I'm setting up Samba with ldap backend and everythin appears to be working correctly except for profiles.
Using:
Code: Select all
net-fs/samba-3.0.2a-r2 +acl +cups +kerberos +ldap -mysql -oav +pam +python +readline -xml
net-nds/openldap-2.1.26 +berkdb +crypt -debug +gdbm -ipv6 +kerberos -odbc +perl +readline +samba -sasl -slp +ssl +tcpd
smbldap-tools-0.8.4 (installed from the source)
domain he gets the following error message:
"Windows did not load your roaming profile and is attempting to log you on
with your local profile. Changes to the profile will not be copied to the
server when you logoff. Windows did not load your profile because a server
copy of the profile folder already exists that does not have the correct
security. Either the current user or the Administrator's group must be the
owner of the folder. Contact your network administrator."
But on the server he creates the profile dir. It is created when he
tries to log on, but with nothing on it.
The profile folder before he tries to logon:
Code: Select all
[profiles]# ls -la
total 12
drwxr-xrwt 3 root Domain Admins 4096 Apr 24 09:09 .
drwxr-xr-x 4 root Domain Admins 4096 Apr 22 23:04 ..
Code: Select all
minho profiles # ls -la
total 12
drwxrwxrwt 3 root root 4096 May 26 14:02 .
drwxr-xr-x 8 root root 4096 May 25 18:41 ..
drwx------ 2 testa Domain Users 4096 May 26 14:02 testa
minho profiles # ls -la testa/
total 8
drwx------ 2 testa Domain Users 4096 May 26 14:02 .
drwxrwxrwt 3 root root 4096 May 26 14:02 ..Code: Select all
...
[profiles]
# chmod 1777 /opt/samba/profiles
path = /opt/samba/profiles
read only = no
writeable = yes
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
force user = %U
valid users = %U "Domain Admins"
Code: Select all
minho samba # pdbedit -Lv testa
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MOONORG))]
smbldap_open_connection: connection opened
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=MOONORG))]
smbldap_open_connection: connection opened
init_sam_from_ldap: Entry found for user: testa
Unix username: testa
NT username: testa
Account Flags: [U ]
User SID: S-1-5-21-2374267749-3844533553-1363514809-3002
Primary Group SID: S-1-5-21-2374267749-3844533553-1363514809-513
Full Name: System User LDAP
Home Directory: \\PDC-MOONORG\testa
HomeDir Drive: H:
Logon Script: testa.cmd
Profile Path: \\PDC-MOONORG\profiles\testa
Domain: MOONORG
Account desc: System User LDAP
Workstations:
Munged dial:
Logon time: 0
Logoff time: Tue, 19 Jan 2038 03:14:07 GMT
Kickoff time: Tue, 19 Jan 2038 03:14:07 GMT
Password last set: Tue, 25 May 2004 20:37:22 GMT
Password can change: 0
Password must change: Mon, 19 Jul 2004 20:37:22 GMTCode: Select all
[2004/05/26 14:07:16, 2] rpc_parse/parse_prs.c:netsec_decode(1575)
netsec_decode: FAILED: packet sequence number:
[2004/05/26 14:07:16, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1371)
failed to decode PDU
[2004/05/26 14:07:16, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605)
process_request_pdu: failed to do schannel processing.
[2004/05/26 14:07:17, 1] smbd/service.c:make_connection_snum(705)
medeiros (192.168.10.123) connect to service profiles initially as user testa (uid=1001, gid=513) (pid 19184)the home share, and write to the profile dir. It's like it was some problem only on the logon.
Anyone was a clue on this ?? really need help on this
Regards,
RNuno
