samba - Aug 2009 - default profile

Hi,

I installed a SaMBa PDC and a BDC. When I log in to an XP client with a new
user, sometimes I get the initial profile settings from the netlogon share,
but often from local. When I get the local default settings, it is not
syncronized to the server at logout. Even if I get the new profile from the
server, on the same client, next time, with a new user, I get the new
profile from local. I don't understand why, and I didn't get error
message/log.
PDC's smb.conf:
[global]
    dos charset = CP852
    unix charset = UTF8
    workgroup = PERCZELMOR
    server string = %h - PERCZELMOR PDC
    interfaces = 127.0.0.0/8, eth0
    bind interfaces only = Yes
    passdb backend = ldapsam:"ldap://127.0.0.1:389"
    log level = 1 auth:2
    log file = /var/log/samba/log.%m
    max log size = 1000
    smb ports = 139
    name resolve order = wins host bcast
    time server = Yes
    printcap name = /etc/printcap
    rename user script = /usr/sbin/smbldap-usermod -r '%unew'
'%uold'
    add group script = /usr/sbin/smbldap-groupadd -p "%g"
    delete group script = /usr/sbin/smbldap-groupdel "%g"
    add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u"
"%g"
    set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%u"
    add machine script = /usr/sbin/smbldap-useradd -w "%u"
    logon script = scripts\logon.cmd
    logon path = \\SRV3\profiles\%U
    logon drive = H:
    logon home = \\SRV3\%U
    domain logons = Yes
    preferred master = Yes
    wins support = Yes
    ldap admin dn = cn=su,dc=perczelmor,dc=site
    ldap group suffix = ou=Groups
    ldap idmap suffix = ou=Idmap
    ldap machine suffix = ou=People
    ldap passwd sync = Yes
    ldap suffix = dc=perczelmor,dc=site
    ldap ssl = no
    ldap user suffix = ou=People
    eventlog list = Security, Application, Syslog
    usershare max shares = 0
    usershare path = /home/samba/usershares
    panic action = /usr/share/samba/panic-action %d
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    create mask = 0777
    map acl inherit = Yes
    veto oplock files = /*.pdf/*.pst/
    browseable = No
    csc policy = disable

[netlogon]
    comment = Network Logon Service
    path = /home/samba/netlogon
    guest ok = Yes
    fake oplocks = Yes

[profiles]
    comment = Users profiles
    path = /home/samba/profiles
    read only = No
    create mask = 0600
    directory mask = 0700
    profile acls = Yes

....

BDC's smb.conf:
[global]
    dos charset = CP852
    unix charset = UTF8
    workgroup = PERCZELMOR
    server string = %h - PERCZELMOR BDC
    interfaces = 127.0.0.0/8, eth0
    bind interfaces only = Yes
    passdb backend = ldapsam:"ldap://127.0.0.1:389"
    syslog = 2
    log file = /var/log/samba/log.%m
    max log size = 1000
    smb ports = 139
    name resolve order = wins host bcast
    time server = Yes
    printcap name = /etc/printcap
    logon script = scripts\logon.cmd
    logon path = \\SRV3\profiles\%U
    logon drive = H:
    logon home = \\SRV3\%U
    domain logons = Yes
    domain master = No
    dns proxy = No
    wins server = 192.168.0.3
    ldap admin dn = cn=su,dc=perczelmor,dc=site
    ldap group suffix = ou=Groups
    ldap idmap suffix = ou=Idmap
    ldap machine suffix = ou=People
    ldap passwd sync = Yes
    ldap suffix = dc=perczelmor,dc=site
    ldap ssl = no
    ldap user suffix = ou=People
    eventlog list = Security, Application, Syslog
    usershare max shares = 0
    panic action = /usr/share/samba/panic-action %d
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    map acl inherit = Yes
    veto oplock files = /*.pdf/*.pst/
    browseable = No

[netlogon]
    comment = Network Logon Service
    path = /home/samba/netlogon
    guest ok = Yes
    fake oplocks = Yes

Any idea? What can I check/change?
Thanks, in advance.

Tamas.

my computer properties, advanced tab, user profiles.  is user set to 
local and not roaming? does it only happen to certain users?  or users 
that authenticate against the BDC?

Tam?s Pisch wrote:
> Hi,
>
> I installed a SaMBa PDC and a BDC. When I log in to an XP client with a new
> user, sometimes I get the initial profile settings from the netlogon share,
> but often from local. When I get the local default settings, it is not
> syncronized to the server at logout. Even if I get the new profile from the
> server, on the same client, next time, with a new user, I get the new
> profile from local. I don't understand why, and I didn't get error
> message/log.
> PDC's smb.conf:
> [global]
>     dos charset = CP852
>     unix charset = UTF8
>     workgroup = PERCZELMOR
>     server string = %h - PERCZELMOR PDC
>     interfaces = 127.0.0.0/8, eth0
>     bind interfaces only = Yes
>     passdb backend = ldapsam:"ldap://127.0.0.1:389"
>     log level = 1 auth:2
>     log file = /var/log/samba/log.%m
>     max log size = 1000
>     smb ports = 139
>     name resolve order = wins host bcast
>     time server = Yes
>     printcap name = /etc/printcap
>     rename user script = /usr/sbin/smbldap-usermod -r '%unew'
'%uold'
>     add group script = /usr/sbin/smbldap-groupadd -p "%g"
>     delete group script = /usr/sbin/smbldap-groupdel "%g"
>     add user to group script = /usr/sbin/smbldap-groupmod -m "%u"
"%g"
>     delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
>     set primary group script = /usr/sbin/smbldap-usermod -g "%g"
"%u"
>     add machine script = /usr/sbin/smbldap-useradd -w "%u"
>     logon script = scripts\logon.cmd
>     logon path = \\SRV3\profiles\%U
>     logon drive = H:
>     logon home = \\SRV3\%U
>     domain logons = Yes
>     preferred master = Yes
>     wins support = Yes
>     ldap admin dn = cn=su,dc=perczelmor,dc=site
>     ldap group suffix = ou=Groups
>     ldap idmap suffix = ou=Idmap
>     ldap machine suffix = ou=People
>     ldap passwd sync = Yes
>     ldap suffix = dc=perczelmor,dc=site
>     ldap ssl = no
>     ldap user suffix = ou=People
>     eventlog list = Security, Application, Syslog
>     usershare max shares = 0
>     usershare path = /home/samba/usershares
>     panic action = /usr/share/samba/panic-action %d
>     idmap uid = 10000-20000
>     idmap gid = 10000-20000
>     create mask = 0777
>     map acl inherit = Yes
>     veto oplock files = /*.pdf/*.pst/
>     browseable = No
>     csc policy = disable
>
> [netlogon]
>     comment = Network Logon Service
>     path = /home/samba/netlogon
>     guest ok = Yes
>     fake oplocks = Yes
>
> [profiles]
>     comment = Users profiles
>     path = /home/samba/profiles
>     read only = No
>     create mask = 0600
>     directory mask = 0700
>     profile acls = Yes
>
> ....
>
> BDC's smb.conf:
> [global]
>     dos charset = CP852
>     unix charset = UTF8
>     workgroup = PERCZELMOR
>     server string = %h - PERCZELMOR BDC
>     interfaces = 127.0.0.0/8, eth0
>     bind interfaces only = Yes
>     passdb backend = ldapsam:"ldap://127.0.0.1:389"
>     syslog = 2
>     log file = /var/log/samba/log.%m
>     max log size = 1000
>     smb ports = 139
>     name resolve order = wins host bcast
>     time server = Yes
>     printcap name = /etc/printcap
>     logon script = scripts\logon.cmd
>     logon path = \\SRV3\profiles\%U
>     logon drive = H:
>     logon home = \\SRV3\%U
>     domain logons = Yes
>     domain master = No
>     dns proxy = No
>     wins server = 192.168.0.3
>     ldap admin dn = cn=su,dc=perczelmor,dc=site
>     ldap group suffix = ou=Groups
>     ldap idmap suffix = ou=Idmap
>     ldap machine suffix = ou=People
>     ldap passwd sync = Yes
>     ldap suffix = dc=perczelmor,dc=site
>     ldap ssl = no
>     ldap user suffix = ou=People
>     eventlog list = Security, Application, Syslog
>     usershare max shares = 0
>     panic action = /usr/share/samba/panic-action %d
>     idmap uid = 10000-20000
>     idmap gid = 10000-20000
>     map acl inherit = Yes
>     veto oplock files = /*.pdf/*.pst/
>     browseable = No
>
> [netlogon]
>     comment = Network Logon Service
>     path = /home/samba/netlogon
>     guest ok = Yes
>     fake oplocks = Yes
>
> Any idea? What can I check/change?
> Thanks, in advance.
>
> Tamas.
>

2009/9/1 Adam Williams <awilliam at mdah.state.ms.us>
>
>
> Tam?s Pisch wrote:
>
> 2009/8/31 Adam Williams <awilliam at mdah.state.ms.us> <awilliam
at mdah.state.ms.us>
>
>    my computer properties, advanced tab, user profiles.  is user set to
local
> and not roaming? does it only happen to certain
>
>
>  local profile
>
>
>
>
> change local profile to roaming in the my computer properties, advanced,
> user profiles section.
>
I cannot, because it is inactive (grayed).

you can copy it manually form c:\docs and settings\username to 
\\server\profiles\username and then delete the local user and have them 
login and it should load their profile as a roaming user.

Tam?s Pisch wrote:
> 2009/9/1 Adam Williams <awilliam at mdah.state.ms.us>
>
>   
>> Tam?s Pisch wrote:
>>
>> 2009/8/31 Adam Williams <awilliam at mdah.state.ms.us>
<awilliam at mdah.state.ms.us>
>>
>>    my computer properties, advanced tab, user profiles.  is user set to
local
>> and not roaming? does it only happen to certain
>>
>>
>>  local profile
>>
>>
>>
>>
>> change local profile to roaming in the my computer properties,
advanced,
>> user profiles section.
>>
>>     
>
> I cannot, because it is inactive (grayed).
>