Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
[SOLVED] Samba PDC without profile roaming troubles
Hi,
I am trying to set up a Samba PDC without roaming profiles, so the PDC should just do the authentication process and rights distribution.
When I logon with a Windows client I get the following error-message:
Code:
Your roaming profile is not available. You are logged on with the locally stored profile. Changes to the profile will not be propagated to the server. Contact your network administrator.
DETAIL: The filename, directory name or volume label syntax is incorrect.
Actually, this is what I do want it to do, but how can I get rid of this error-message, each time a client logs on?
This is my smb.conf:
Code:
[global]
workgroup = WORKGROUP
netbios name = SAMBA PDC
server string = Samba Domain Controller %v
passdb backend = ldapsam:ldap://127.0.0.1/
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
add user script = /usr/sbin/smbldap-useradd -m "%u"
delete user script = /usr/sbin/smbldap-userdel "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
logon path = ""
domain logons = Yes
preferred master = Yes
domain master = Yes
encrypt passwords = Yes
os level = 65
dns proxy = No
ldap admin dn = cn=admin,dc=samba,dc=local
ldap delete dn = Yes
ldap group suffix = ou=groups
ldap idmap suffix = ou=users
ldap machine suffix = ou=machines
ldap suffix = dc=samba,dc=local
ldap ssl = no
ldap user suffix = ou=users
idmap backend = ldap:ldap://127.0.0.1/
[homes]
comment = Home Directories
path = /home/profiles/%U
read only = No
writable = Yes
create mask = 0644
directory mask = 0775
inherit permissions = Yes
browseable = No
[netlogon]
path = /home/samba/netlogon/%U
browseable = No
writable = Yes
[profiles]
path = /home/samba/profiles/%U
valid users = %U, "@Domain Admins"
force user = %U
read only = No
writable = Yes
create mask = 0700
directory mask = 0775
guest ok = Yes
profile acls = Yes
case sensitive = No
preserve case = No
short preserve case = No
browseable = No
csc policy = disable
Uhm, didn't I write exactly that? The stanza 'logon path ="" ` does just that,
disabling roaming profiles.
You can indeed use a netlogon script (share netlogon is necessary) to run
a regedit command as (local/domain) admin, possibly using CPAU, to permanently
disable roaming profile at the client side.
Ouch I see you already have that stanza .... well, at work we use it as well,
but without the quotes, just the empty = ... when I wrote the replies,
I wanted to play safe and took the example from the manpage.
Maybe better omit the "" - we don't see that error, in particular the syntax/label
part.
I'm struggling with this, too, and removing the "" works fine. But what about the three commas (apparently taken from /etc/passwd) on the top of Start Menu following the domain user's full name (e.g., John Littleroof,,,)? Is there a way to get rid of them other than switching to classical start menu?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.