[HOWTO] :: Implement Samba as your PDC

[JROCK2004]

ok so as root just cp the contents inside the default folder from windows into /var/lib/samba/netlogon/ ???? do I haveto chmod the folder?

[Ejunkie]

it has to be world readable and executable but not world writeble

[JROCK2004]

ok right now it is drwxr-xr-x

[Ejunkie]

[JROCK2004]

but still will not create or load profile

[JROCK2004]

ok now it stopped complaining about it but now it will not write profile because of security. Any other ides? Do you guys need me to post anything?

[Ejunkie]

[JROCK2004]

ok I rebooted server and pc and now working better. it is saving the prfoles. it still complains that the pc does not have a local profile. I think I can fix that.

Now is this the right area to discuss how to get windows to use the printer? Windows can see it but it is complaining about drivers. PSC 1610v. It wants drivers. Thanks

[dahoste]

Hello, I was going to post this as its own thread, but since it's samba/PDC related (and I originally heavily leveraged the HOWTO), I figured I'd start here.

I'm hoping someone has some insight into the following problem that I've recently encountered:

Basically, winxp seems to be creating roaming profiles that are incompatible with itself. I've got two sets of winxp clients, which I'll call 'new' and 'old'. Profiles created (and perfectly usable) by the old clients don't work on the new clients, and profiles created (and usable) by the new clients won't work on the old clients. The catch is that as far as I can tell, I've configured the old clients and the new clients in exactly the same way. It may be that I've neglected to do something on the new clients that I did on the old. I didn't religiously document the process of configuring them, but I only remember doing the registry tweak and the gpedit.msc tweak.

More detail:

I've had a samba/ldap PDC running successfully for quite some time now (6+ months). Users can login to the domain, profiles are loaded and saved correctly to the PDC server, home drives are mapped correctly, the logon.bat is executed. Everything working great. But I just setup two new winxp machines (sp2, fully updated, etc..) and while I can login as any of the domain users, neither machine successfully loads the user's roaming profile. But it doesn't complain about anything either! The weird thing is that some desktop configuration stuff just plain doesn't work. For instance, any attempt to enable the quicklaunch menu on the taskbar is ignored (quicklaunch is enabled in the roaming profile). Ditto for enabling 'auto-hide' for the task bar. Also, I can change theme attributes for the desktop (background color, etc..) and they'll act like they've changed, but won't persist across a login/logout -- and yet there are no complaints about the profile when I log out, implying that winxp was able to save them to the PDC server just fine.

I've applied the 'signorseal' registry hack to all winxp clients. I've also used gpedit.msc to enable 'Do not check for user ownership of Roaming Profile Folders'. So as far as I know, I've established the same config on all of my winxp clients. But the new ones are misbehaving. Or, rather, it's more accurate to say that the new ones and the old ones aren't playing nice together, when it comes to creating/saving/loading the roaming profiles.

I created a brand new user (on the linux side via smbldap-useradd), and logged in as that user on the new winxp clients. A new roaming profile is created and works perfectly. That same (new) user does not have its profile loaded correctly on an existing (old) winxp client. No complaints from winxp, mind you, it just doesn't provide a fully functional desktop after login. It took a really long time to login the first time with the new user on an old client, but the login happens very quickly on subsequent tries. Logoff is quick, with no error messages about anything. This is precisely the same behavior I see when logging in as an 'old' user on a 'new' client.

Needless to say, I'm using the same samba PDC for the whole thing. It's samba v3.0.24.

Here's the profiles section from my smb.conf:

[darkphader]

[dahoste]

I'm using samba v3.0.24 (I mentioned that towards the bottom of the first post).

I did revert the 'signorseal' registry value, though it seems to have had no effect at all.

I started a thread for this issue on the official samba mailing list:

http://lists.samba.org/archive/samba/2007-February/129773.html

So far, nothing satisfactory to report, but I've included a lot more detail on what I've tried and what behavior I'm seeing.

Still hoping someone can suggest a nice fix for this.

cheers,

-David

[Sedrik]

Hi all

I'm having trouble adding a machine to my domain. It complains that it can't find the user I tell it to add the machine with (yes, i'm using root)

Any pointers, will post smb.conf if needed.
_________________
From Gentoo with love

[Sedrik]

Disregard my last post, I solved that problem. Now another one has arrised.

I want new files that are created from a client to be created with full group permissions and the group to be either users or styrelsen.

I add users as normal with useradd (useradd -m -G <users,styrelsen and anything else that is wanted> -s /bin/bash username).

Now when I tried to add the test user, user I did
useradd -m -G users -s/bin/bash user and he got the groups users and user.
Creating new files gives me this result