samba - Aug 2007 - Help with roaming profiles and drive letter mapping...

I have Samba 3.0.23c-2 (default that comes with RedHat Enterprise 5 
Server) and am trying to tweak the conf file to permit roaming profiles 
and assign drive letter mapping.

I am able to join my XP SP2 system to Samba as the PDC, and can log in as 
root, but any other account either warns that "Windows cannot find the 
local profle and is logging in with a temporary profile..."

I also want to map directories to drive letters and mount a printer.

I have reviewed a ton of web pages describing smb.conf files, and tried so 
many things, but nothing has worked for at least the roaming profiles, 
which is most critical now.

What am I missing?

Thanks.

Scott

On 8/29/07, Scott Ehrlich <scott@mit.edu> wrote:
> I have Samba 3.0.23c-2 (default that comes with RedHat Enterprise 5
> Server) and am trying to tweak the conf file to permit roaming profiles
> and assign drive letter mapping.
>
> I am able to join my XP SP2 system to Samba as the PDC, and can log in as
> root, but any other account either warns that "Windows cannot find the
> local profle and is logging in with a temporary profile..."
>
> I also want to map directories to drive letters and mount a printer.
>
> I have reviewed a ton of web pages describing smb.conf files, and tried so
> many things, but nothing has worked for at least the roaming profiles,
> which is most critical now.
>
> What am I missing?
>
Posibly the following in your smb.conf:
profile acls = yes

John

On Wed, 29 Aug 2007, John Drescher wrote:
> On 8/29/07, Scott Ehrlich <scott@mit.edu> wrote:
>> I have Samba 3.0.23c-2 (default that comes with RedHat Enterprise 5
>> Server) and am trying to tweak the conf file to permit roaming profiles
>> and assign drive letter mapping.
>>
>> I am able to join my XP SP2 system to Samba as the PDC, and can log in
as
>> root, but any other account either warns that "Windows cannot find
the
>> local profle and is logging in with a temporary profile..."
>>
>> I also want to map directories to drive letters and mount a printer.
>>
>> I have reviewed a ton of web pages describing smb.conf files, and tried
so
>> many things, but nothing has worked for at least the roaming profiles,
>> which is most critical now.
>>
>> What am I missing?
>>
> Posibly the following in your smb.conf:
> profile acls = yes
>
> John
>
I suppose my smb.conf would help:

[global]
domain logons = Yes
domain master = Yes
workgroup = testplace
netbios name = testplace-pdc
bind interfaces only = Yes
passdb backend = tdbsam
pam password change = Yes
unix password sync = Yes
log level = 2
os level = 65
syslog = 1
log file = /var/log/samba/log.%L
max log size = 99968
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
printcap name= CUPS
show add printer wizard = No
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /ulllllllsr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
abort shutdown script = /sbin/shutdown -c
logon script = scriptslogon.bat
logon path = \\%N\profiles\%u
logon drive = H:
logon home = \\home\%u
preferred master = Yes
wins support = Yes
utmp = Yes
map acl inherit = Yes
printing = cups
veto oplock files = /*.doc/*.xls/*.mdb/
security = user
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
client code page = 852
character set = ISO8859-2
invalud users = bin daemon sys man postfix mail ftp
admin users = @wheel
domain admin group = @wheel
encrypt passwords =  yes
debug timestamp = yes


[IPC$]
path = /tmp
hosts allow = 192.168.1.0/24, 127.0.0.1
hosts deny = 0.0.0.0/0


[homes]
comment = Home Dirs
valid users = %S
read only = No
browseable = Yes
path = /home/%U
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775

[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = No
printable = Yes
use client driver = Yes
default devmode = Yes
browseable = No


[netlogon]
path = /var/lib/samba/netlogon
guest ok = No
browseable = No
locking = No

[profiles]
comment = Profile Share
path = /home
read only = No
profile acls = Yes

[shared]
comment = Network Shares
path = /shared
read only = no

> add user to group script = /ulllllllsr/sbin/usermod -G %g %u
Although this should not be the cause of your problem, Is this correct?

After logging in to windows do your users have access to their
profile? I mean can they browse \\%N\profiles\%u and change files?

Are they the unix owner of the folder containing their profile? Are
you using acls on your unix filesystem?


John