WinXP won't load roaming profiles from SAMBA server
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
WinXP won't load roaming profiles from SAMBA server
Hi all,
I have configured Samba 3.0.28a on Ubuntu studio 8.04 - AMD64. It is configured as a PDC and the users get login to their respective home directories. But, the profile is not loading. So, if users make any changes to their desktop or my documents,they don't get loaded. The error is "windows didnot load your roaming profile and is attempting to log you on with your local profile.Changes to the profile will not be copied to the server when you logoff. Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the Administrator's group must be the owner of the folder." Contact your network administrator.
" Strangely, this used to work when i first created these user accounts. Below is my smb.conf file
# Global parameters
[global]
workgroup = abcd
netbios name = server
;interfaces = eth1, lo
;bind interfaces only = Yes
passdb backend = tdbsam
hosts allow = 10.10.10.0/24
security = user
smb ports = 139
add user script = /usr/sbin/useradd -m '%u'
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'
include = /etc/samba/dc-common.conf
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192
[share]
comment = Student common Share Directory
browsable=yes
path = /export/
read only = No
writable = yes
domain logons = Yes
preferred master = Yes
domain master = yes
wins support = Yes
os level = 65
;logon path = \\%L\profiles\%U
;logon drive = h:
;logon home = \\%L\%U
;logon script = logon.bat
include = /etc/samba/common.conf
[homes]
comment = Home Directory
valid users = %S
read only = No
browseable = No
path = /home/%u
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
;profile acls = Yes
writable = yes
browsable = no
Contents of common.conf
[global]
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
;shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
utmp = Yes
map acl inherit = Yes
printing = cups
#veto files = /*.eml/*.nws/*.{*}/
#veto oplock files = /*.doc/*.xls/*.mdb/
;include =
# Share and Service Definitions are common to all servers
;[printers]
;comment = SMB Print Spool
;path = /var/spool/samba
;guest ok = Yes
;printable = Yes
;use client driver = Yes
;default devmode = Yes
;browseable = No
;[apps]
;comment = Application Files
;path = /apps
;admin users = sambauser
;read only = No
The profiles directory is under /var/lib/samba/profiles
The permissions of the /var/lib/samba directory is
drwxr-xr-x 8 root root 4096 2008-10-01 16:21 samba
The Permissions of the /var/lib/samba/profiles directory:
drwxr-xr-x 30 root root 4096 2008-09-24 16:37 profiles
Under the profiles directories, user directories are created and they have username.users permission. For example..
drwxr-xr-x 13 priya users 4096 2008-10-01 12:31 priya
Sorry for the long post.
can someone help me with this
Avinash
Last edited by avinash.rao; 10-01-2008 at 06:09 AM.
Install the samba-doc package if you don't have it. Roaming Profiles are covered in chapter 27 in the Samba3-HOWTO book. XP Professional is covered in 27.2.2.3. If you don't have XP Pro, I don't know if roaming profiles are supported because XP home has domain support stripped out.
Code:
When MS Windows 200x/XP participates in a domain security context,
and if the default user profile is not found, then the client will search for
a default profile in the NETLOGON share of the authenticating server. In
MS Windows parlance, it is %LOGONSERVER%\NETLOGON\Default User, and
if one exists there, it will copy this to the workstation in the C:\Documents
and Settings\ under the Windows login name of the use.
Note
This path translates, in Samba parlance, to the smb.conf
[NETLOGON] share. The directory should be created at
the root of this share and must be called Default User.
It seems that you have your login path commented out. Was that the case before?
I am using WinXP - SP2 and i downloaded samba doc, but where can i find it?
I figured out the problem. There was a mistake in the profiles path. After installing samba, i used the pdbedit command to set account policies on each user, and i guess by mistake the profiles path was entered wrongly. I changed the profiles path using pdbedit command and it worked. But, i had to do this manually for each user.
1) How can i use the pdbedit command to set account policies for all users at once? say for example i want to change the account password policy for 30 users at once?
The above scenario leads me to a question. The default profiles path in samba is in the users home directory /home/username/profile directory. But, i have a different path set for profiles in smb.conf file which is /var/lib/samba/profiles/username. Now which takes the precedence?
I tested this yesterday, i created a new samba user, using smbpasswd -a username command. at the end, in the username details, the profile path is automatically set to /home/username/profile directory. But, in my smb.conf file i have defined a profiles share which is under /var/lib/samba/profiles/username. Now, there is a conflict here?
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
;profile acls = Yes
writable = yes
browsable = no
logon path = \\%L\profiles\%U
logon drive = p:
What is the use of using these parameters then? like logon path = \\%L\profiles\%U etc..??
It doesn't appear that you can change the profile path as a policy in pdbedit. The man page states:
"Valid policies are: minimum password age, reset count minutes, dis‐connect time, user must logon to change password, password history,lockout duration, min password length, maximum password age and bad lockout attempt."
Also, shouldn't "logon path = \\%L\profiles\%U" be in the [global] section of smb.conf? "path" should be in [profiles].
"logon path" is the network path to the profile so Windows can find it.
"path" is the physical location of the profile on the samba server.
Thanks for the clarifications. I will make these changes in smb.conf file and get back to you. But, strange that the profiles started working when i changed the profiles path using the pdbedit command, may be as you said, the path is in the wrong section in smb.conf file!
Quote:
Originally Posted by mrog
It doesn't appear that you can change the profile path as a policy in pdbedit. The man page states:
"Valid policies are: minimum password age, reset count minutes, dis‐connect time, user must logon to change password, password history,lockout duration, min password length, maximum password age and bad lockout attempt."
Also, shouldn't "logon path = \\%L\profiles\%U" be in the [global] section of smb.conf? "path" should be in [profiles].
"logon path" is the network path to the profile so Windows can find it.
"path" is the physical location of the profile on the samba server.
I have put the contents of dc-common and common files to smb.conf file. So, i have only one samba configuration file.
I have put the following under the global section,
logon path = \\%L\profiles\%U
logon drive = p:
logon home = \\%L\%U
The output of smbstatus -L
root@Studio-Server:~# smbstatus -L
Global parameter logon path found in service section!
Global parameter logon drive found in service section!
Global parameter logon home found in service section!
Global parameter logon script found in service section!
No locked files
Contents of SMB.CONF
# Global parameters
[global]
workgroup = sscms
netbios name = studio-server
;interfaces = eth1, lo
;bind interfaces only = Yes
passdb backend = tdbsam
logon path = \\%L\profiles\%U
logon drive = p:
logon home = \\%L\%U
;logon script = logon.bat
domain logons = Yes
preferred master = Yes
domain master = Yes
wins support = Yes
os level = 65
#username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
time server = NO
printcap name = CUPS
show add printer wizard = No
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.