As you know I’m trying to replace a 2k3 server with openSUSE. So far I was able to get working DHCP, DNS, SQUID and SAMBA with LDAP backend.
Samba works ok login users and creating home and profile folders but somehow only the Domain Admin (administrator) account will automatically save the profile. The administrator account belongs to the ntadmins group while the rest of the users belong to ntusers group.
When I change a common user from ntusers group to ntadmins the profile will save without problem. If I change it back to it’s original group the profile will be read but not updated on log off.
Folder permissions seems to be ok. The network share (\pdc\profiles.msprofile aka Z:) is being connected with no problem and all users can read and write from and to it.
I double check all settings and I can’t figure out what the problem is. Any ideas will be much appreciated, as always,
>
> Hi all,
>
> As you know I’m trying to replace a 2k3 server with openSUSE. So far I
> was able to get working DHCP, DNS, SQUID and SAMBA with LDAP backend.
>
> Samba works ok login users and creating home and profile folders but
> somehow only the Domain Admin (administrator) account will automatically
> save the profile. The administrator account belongs to the ntadmins
> group while the rest of the users belong to ntusers group.
>
> When I change a common user from ntusers group to ntadmins the profile
> will save without problem. If I change it back to it’s original group
> the profile will be read but not updated on log off.
>
> Folder permissions seems to be ok. The network share
> (\pdc\profiles.msprofile aka Z:) is being connected with no problem
> and all users can read and write from and to it.
>
> I double check all settings and I can’t figure out what the problem is.
> Any ideas will be much appreciated, as always,
>
> Pancho
>
>
Pancho;
Please post the contents of the [profiles] share. Make sure the nix
permissions allow writing by the users.
While you’re debugging this you might try to raise the log level for Samba.
Add to the global section of /etc/samba/smb.conf the parameter:
log level = 3
Check for errors in /var/log/samba/log.smbd. Or the location you redirected
logging in your smb.conf.
You might also want to check to see if AppArmor is getting in the way. I’ve
turned AppArmor off on our PDC. I don’t recall it interfering with profiles
but it has probably always been off.
P. V.
“We’re all in this together, I’m pulling for you.” Red Green
So the SID corresponding to ntusers were actually the one assigned for guests. Guests have mandatory profiles so no changes are saved to the Samba server.
What I should have done is:
Now I have a server with the following services working correctly:
DHCP
DNS
Squid
Samba (roaming profiles)
Only thing left is NFS so I can mount an NFS share over the linux client’s home directories. But this is not a must since I can use rsync to sync home diectories with a backup share. I would like to save them at log off but have no idea if that’s possible.