Storing roaming profiles on Samba share
 

I'm running Windows 2k as a domain controller and have samba setup on RH9 as a file server.
I would like to have samba store and serve my roaming profiles. While this sounded like a good idea at the time I am having no luck at all making this work.
Trying this with a test account I've created a test user account with the same user id/password on all services, for example:

Samba user:
jblack/P@$$w0rd
Linux user:
jblack/P@$$w0rd
Windows user:
jblack/P@$$w0rd

When this user tries to log in I get a message saying that a server copy of the profile exsists that does not have the correct security and that the folder must be owned by the user or admin (I get this no matter who owns the folder... root, jblack, etc).

Any help with this would be appreciated.

John Black
n7kn@qsl.net

Welcome to LQ.

Have you checked the filesystem permissions as well as the permissions in smb.conf

Thanks for the reply.
I believe I did by using chmod -R 777 <folder name containing profiles>
Usually not the best practice to leave a folder wide open like that but my users (i.e.: family members) usually have to be shown a share actally exsists as well as be told what can be done with it.

I forgot to address smb.conf comment:

[shared]
comment = shared
path = /usr/shared
writeable = yes
guest ok = yes

I would guess that's pretty wide open too.

Can you post the whole config file.

Sure!
I was going to paste it in here but I believe there is simply too much text.
I've uploaded the file to some obscure webspace as a text file:

http://home.doitnow.com/~whywait/smbconf.txt

I sure appreciate the help, David.
____________________________

What's with all of the user shares. If you want to share home directories, use the built in [homes] share as opposed to having individual shares.

As for the profile stuff, how do you go about setting it up. I can't remember at the top of my head and I just blew away my 2k server. I blew it up to play with email. You will need to open up "active directory users and computer" and set up the appropriate values for the profile path. Do you have something like \\<Samba_Server_Name>\%Username%? I just noticed that you didn't explicitly name your samba server. It is a good idea to put the value for netbios name in there.

What is the value you have set it Active Directory for each user.

------------------------------------------------------------------

I have a question of my own and it relates to samba and profiles. Sorry if I am monopolizing this thread, but it is slightly related so here goes:

My samba server is the DC for a domain and I am doing profiles. It works just fine but there are a couple of issues.

First of all, the relevant part of my smb.conf file looks like:

I have it set up so that the Profile share on the server points to a subfolder of the user's home directory as opposed to creating a 2nd directory structure for profiles. The problem is that the NT-Profile folder is not always there so I tried using the preexec option to create the folder. I want to set up a script to check whether the folder already exists. The script's name is create-profile and the username should be passed as a parameter so the preexec for the profile share will look like:

preexec = /etc/samba/scripts/create-profile %u

The script is a plain old bash script, or at least it was. I deleted the meat of the script that was supposed to do the file checking. Anyway the script now looks like

#!/bin/bash

HomeDirectory=`echo ~$1`
echo $HomeDirectory

At an earlier stage it created the directory but something didn't go right. If I logged in, it created a folder called "~sid" in the /etc/samba/scripts directory. The only way I got it to work was by slightly modifying the script and sending it the %H macro (The user's home directory.)

To make a long story short, is there a way to expand ~sid in a bash script or do I have to send the script the %H?

Shouldn't the above result in /home/sid displayed to the screen?

I beleive sidmark-2850 has answered your questions above. Just use the "homes" share and create a profiles share too.

sidmark-2850 - since the script isn't being run as the user there will probably be no home dirs to expand to. Just pass the variable as an argument as you suggested.

david_ross, even if I ran the script manually, I get a directory called "~sid". I guess, I will just have to pass the %H in. I thought that there was a way to expand it to /home/sid.

Hey, where is a good resource to learn perl. I am going to buy the "Learning Perl" book by O'reilly. What are good online resources?

Oh, I was going to use the root preexec and then chmod and chown it to the user.

Can you start a new thread so we don't hijack this one and post your complete script. I'll keep an eye out for it.

As for perl I mainly learnt from examples and basic use of google. There is lots of information scattered all over.

Regarding post #7 from sidmark-2850:

Being a newbie I guess having a share for each user is the natural thing one would do. I'm glad you pointed out an easier way to do it... that's great.

Explicitly naming the Samba server netbois name is something else I overlooked (affectionately known as "Marge")
I'll give all these things a try over the week-end.
User profile path for n7kn in Active Directory look like this:

\\Marge\n7kn

That didn't work. I created a folder called "shared" and a subdirectory for each user in it. In an attempt to remove all obstacles that Samba could offer I ran 'chmod -R 777 shared'

Active Directory user profile path for n7kn looked like this:

\\Marge\shared\n7kn

I'm not sure about using the % symbol on each side of the target directory. Maybe someone can explain that.

One final question would be regarding "blowing away" one's Win2k server. What caliber would you recommend (bullet weight in grains) and how far down-range should the server be placed.
This is a piece of advice would most probably simplify matters greatly.

n7kn, you can find what the % characters mean if you do man smb.conf.

From man smb.conf
These substitutions really come in handy and can be used in different situations and even troubleshooting.

You have a couple of options in regards to profile storage. Your easiest one is to create and use the homes share like mentioned, and set your active directory user profile path to: \\Marge\Homes\Profile. This should be your best bet since \\Marge\Homes\Profile will be unique to each user as it points to the Profile directory within the client's home folder.

I ended up creating a profile share which directly pointed to a subfolder of the clients's home directory, so I can just set the AD path to \\Madison\Profile and it would auto create the folder and use it for storage. I had the script working, but unfortunately, it's gone. The reason that it is gone is that it was on my test box, which was at a point earlier on last week my 2k server. Stupid me, I forgot to copy the script.

Now, on to the blowing up your win2k machine, or any machine in fact. There are a number of options you can use to do the job. For my linux boxes, I use Kickstart Installations because I fool around and test too much and I hate selecting packages and options manually, especially for the number of times I do it in a week, or even a day (if I really mess up someting.) It has an option to wipe out your entire partition tables and create new ones. For win2k or windows for that matter, I normally use a 3 1/2" floppy armed with format and fdisk. Another personal favorite of mine is Ranish Partition Manager. Another one that does the job in 1/4 of the time is the tool gdisk which comes with norton ghost. Use it in the right or wrong way (if you really didn't intend to do it) you can wipe your entire disk squeaky clean.

Hope this helps.