samba pdc and profiles question

samba pdc and profiles question

Post by Darren and Marla Welso » Thu, 17 Jan 2002 14:20:16



Basically, I can login to the domain in win2k and 98, but I am trying to get
the profiles and policies to work. I am successful in getting the batch
files to function, and I have hidden the [homes] directory like it should be
by making it not browseable. When I login from a win2k client, I get the
following error:

WINDOWS CANNOT CREAT PROFILE DIRECTORY \\PANTHRO\PROFILES\DARREN.PDS YOU
WILL BE LOGGED IN WITH A LOCAL PROFILE ONLY. CHANGES TO THE PROFILE WILL NOT
BE PROPOGATED TO THE SERVER. CONTACT YOUR NETWORK ADMIN.

DETAIL: THE NETWORK NAME CANNOT BE FOUND

and then I get another one saying windows cannot find the default profile
either. Do I need to make these profiles and manually move them to the
server first for windows to write over them later? Do I have a rights issue
I am overlooking?

I am including my smb.conf file for review. I am running rh 7.1 and samba
2.2.2

darren

# Global parameters

[global]

workgroup = THUNDERA

netbios name = PANTHRO

server string = Red Hat 7.1 Samba %v Server: %T

encrypt passwords = Yes

update encrypted = Yes

password server = 10.10.0.30

password level = 8

username level = 8

log file = /var/log/samba/log.%m

max log size = 50

name resolve order = wins lmhosts bcast

time server = Yes

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

domain admin group = darren user root administrator

add user script = /usr/sbin/adduser -n -g machines \

-c Machine -d /dev/null

logon script = logon.bat

logon path = \\%L\profiles\%U.pds

logon drive = Z:

logon home = \\%L\homes\%U

domain logons = Yes

os level = 255

preferred master = True

domain master = True

dns proxy = No

remote announce = 10.10.0.255

remote browse sync = 10.10.0.255

hosts allow = 10.10.0. 65.13.90. 127.

unix password sync = yes

passwd program = /usr/bin/passwd %u

passwd chat = *New*UNIX*Password* %n\n *Retype*new*UNIX*Password* \

%n\n *passwd:*all*authentication*tokens*updated*successfully*

[homes]

comment = Home Directory for all Users

create mask = 0750

directory mask = 0700

locking = no

browseable = no

writeable = yes

[profiles]

comment = Profiles of LAN users

path = /home/profiles

read only = no

create mask = 0600

directory mask = 0700

browseable = no

[netlogon]

comment = Scripts, Logons, and Policies

path = /home/netlogon

create mask = 0644

directory mask = 0700

read only = no

browseable = no

## locking = no

## public = no

writeable = no

 
 
 

samba pdc and profiles question

Post by Robert Wallan » Thu, 17 Jan 2002 23:54:53



Quote:> Basically, I can login to the domain in win2k and 98, but I am trying to get
> the profiles and policies to work. I am successful in getting the batch
> files to function, and I have hidden the [homes] directory like it should be
> by making it not browseable. When I login from a win2k client, I get the
> following error:

> WINDOWS CANNOT CREAT PROFILE DIRECTORY \\PANTHRO\PROFILES\DARREN.PDS YOU
> WILL BE LOGGED IN WITH A LOCAL PROFILE ONLY. CHANGES TO THE PROFILE WILL NOT
> BE PROPOGATED TO THE SERVER. CONTACT YOUR NETWORK ADMIN.

> DETAIL: THE NETWORK NAME CANNOT BE FOUND

> and then I get another one saying windows cannot find the default profile
> either. Do I need to make these profiles and manually move them to the
> server first for windows to write over them later? Do I have a rights issue
> I am overlooking?

> I am including my smb.conf file for review. I am running rh 7.1 and samba
> 2.2.2

> darren

You have two types of profiles: local and roaming.
When you logon with win98 to samba the profile will be automaticly
roaming. If you want it local just delete to home directory. It's
working fine for me.

For win2k it's differnet. You must not delete the users home directory
and leave it accesable to win client. When you logon with win2k for the
first time to samba, then go to MyComputer icon and click propertis.
Select user profiles and change the type of profile to local and you
never get this error message again. That's how I did it.

regards
robert

 
 
 

samba pdc and profiles question

Post by Darren and Marla Welso » Fri, 18 Jan 2002 14:24:42


I did as you describe for win2k, but I am only offered the choice of
'local'.  I cannot change the setting and therefore there is no improvement.
In fact, I just added the 'nt acl support = no' change that I read about and
now when I login my profile starts to copy, but my win2k client machine
crashes and reboots.  I did this twice, just in case the first time was a
fluke.  It was not.
So now, I am still unable to use my profile, but I can login to the domain
in win2k.

Darren



> > Basically, I can login to the domain in win2k and 98, but I am trying to
get
> > the profiles and policies to work. I am successful in getting the batch
> > files to function, and I have hidden the [homes] directory like it
should be
> > by making it not browseable. When I login from a win2k client, I get the
> > following error:

> > WINDOWS CANNOT CREAT PROFILE DIRECTORY \\PANTHRO\PROFILES\DARREN.PDS YOU
> > WILL BE LOGGED IN WITH A LOCAL PROFILE ONLY. CHANGES TO THE PROFILE WILL
NOT
> > BE PROPOGATED TO THE SERVER. CONTACT YOUR NETWORK ADMIN.

> > DETAIL: THE NETWORK NAME CANNOT BE FOUND

> > and then I get another one saying windows cannot find the default
profile
> > either. Do I need to make these profiles and manually move them to the
> > server first for windows to write over them later? Do I have a rights
issue
> > I am overlooking?

> > I am including my smb.conf file for review. I am running rh 7.1 and
samba
> > 2.2.2

> > darren

> You have two types of profiles: local and roaming.
> When you logon with win98 to samba the profile will be automaticly
> roaming. If you want it local just delete to home directory. It's
> working fine for me.

> For win2k it's differnet. You must not delete the users home directory
> and leave it accesable to win client. When you logon with win2k for the
> first time to samba, then go to MyComputer icon and click propertis.
> Select user profiles and change the type of profile to local and you
> never get this error message again. That's how I did it.

> regards
> robert