hello all, I am building a network system using Samba 3.5 on Debian Squeeze and Windows 2003 workstations. I have properly configured my samba PDC, and that's working correctly. I am using an external LDAP to store the credentials. I also wanted to use roaming profiles, and I have properly configured this. That's working well for me, using Windows 2003 work stations. I'll soon have both my PDC and my BDC. The profiles are actually stored on the PDC server. However, I'd like to store the profiles on a third server. I know this is possible but I want to know were I can find a proper documentation or tutorial to do this. Here my questions to start - I probably have to install samba on this third server, neither as PDC or BDC, but Do I have to use special parameters ? - Should I use again NSS and LDAP on this third server for the authentication credentials database ? Andr?.
I encountered a strange problem recently when changing the IP of my Samba server. We are in the process of moving from an ancient NT4 domain to an AD domain. We did a full migration of all the users, and up until Friday, our AD users were able to access the Samba server (which is still on the NT domain) with full permissions, etc. On Friday for reasons completely unrelated, we had to change the IP of the Samba server. When we brought it up on the new IP, it gave an error bringing up the Samba daemons. I was rushed and didn't pay to much attention to the error, but instead took the easy route of removing Samba from the NT domain, and re-joining. That got the Samba daemons up and running and we mostly had no problem, except now the AD users aren't allowed to access their home directories. The AD and NT domains have a mutual trust relationship, and all SSIDs for the users on both domains are the same. As I said, prior to Friday, these users were able to access. I'm not entirely sure how Samba handles multiple domains, etc. and I have no idea how to even begin to trouble shoot this problem. Any suggestions would be welcome. -Ron
> > --- Original message --- > Subject: [Samba] store profiles on a third server > From: Andr? Rodier <andre.rodier at red2.co.uk> > To: <samba at lists.samba.org> > Date: Sunday, 23/01/2011 9:08 AM > > X-SpamDetect-Info: ------------- Start ASpam results --------------- > X-SpamDetect-Info: This message may be spam. This message BODY has > been altered to show you the spam information > X-SpamDetect: ***: 3.8 sd=3.8 [96]12%-6.0(Accept Orbs) > [212]87%5.6(!46,60) [129]44%-0.0(from_return_nomatch) > [27]46%-0.0(X-LangGuess:English) [sig=2] [nnot=1,nis=0,0.0] > X-SpamDetect-Info: ------------- End ASpam results ----------------- > > hello all, > > I am building a network system using Samba 3.5 on Debian Squeeze and > Windows 2003 workstations. > > I have properly configured my samba PDC, and that's working correctly. > I > am using an external LDAP to store the credentials. > > I also wanted to use roaming profiles, and I have properly configured > this. That's working well for me, using Windows 2003 work stations. > > I'll soon have both my PDC and my BDC. The profiles are actually > stored > on the PDC server. > > However, I'd like to store the profiles on a third server. I know this > is possible but I want to know were I can find a proper documentation > or > tutorial to do this.In LDAP there is a storage location: sambaProfilePath: \\<server name or IP addy>\<Profiles share name>\<username> If you are using smbldap-tools, this can be set in smbldap.conf here: ############################################################################## # # SAMBA Configuration # ############################################################################## # The UNC path to home drives location (%U username substitution) # Just set it to a null string if you want to use the smb.conf 'logon home' # directive and/or disable roaming profiles # Ex: userSmbHome="\\PDC-SMB3\%U" userSmbHome="\\<HomeShare>\<DirectoryShare>" # The UNC path to profiles locations (%U username substitution) # Just set it to a null string if you want to use the smb.conf 'logon path' # directive and/or disable roaming profiles # Ex: userProfile="\\camarillo\profiles\%U" userProfile="\\<ProfileShare>\<ProfileShare>\%U" For existing users, copy the profiles to the new server (or not, really, as they will be re-written at logoff) and set permissions. Edit the ldap settings in your current DIT.> > > > Here my questions to start > > - I probably have to install samba on this third server,If you're using a *nix server, that would be best.> > neither as PDC > or BDC,Why would you NOT have it be a BDC? I would.> > but Do I have to use special parameters ?????> > > > - Should I use again NSS and LDAP on this third server for the > authentication credentials database ?It should authenticate of the domain, yes. As I said making it a BDC would be best.> > > > > Andr?. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
> However, I'd like to store the profiles on a third server.I have had it this way for 5+ years at work. My PDC and BDCs exist as openvz and lvm virtual machines that I can move to any server. Neither of these contain any file shares.> I know this is > possible but I want to know were I can find a proper documentation or > tutorial to do this. > > Here my questions to start > > - I probably have to install samba on this third server, neither as PDC or > BDC, but Do I have to use special parameters ? > > - Should I use again NSS and LDAP on this third server for the > authentication credentials database ? >Yes. John
> >> >>> >>> I have had it this way for 5+ years at work. My PDC and BDCs >>> exist as openvz and lvm virtual machines that I can move to >>> any server. Neither of these contain any file shares. >> >> Can this be done if not using LDAP? >> > > I do not know. I believe it would be more difficult without LDAP > however. We have used ldap with samba from the start since we migrated > a windows 2000 domain over to samba.In a multi server environment it is advisable to use LDAP.> > > >> >>> >>> >>>> >>>> I know this is >>>> possible but I want to know were I can find a proper >>> documentation or >>>> >>>> tutorial to do this. >>>> >> >> Any pointers on where to find examples? >> > Not really. I just put a few concepts that I was using together over > the years. Also I have not looked for examples in a very long time. > > John > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba