PDA

View Full Version : Roaming Profile Error with Samba Domain Controller Setup


noahlau
7th March 2006, 20:23
I've most recently configured a Samba PDC with version 5.10. I followed each step. however, i got some problems

here is my smb.conf:

[global]
workgroup = MYWORKGROUP
netbios name = DEBIAN
server string = %h server (Samba, Ubuntu)


passdb backend = tdbsam
security = user
username map = /etc/samba/smbusers
name resolve order = wins bcast hosts
domain logons = yes
preferred master = yes
wins support = yes

# Set CUPS for printing
printcap name = CUPS
printing = CUPS

# Default logon
logon drive = H:
logon script = scripts/logon.bat
logon path = \\server1\profile\%U


# Useradd scripts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
idmap uid = 15000-20000
idmap gid = 15000-20000


# sync smb passwords woth linux passwords
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
passwd chat debug = yes
unix password sync = yes

# set the loglevel
log level = 3

[homes]
comment = Home
valid users = %S
read only = no
browsable = no


[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
guest ok = yes
browsable = no


[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
admin users = Administrator
valid users = %U
read only = no


[profile]
comment = User profiles
path = /home/samba/profiles
valid users = %U
create mode = 0600
directory mode = 0700
writable = yes
browsable = no

[allusers]
comment = All Users
path = /home/shares/allusers
valid users = @users
force group = users
create mask = 0660
directory mask = 0771
writable = yes


1. I log on a win XP as a local admin then i upload a user's profile to /home/samba/profiles and rename the profile to "tom":

debian:/home/samba/profiles# ls -la
drwxrwx--x 13 root users 4096 2006-03-08 00:07 tom

I can successfully login from WinXP using the domain account "tom", but when I do, I get the following error, "Windows cannot locate the server copy of your roaming profile..."

2. i writed a logon script and i converted the file to the Windows format by using unix2dos, but the winxp workstation never execute it:

debian:/home/samba/netlogon/scripts# cat login.bat
net use P: \\DEBIAN\allusers

debian:/home/samba/netlogon/scripts# ls -al
total 12
drwxrwx--x 2 root users 4096 2006-03-08 00:36 .
drwxrwx--x 3 root users 4096 2006-03-08 00:36 ..
-rwxrwx--x 1 root users 30 2006-03-08 00:30 login.bat

Would you please kindly help ???

thank you so much !!!!

till
7th March 2006, 20:58
Why did you copy the profile manually to the linux server. I'am not sure if the profile will work when you copy it manually. The better way is to let windows create the profile for you on the windows server after logging in as user tom.

AboGassir
12th December 2006, 18:25
I think it is a security problem, in fact an ownership one.
Make sure that the owner of the profile folder AND ALL it's SUBCONTENTS is the same as the user who is logging in. And this also applies to the group.

karthick
5th March 2008, 11:32
hi Experts ,

Im karthick ...


I wish favour from everyone. using samba can we restrict internet downloadin limit for every user.If it is possible can u say how.

If not how can we do that in linux.Is through proxy or something else.
can you kindly help me please ,...

falko
6th March 2008, 19:24
using samba can we restrict internet downloadin limit for every user.If it is possible can u say how.
No. You can do this with a proxy like Squid.

karthick
7th March 2008, 07:45
No. You can do this with a proxy like Squid.


Hi ,

Thanks ... Can u help me with that proxy. How can we do it. I have installed and configured squid2.5 and i tried with basic configuration here it is

http_port 3128
acl test src 192.168.1.0/255.255.255.0
http_access deny test
http_access allow local_host

when i did this config and started the server.The http is blocked and no sites are able to access.Can i do it to restrict access to particular site and how to set downloading limit. kindly pls help me...

falko
8th March 2008, 19:33
I'm no Squid expert, but there's a tutorial about a similar software that might help you: http://www.howtoforge.com/content-filtering-proxy-safesquid