.1 idmap backend = ldap:ldap://127.0.0.1 idmap uid = 14000-20000 idmap gid = 14000-20000 ldap admin dn = cn=manager,dc=lte,dc=local,dc=net # sollte noch geaendert werden # ldap admin dn = cn=samba,ou=Users,dc=lte,dc=local,dc=net ldap suffix = dc=lte,dc=local,dc=net ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /usr/local/sbin/smbldap-useradd -m "%u" ldap delete dn = yes delete user script = /usr/local/sbin/smbldap-userdel "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" # add machine script = /sbin/yast /usr/share/YaST2/data/add_machine.ycp %m$ add group script = /usr/local/sbin/smbldap-groupadd -p "%g" delete group script = /usr/local/sbin/smbldap-groupdel "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /sr/local/sbin/smbldap-usermod -g "%g" "%u" printing = none # printing = cups # printcap name = cups # printcap cache time = 750 # cups options = raw map to guest = Bad User [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes create mask = 600 directory mask = 700 guest ok = No [profiles] comment = Network Profiles Service # path = %H path = /home/samba/profiles read only = No browseable = No guest ok = Yes profile acls = Yes store dos attributes = Yes create mask = 0600 directory mask = 0700 force user = %U valid users = %U @"Domain Admins" [netlogon] comment = Network Logon Service path = /home/samba/netlogon read only = yes write list = root browseable = no ... (I have omitted the definition of the further shares)
Thomas, Thomas U?m?ller wrote:> Dear all, > > I have created two virtual machines on my computer (With Vmware > 5.5.3). One is running SuSE Linux Enterprise Server 10 with Samba > 3.0.22. The other one is runnung a WinXP SP2 client (name: test01). > > I can browse the shares of the Samba Server. Furthermore I can connect > to them with different user names. > > When trying to join the client to the domain I get an error message > that the user does not exist (although connecting to the shares works > with this username). Furthermore the user has the > SeMachineAccountPrivilege set.I remember getting this "user does not exist" error message and discovering that it was (like many Windows errors) a "red herring" -- did not reflect actual problem and was somewhat misleading. With XP, our underlying problem was name resolution. We had to force NetBIOS node type to "hybrid" and then things started working. See here: http://www.windowsitlibrary.com/Content/386/10/5.html To wit: "To configure a machine to use h-node-type resolution, set the following registry value to 8: HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NetBT\Parameters\NodeType " I am "shooting from the hip" here and I do not have confidence that this information will fix your problem, but it is a trivial change to make and test, so I figured it might help. Jim> > What might cause this error? I have added the log.test01, log.smbd and > the smb.conf file. > > Hope somebody can help me > > Regards > Thomas > > > log.test01: > ----------- > > [2007/05/16 17:51:41, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_group_from_ldap(2222) > init_group_from_ldap: Entry found for group: 512 > [2007/05/16 17:51:41, 2] smbd/server.c:exit_server(614) > Closing connections > [2007/05/16 17:51:41, 2] auth/auth.c:check_ntlm_password(307) > check_ntlm_password: authentication for user [root] -> [root] -> > [root] succeeded > [2007/05/16 17:51:41, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) > Returning domain sid for domain LTE -> > S-1-5-21-4205727931-4131263253-1851132061 > [2007/05/16 17:51:42, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2415) > _samr_create_user: Running the command > `/usr/local/sbin/smbldap-useradd -w "test01$"' gave 9 > [2007/05/16 17:51:42, 2] smbd/server.c:exit_server(614) > Closing connections > > the error message in smbldap-useradd script only means that the > account has already been created in the LDAP directory (only unix > attributes are set, no win or samba specific stuff). When deleting the > user from the directory the message disappears, but nothing else changes. > > > log.smbd: > --------- > [2007/05/16 17:51:36, 0] smbd/server.c:main(805) > smbd version 3.0.22-13.16-SUSE-SLES10 started. > Copyright Andrew Tridgell and the Samba Team 1992-2006 > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[homes]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[profiles]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[netlogon]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[intranet]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[literatur]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[projekte]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[software]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[transfer]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[sekretariat]" > [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) > Unable to connect to CUPS server localhost - Connection refused > [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) > Unable to connect to CUPS server localhost - Connection refused > [2007/05/16 17:51:36, 2] lib/interface.c:add_interface(81) > added interface ip=192.168.1.50 bcast=192.168.1.255 nmask=255.255.255.0 > [2007/05/16 17:51:36, 2] > lib/smbldap_util.c:smbldap_search_domain_info(228) > Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=LTE))] > [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:36, 2] lib/tallocmsg.c:register_msg_pool_usage(61) > Registered MSG_REQ_POOL_USAGE > [2007/05/16 17:51:36, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) > Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED > [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2007/05/16 17:51:36, 2] smbd/server.c:open_sockets_smbd(336) > waiting for a connection > > smb.conf: > --------- > > [global] > workgroup = LTE > netbios name = david > enable privileges = yes > server string = LTE Datei-Server > security = user > encrypt passwords = yes > domain logons = Yes > domain master = Yes > local master = Yes > preferred master = Yes > os level = 65 > wins support = no > > dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd > # hosts allow = 192.168.2.0/255.255.255.0, 127.0.0.1 > # interfaces = 192.168.2.240/255.255.255.0 > # vfs object = vscan-clamav > # vscan-clamav: config-file = /etc/samba/vscan-clamav.conf > log level = 2 > syslog = 1 > log file = /var/log/samba/log.%m > time server = yes > Dos charset = 850 > Unix charset = UTF8 > # Unix charset = ISO8859-1 > username map = /etc/samba/smbusers > > # logon path = \\%L\profiles\.msprofile # falsch? > logon path = \\%L\profiles\%U > # logon home = \\%L\%U\.9xprofile > logon drive = H: > logon script = logon.bat > > ldap passwd sync = yes > ldap ssl = Off > passdb backend = ldapsam:ldap://127.0.0.1 > idmap backend = ldap:ldap://127.0.0.1 > idmap uid = 14000-20000 > idmap gid = 14000-20000 > ldap admin dn = cn=manager,dc=lte,dc=local,dc=net > # sollte noch geaendert werden > # ldap admin dn = cn=samba,ou=Users,dc=lte,dc=local,dc=net > ldap suffix = dc=lte,dc=local,dc=net > ldap user suffix = ou=Users > ldap group suffix = ou=Groups > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = yes > delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > # add machine script = /sbin/yast > /usr/share/YaST2/data/add_machine.ycp %m$ > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m > "%u" "%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod > -x "%u" "%g" > set primary group script = /sr/local/sbin/smbldap-usermod -g "%g" > "%u" > > > printing = none > # printing = cups > # printcap name = cups > # printcap cache time = 750 > # cups options = raw > map to guest = Bad User > [homes] > comment = Home Directories > valid users = %S, %D%w%S > browseable = No > read only = No > inherit acls = Yes > create mask = 600 > directory mask = 700 > guest ok = No > [profiles] > comment = Network Profiles Service > # path = %H > path = /home/samba/profiles > read only = No > browseable = No > guest ok = Yes > profile acls = Yes > store dos attributes = Yes > create mask = 0600 > directory mask = 0700 > force user = %U > valid users = %U @"Domain Admins" > [netlogon] > comment = Network Logon Service > path = /home/samba/netlogon > read only = yes > write list = root > browseable = no > ... (I have omitted the definition of the further shares)
> When trying to join the client to the domain I get an error message > that the user does not exist (although connecting to the shares works > with this username). Furthermore the user has the > SeMachineAccountPrivilege set.I had this same problem. I ended up creating the machine accounts via the LDAP Account Manager. I never did figure out why I cannot add a machine to the domain through the Windows Network ID Wizard. Have you tried to create the machine account manually on the server, and then join the machine to the domain? *Jason Baker */IT Coordinator/ *Glastender Inc.* 5400 North Michigan Road Saginaw, Michigan 48604 USA 800.748.0423 Phone: 989.752.4275 ext. 228 Fax: 989.752.4444 www.glastender.com <http://www.glastender.com> -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K? w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- r+++ y+++ ------END GEEK CODE BLOCK------ Thomas U?m?ller wrote:> Dear all, > > I have created two virtual machines on my computer (With Vmware > 5.5.3). One is running SuSE Linux Enterprise Server 10 with Samba > 3.0.22. The other one is runnung a WinXP SP2 client (name: test01). > > I can browse the shares of the Samba Server. Furthermore I can connect > to them with different user names. > > When trying to join the client to the domain I get an error message > that the user does not exist (although connecting to the shares works > with this username). Furthermore the user has the > SeMachineAccountPrivilege set. > > What might cause this error? I have added the log.test01, log.smbd and > the smb.conf file. > > Hope somebody can help me > > Regards > Thomas > > > log.test01: > ----------- > > [2007/05/16 17:51:41, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2007/05/16 17:51:41, 2] passdb/pdb_ldap.c:init_group_from_ldap(2222) > init_group_from_ldap: Entry found for group: 512 > [2007/05/16 17:51:41, 2] smbd/server.c:exit_server(614) > Closing connections > [2007/05/16 17:51:41, 2] auth/auth.c:check_ntlm_password(307) > check_ntlm_password: authentication for user [root] -> [root] -> > [root] succeeded > [2007/05/16 17:51:41, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670) > Returning domain sid for domain LTE -> > S-1-5-21-4205727931-4131263253-1851132061 > [2007/05/16 17:51:42, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2415) > _samr_create_user: Running the command > `/usr/local/sbin/smbldap-useradd -w "test01$"' gave 9 > [2007/05/16 17:51:42, 2] smbd/server.c:exit_server(614) > Closing connections > > the error message in smbldap-useradd script only means that the > account has already been created in the LDAP directory (only unix > attributes are set, no win or samba specific stuff). When deleting the > user from the directory the message disappears, but nothing else changes. > > > log.smbd: > --------- > [2007/05/16 17:51:36, 0] smbd/server.c:main(805) > smbd version 3.0.22-13.16-SUSE-SLES10 started. > Copyright Andrew Tridgell and the Samba Team 1992-2006 > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[homes]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[profiles]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[netlogon]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[intranet]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[literatur]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[projekte]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[software]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[transfer]" > [2007/05/16 17:51:36, 2] param/loadparm.c:do_section(3721) > Processing section "[sekretariat]" > [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) > Unable to connect to CUPS server localhost - Connection refused > [2007/05/16 17:51:36, 0] printing/print_cups.c:cups_cache_reload(85) > Unable to connect to CUPS server localhost - Connection refused > [2007/05/16 17:51:36, 2] lib/interface.c:add_interface(81) > added interface ip=192.168.1.50 bcast=192.168.1.255 nmask=255.255.255.0 > [2007/05/16 17:51:36, 2] > lib/smbldap_util.c:smbldap_search_domain_info(228) > Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=LTE))] > [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:36, 2] lib/tallocmsg.c:register_msg_pool_usage(61) > Registered MSG_REQ_POOL_USAGE > [2007/05/16 17:51:36, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) > Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED > [2007/05/16 17:51:36, 2] lib/smbldap.c:smbldap_open_connection(724) > smbldap_open_connection: connection opened > [2007/05/16 17:51:36, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640) > init_sam_from_ldap: Entry found for user: root > [2007/05/16 17:51:36, 2] smbd/server.c:open_sockets_smbd(336) > waiting for a connection > > smb.conf: > --------- > > [global] > workgroup = LTE > netbios name = david > enable privileges = yes > server string = LTE Datei-Server > security = user > encrypt passwords = yes > domain logons = Yes > domain master = Yes > local master = Yes > preferred master = Yes > os level = 65 > wins support = no > > dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd > # hosts allow = 192.168.2.0/255.255.255.0, 127.0.0.1 > # interfaces = 192.168.2.240/255.255.255.0 > # vfs object = vscan-clamav > # vscan-clamav: config-file = /etc/samba/vscan-clamav.conf > log level = 2 > syslog = 1 > log file = /var/log/samba/log.%m > time server = yes > Dos charset = 850 > Unix charset = UTF8 > # Unix charset = ISO8859-1 > username map = /etc/samba/smbusers > > # logon path = \\%L\profiles\.msprofile # falsch? > logon path = \\%L\profiles\%U > # logon home = \\%L\%U\.9xprofile > logon drive = H: > logon script = logon.bat > > ldap passwd sync = yes > ldap ssl = Off > passdb backend = ldapsam:ldap://127.0.0.1 > idmap backend = ldap:ldap://127.0.0.1 > idmap uid = 14000-20000 > idmap gid = 14000-20000 > ldap admin dn = cn=manager,dc=lte,dc=local,dc=net > # sollte noch geaendert werden > # ldap admin dn = cn=samba,ou=Users,dc=lte,dc=local,dc=net > ldap suffix = dc=lte,dc=local,dc=net > ldap user suffix = ou=Users > ldap group suffix = ou=Groups > ldap machine suffix = ou=Computers > ldap idmap suffix = ou=Users > add user script = /usr/local/sbin/smbldap-useradd -m "%u" > ldap delete dn = yes > delete user script = /usr/local/sbin/smbldap-userdel "%u" > add machine script = /usr/local/sbin/smbldap-useradd -w "%u" > # add machine script = /sbin/yast > /usr/share/YaST2/data/add_machine.ycp %m$ > add group script = /usr/local/sbin/smbldap-groupadd -p "%g" > delete group script = /usr/local/sbin/smbldap-groupdel "%g" > add user to group script = /usr/local/sbin/smbldap-groupmod -m > "%u" "%g" > delete user from group script = /usr/local/sbin/smbldap-groupmod > -x "%u" "%g" > set primary group script = /sr/local/sbin/smbldap-usermod -g "%g" > "%u" > > > printing = none > # printing = cups > # printcap name = cups > # printcap cache time = 750 > # cups options = raw > map to guest = Bad User > [homes] > comment = Home Directories > valid users = %S, %D%w%S > browseable = No > read only = No > inherit acls = Yes > create mask = 600 > directory mask = 700 > guest ok = No > [profiles] > comment = Network Profiles Service > # path = %H > path = /home/samba/profiles > read only = No > browseable = No > guest ok = Yes > profile acls = Yes > store dos attributes = Yes > create mask = 0600 > directory mask = 0700 > force user = %U > valid users = %U @"Domain Admins" > [netlogon] > comment = Network Logon Service > path = /home/samba/netlogon > read only = yes > write list = root > browseable = no > ... (I have omitted the definition of the further shares)