LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-20-2008, 12:59 PM   #1
t0bias
Member
 
Registered: Aug 2005
Distribution: Fedora 13, RHEL 5.3, Ubuntu 10.04, Debian Lenny
Posts: 128

Rep: Reputation: 16
[SOLVED] Samba PDC without profile roaming troubles


Hi,

I am trying to set up a Samba PDC without roaming profiles, so the PDC should just do the authentication process and rights distribution.

When I logon with a Windows client I get the following error-message:

Code:
Your roaming profile is not available. You are logged on with the locally stored profile. Changes to the profile will not be propagated to the server. Contact your network administrator.

DETAIL: The filename, directory name or volume label syntax is incorrect.
Actually, this is what I do want it to do, but how can I get rid of this error-message, each time a client logs on?

This is my smb.conf:

Code:
[global]
  workgroup = WORKGROUP
  netbios name = SAMBA PDC
  server string = Samba Domain Controller %v
  passdb backend = ldapsam:ldap://127.0.0.1/
  log file = /var/log/samba/%m.log
  max log size = 50
  socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
  add user script = /usr/sbin/smbldap-useradd -m "%u"
  delete user script = /usr/sbin/smbldap-userdel "%u"
  add group script = /usr/sbin/smbldap-groupadd -p "%g"
  delete group script = /usr/sbin/smbldap-groupdel "%g"
  add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
  delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
  set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
  add machine script = /usr/sbin/smbldap-useradd -w "%u"
  logon path = ""
  domain logons = Yes
  preferred master = Yes
  domain master = Yes
  encrypt passwords = Yes
  os level = 65
  dns proxy = No
  ldap admin dn = cn=admin,dc=samba,dc=local
  ldap delete dn = Yes
  ldap group suffix = ou=groups
  ldap idmap suffix = ou=users
  ldap machine suffix = ou=machines
  ldap suffix = dc=samba,dc=local
  ldap ssl = no
  ldap user suffix = ou=users
  idmap backend = ldap:ldap://127.0.0.1/

[homes]
  comment = Home Directories
  path = /home/profiles/%U
  read only = No
  writable = Yes
  create mask = 0644
  directory mask = 0775
  inherit permissions = Yes
  browseable = No

[netlogon]
  path = /home/samba/netlogon/%U
  browseable = No
  writable = Yes

[profiles]
  path = /home/samba/profiles/%U
  valid users = %U, "@Domain Admins"
  force user = %U
  read only = No
  writable = Yes
  create mask = 0700
  directory mask = 0775
  guest ok = Yes
  profile acls = Yes
  case sensitive = No
  preserve case = No
  short preserve case = No
  browseable = No
  csc policy = disable
Thanks,

Toby

Last edited by t0bias; 09-20-2008 at 04:29 PM.
 
Old 09-20-2008, 03:55 PM   #2
Woodypecker
Member
 
Registered: Mar 2006
Location: Austria
Distribution: Mandriva/Debian
Posts: 102

Rep: Reputation: 17
Search for "logon path" in man smb.conf.
You will find that the stanza
logon path = "" deliberately disables roaming profiles.
 
Old 09-20-2008, 04:02 PM   #3
t0bias
Member
 
Registered: Aug 2005
Distribution: Fedora 13, RHEL 5.3, Ubuntu 10.04, Debian Lenny
Posts: 128

Original Poster
Rep: Reputation: 16
Hmm.. I think you didn't read my post carefully enough as I do NOT want roaming profiles.
 
Old 09-20-2008, 04:17 PM   #4
Woodypecker
Member
 
Registered: Mar 2006
Location: Austria
Distribution: Mandriva/Debian
Posts: 102

Rep: Reputation: 17
Uhm, didn't I write exactly that? The stanza 'logon path ="" ` does just that,
disabling roaming profiles.
You can indeed use a netlogon script (share netlogon is necessary) to run
a regedit command as (local/domain) admin, possibly using CPAU, to permanently
disable roaming profile at the client side.
 
Old 09-20-2008, 04:21 PM   #5
Woodypecker
Member
 
Registered: Mar 2006
Location: Austria
Distribution: Mandriva/Debian
Posts: 102

Rep: Reputation: 17
Ouch I see you already have that stanza .... well, at work we use it as well,
but without the quotes, just the empty = ... when I wrote the replies,
I wanted to play safe and took the example from the manpage.
Maybe better omit the "" - we don't see that error, in particular the syntax/label
part.
 
Old 09-20-2008, 04:28 PM   #6
t0bias
Member
 
Registered: Aug 2005
Distribution: Fedora 13, RHEL 5.3, Ubuntu 10.04, Debian Lenny
Posts: 128

Original Poster
Rep: Reputation: 16
Wow, indeed, omiting the paranthesis solved the problem..!

Thanks,

Toby
 
Old 09-21-2008, 01:39 PM   #7
ridingthestorm
LQ Newbie
 
Registered: Sep 2008
Distribution: Debian, FreeBSD
Posts: 21

Rep: Reputation: 0
Hi there,

I'm struggling with this, too, and removing the "" works fine. But what about the three commas (apparently taken from /etc/passwd) on the top of Start Menu following the domain user's full name (e.g., John Littleroof,,,)? Is there a way to get rid of them other than switching to classical start menu?
 
  


Reply

Tags
client, openldap, pdc, samba, windows


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
samba PDC Win98 client with roaming profile importing HKCU "NoDevMgrPage" itzamecwp Linux - Server 0 01-18-2007 05:15 PM
samba PDC Roaming Profile 1st login only keirvt Linux - Software 0 12-18-2006 03:15 AM
cannot update roaming profile on samba pdc via vpn thesillyspider Linux - Networking 0 11-02-2006 02:49 AM
Samba PDC/WinXP Roaming profile terran2k Linux - Networking 1 02-20-2006 06:35 PM
Samba 3 PDC/Win2K client: Roaming profile save problem: disk space thr0ck Linux - Networking 11 07-19-2004 12:20 PM


All times are GMT -5. The time now is 01:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration