can't sync roaming profile with samba 2.2.8a
pc...@iparadigms.com
I have about 10 Windows 2000 Pro workstations with SP3 patch (stupid
mistake...), with roaming profiles. To take care of the "access
denied" errors at login, I've added "nt acl support = no" in
[profiles]. That seems to have minimized the error, but I noticed that
the client copy of profile doesn't sync with the Samba server.
So I upgraded to 2.2.8a. It seems to be running fine, except that
client copy of profile still doesn't sync with the Samba server. I've
tried setting the [profiles] permission to 2777, then 0777, 2770...
I've tried several, but no avail. Also, I've tried setting group
ownership to users, to root... but nothing. Does it have anything to
do with permissions or onwership of profiles?
I've checked the logs for nmbd and smbd, as well as for each client,
but everything seems ok.
I don't know if this helps, but I compiled Samba 2.2.8a with these
options:
./configure --prefix=/usr --sysconfdir=/etc/samba --localstatedir=/var
--with-privatedir=/etc/samba/private --with-lockdir=/var/lock/samba
--with-piddir=/var/lock/samba --with-configdir=/etc/samba
--with-logfilebase=/var/log/samba --with-smbwrapper --with-smbmount
--with-msdfs --with-libsmbclient --with-acl-support
--with-sendfile-support
I'm not all that experienced at Samba, but it seems like I've been
enrolled in the Samba school of hard-knocks for the past 2 months...
I'd guess it's the sysadmin style of learning. Could someone help me
out?
Here's the copy of smb.conf:
[global]
; basic server settings
netbios name = REX
workgroup = IPARADIGMS
; we should act as the domain master
domain master = yes
; take place in master browser election (no garantees)
local master = yes
; rig browsing election by seting prefered master server bit
on (like ms pdc's)
preferred master = yes
; rig browsing elections by giving yourself a high os value
(NT4 has a value of 33)
os level = 64
; security settings (must be security = user for pdc's)
security = user
; encrypted passwords are a requirement for a pdc
encrypt passwords = Yes
smb passwd file = /etc/samba/private/smbpasswd
; support domain logons
domain logons = yes
; where to store user profiles
logon path = \\rex\profiles\%u
; where is a user's home directory and where should it be
mounted? (use logon script instead?)
logon drive = H:
logon home = \\rex\%u
; specify a generic logon script for all users
; this is a relative **DOS** path to the [netlogon] share
logon script = scripts\%u.bat
; optimize tcp/ip socket connection
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
;set me up as a windows time server
time server = yes
#kernel oplocks = No
log file = /var/log/samba/%m.log
include = /var/log/samba/smb.conf.%m
log level = 1
printing = LPRNG
printcap name = /etc/printcap
load printers = Yes
; let rex be the wins server
wins support = yes
name resolve order = wins lmhosts hosts bcast
; play nice with appletalk
; character set = ISO8859-1 ???
character set = ISO8859-15
veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash
Folder/TheVolumeSettingsFolder/Icon?/
; mapping lower to upper case western european style
client code page = 850
; Added by paul for performance turning
read raw = yes
write raw = yes
max xmit = 16644
dead time = 15
getwd cache = yes
# lpq cache = 30
hide dot files = yes
inherit permissions = yes
large readwrite = yes
; necessary share for domain controllers
[netlogon]
comment = the domain logon service
path = /home/samba/netlogons
public = no
writeable = no
browsable = no
; share for storing user profiles
[profiles]
comment = user profiles
path = /home/samba/profiles
create mode = 0600
directory mode = 0700
writeable = yes
read only = no
browsable = no
; the following is to address the "access denied" error
; while logging on with Win2k SP2 and above
nt acl support = no
And here's the settings for profiles:
rex:/home/samba # ls -l
... [snip] ...
drwxrwsrwx 32 root root 813 May 6 21:55 profiles
... [snip] ...
And within profiles:
rex:/home/samba/profiles # ls -l
total 3
drwxrwsrwx 13 axxxxx root 456 Jan 25 20:04 alxxxxx
drwxrwsrwx 13 bxxxxx root 456 Mar 24 15:54 bbxxxxxx
drwxrwsrwx 2 cxxxxx root 48 Mar 27 15:10 cjxxxxxx
... [and so on] ...