samba roaming profiles directory owner and permissions
I'm having a problem with my profiles share that is related to permissions.
Windows can't store any profiles to it because access is not granted.
My profiles share is (2775):
drwxrwsr-x 3 root users 4096 2008-07-20 23:42 profiles
I can set my profiles share to 777 (full permission for everyone) but I don't want that.
I believe it should be set to 775 (samba.org doc says 2775 ... sticky bit?).
So what is the issue? Is it ownership? Is it groups?
When I set the permissions of the profiles directory to 777 the created files and directories are owned by <username> and group <username>.
This is setting the SGID not the sticky bit.
Permissions of 2775 should work (as per the Samba documentation)
As this isn't working you could use 2777, this would set a group of "users", but follow the umask settings that the user has (typically 0022 which creates files of -rw-r--r-- and directories of drwxr-xr-x)
Thank you for clearing that up a little bit.
I think it was actually a Windows problem. I wasn't rebooting windows - just logging out and logging back in. So it wasn't refreshing the permissions? That's my only guess.
After rebooting it seemed to work fine. I think I might not use Profiles in the long run just to speed up logging in and in the final application the users don't change computers at all. So there is really no benefit.
I do wonder, however, it there a way to make it so only certain users (ie: Administrator) uses roaming profiles, but everyone else doesn't? I kind of doubt it - but that would be a nice feature. I could only allow the Admin permission to use the directory, but then windows would complain about not being able to find a roaming profile... using local one instead... blah... blah...
How were you setting roaming profiles?
Normally in Active Directory, you would have a seperate container for Administrative Accounts. I typically advise not setting group policy on the default "Administrators" container as this might cause problems that you haven't considered.
Assuming (always dangerous) that there aren't losts of Administrative Accounts, you could:
If you use either Citrix or Remote Desktop (RDC) then I would suggest you set a seperate area to store Terminal Service Profiles.
Hope this helps.
I've upgraded our SME server from 7.2 to 7.3 while logged on via my roaming profile.
Next logon the profile was not found. Further investigation showed it still to be there in /home/e-smith/files/samba/profiles/ but the ownership and group had both changed to rpminstall.
I cannot change ownership back to myself with chown even though logged on as root.
How do I fix this? (my Linux knowledge is limited, sorry).
|All times are GMT -5. The time now is 02:01 AM.|