How do you enable local profile creation on machines connected to a samba PDC? I thought it would be automatic, but it doesn't seem to be. If there isn't a roving profile, windows complains it can't find your profile on the server, then instead of creating a local one, it throws up this message: "Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off." I thought perhaps it needed a "Default User" profile served over the network, but adding such a profile to my config didn't help anything. I wouldn't think it was something to do in my smb.conf, but it's below, just in case it helps. Thanks --Kyle [global] workgroup = DEVDOMAIN passdb backend = ldapsam log level = 1 name resolve order = wins lmhosts hosts bcast logon script = logon.bat #This is used for roaming profiles logon path = \\dvpdc01.testcompany.com\profiles\%U logon drive = U: logon home = \\dvpdc01.testcompany.com\%U domain logons = Yes os level = 64 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=admin,dc=devdomain,dc=com ldap delete dn = Yes ldap group suffix = ou=groups ldap idmap suffix = ou=idmap ldap machine suffix = ou=computers ldap suffix = dc=devdomain,dc=com ldap user suffix = ou=users ldap password sync = yes idmap domains = DEVDOMAIN idmap backend = ldap:ldap://localhost idmap alloc backend = ldap winbind use default domain = Yes idmap alloc config:range = 50000-500000 idmap alloc config:ldap_url = ldap://localhost idmap alloc config:ldap_user_dn = cn=admin,dc=devdomain,dc=com idmap alloc config:ldap_base_dn = ou=idmap,dc= devdomain,dc=com idmap config DEVDOMAIN:range = 50000-500000 idmap config DEVDOMAIN:ldap_url = ldap://localhost idmap config DEVDOMAIN:ldap_user_dn = cn=admin,dc= devdomain,dc=com idmap config DEVDOMAIN:ldap_base_dn = ou=idmap,dc= devdomain,dc=com idmap config DEVDOMAIN:default = yes idmap config DEVDOMAIN:readonly = no idmap config DEVDOMAIN:backend = ldap ldapsam:editposix = yes ldapsam:trusted = yes #Templates template homedir = /home/%U template shell = /bin/false [homes] comment = Home Directories valid users = %S read only = No create mask = 0640 directory mask = 0750 browseable = No [IT] path = /home/IT comment= IT stuff valid users = @IT read only = no create mask = 0660 directory mask = 0770 browseable = yes [netlogon] path = /var/lib/samba/netlogon browseable = no write list = @wheel @domadmins [profiles] path = /var/lib/samba/profiles writeable = yes create mask = 0700 directory mask = 0700 browsable = no valid users = @wheel @domusers @domadmins
> How do you enable local profile creation on machines connected to a samba PDC? >In smb.conf: logon path = [meaning nothing after the "=" sign] Samba HOWTO Collection Desktop Profile Management http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ProfileMgmt.html Samba 3 by Example: Windows Client Configuration http://us1.samba.org/samba/docs/man/Samba-Guide/happy.html#id2581407
On Tue, Jul 28, 2009 at 3:56 PM, Miguel Medalha<miguelmedalha at sapo.pt> wrote:> >> How do you enable local profile creation on machines connected to a samba >> PDC? >> > > In smb.conf: > > logon path = [meaning nothing after the "=" sign]Ah. I thought that the stanza would just disable roaming profiles. logon path Do I take it that there is no good way to have a mix of local & roaming profiles? IE: where if the user has a profile on the server they get it, otherwise they use a local?
logon path = will disable automatic roaming profile settings. You can still define roaming (or mandatory) profiles on a per user basis using "user manager" from the NT admin tools. ------------------------------------------------------------------------ Tony Hoover, Network Administrator KSU - Salina, College of Technology and Aviation (785) 826-2660 "Don't Blend in..." ------------------------------------------------------------------------ -----Original Message----- From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] On Behalf Of Kyle Schmitt Sent: Tuesday, July 28, 2009 4:17 PM Cc: samba Subject: Re: [Samba] How to use local profiles in samba PDC? On Tue, Jul 28, 2009 at 3:56 PM, Miguel Medalha<miguelmedalha at sapo.pt> wrote:> >> How do you enable local profile creation on machines connected to a samba >> PDC? >> > > In smb.conf: > > logon path = [meaning nothing after the "=" sign]Ah. I thought that the stanza would just disable roaming profiles. logon path Do I take it that there is no good way to have a mix of local & roaming profiles? IE: where if the user has a profile on the server they get it, otherwise they use a local? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
> Ah. I thought that the stanza would just disable roaming profiles. > logon path > >I misunderstood your question because your subject line says "How to use local profiles in samba PDC". Well, you must have a "netlogon" share containing a "Default User" profile. The process is described in the Samba documents I pointed you to.
> Do I take it that there is no good way to have a mix of local & > roaming profiles? > IE: where if the user has a profile on the server they get it, > otherwise they use a local? >You will benefit a lot by reading the section about redirected profile folders. I suppose it will do what you want. I sometimes use local profiles for my users except for the "My Documents", "Desktop", "Favorites", "Application Settings", etc. which are redirected and reside on the PDC. Besides some particular cases, the use of full roaming profiles is just not convenient these days because users keep gigabytes of files in their folders. The workstation would take a eternity to login to the domain. Redirected folders solve this problem since the files never leave the server and are available to all workstations from which the user logs in.
Kyle, You might also need to populate this setting: A) Only allowing local profiles and disabling roaming profiles: (start->run->gpedit.msc->Local Computer Policy->Computer Configuration->Administratrive Templates->System->User Profiles As a result, each user gets a profile created in C:\Documents and Settings\username Kyle Schmitt wrote:> How do you enable local profile creation on machines connected to a samba PDC? > > I thought it would be automatic, but it doesn't seem to be. If there > isn't a roving profile, windows complains it can't find your profile > on the server, then instead of creating a local one, it throws up this > message: > > "Windows cannot find the local profile and is logging you on with a > temporary profile. Changes you make to this profile will be lost when > you log off." > > > I thought perhaps it needed a "Default User" profile served over the > network, but adding such a profile to my config didn't help anything. > > I wouldn't think it was something to do in my smb.conf, but it's > below, just in case it helps. >
Seemingly Similar Threads
- roaming profile doubles in size at client logout
- losing access to profile when user becomes domain user instead domain admin
- [Solaris 9][ads] net ads testjoin error
- windows 7 roaming profiles
- Unix Attributes in Active Directory Users and Computers (ADUC) tool