Prev: Windows permissions on NTFS share mounted with NTFS-3g on linux
Next: [Samba] net ads testjoin failed but net rpc testjoin work
From: Richard Herrmann on 21 Apr 2010 09:50
After upgrade from 3.0.x to 3.4.3 (on new hardware) profiles only apply when
the domain users are Members of the local WinXP admin group!? The Account
behaves like a guest account - Modifications can not be saved (e.g. the left
side of the XP/SP3 task menu remains empty, Control Panel can not be changed
to classic view, .).



No problems at all with profiles created unter samba version 3.4.3.



I extended smb.conf by "profile acl = yes" and "passdb backend = smbpasswd"
(tdbsam did'nt change the behaviour) :



[global]

server string = BDC

log level = 1 passdb:5 auth:5 winbind:2

workgroup = xyz

printing = cups

printcap name = cups

printcap cache time = 750

cups options = raw

printer admin = @ntadmin, root, administrator

username map = /etc/samba/smbusers

map to guest = Bad User

# include = /etc/samba/dhcp.conf

logon path = \\%L\profiles\.msprofile

logon drive = Z:

security = user

encrypt passwords = yes

netbios name = svtest

smb passwd file = /etc/samba/smbpasswd

smb ports = 139

passdb backend = smbpasswd

passwd program = /usr/bin/passwd %u

passwd chat = "New password:" %n "Re-enter new password:" %n
"*Password changed*"

passwd chat debug = Yes

add user script = /usr/sbin/useradd -m %u

delete user script = /usr/sbin/userdel -r %u

add group script = /usr/sbin/groupadd %g

delete group script = /usr/sbin/groupdel %g

add user to group script = /usr/sbin/usermod -G %g %u

add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody
-s /bin/false %m$

logon script = %u.bat

domain master = yes

domain logons = yes

local master = yes

wins support = yes

preferred master = yes

os level = 65

hide dot files = yes

time server = yes

max log size = 1000

oplocks = yes

fake oplocks = no

read raw = yes

write raw = yes

socket options = TCP_NODELAY

getwd cache = yes

usershare allow guests = No

[homes]

comment = Home Directories

valid users = %S

browseable = no

read only = No

inherit acls = Yes

guest ok = no

printable = no

[profiles]

comment = Network Profiles Service

path = %H

read only = No

store dos attributes = Yes

create mask = 0660

directory mask = 0770

browseable = no

guest ok = no

printable = no

profile acls = Yes

[users]

comment = All users

path = /data/home

read only = No

inherit acls = Yes

veto files = /aquota.user/groups/shares/

browseable = no

guest ok = no

printable = no

[netlogon]

comment = Network Logon Service

path = /data/netlogon

read only = Yes

browseable = no

write list = @admin

csc policy = disable



Did I miss something to make the server configuration compatibel with
version 3.4 or do I have to modify the content / ACLs of all existing
profiles?



---

Any help would be appreciated.



Richard Herrmann

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
 | 
Pages: 1
Prev: Windows permissions on NTFS share mounted with NTFS-3g on linux
Next: [Samba] net ads testjoin failed but net rpc testjoin work