Erik - versatel
2012-08-04 10:58:03 UTC
Hello,
I'm using debian 6.0 with latest updates (dd 3-aug-2012) and samba 3.5.6
I have created a samba configuration and used samba by example as an
reference,
and also read a lot in the samba howto.
I build the samba with ldap configuration.
I did have some problems when i created the users, proberly a firewall or
security problem.
For these users there was no PROFILE created in /profiles/u%
I have made a few modifications:
1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requiresignorseal"=dword:00000000
2) C:\windows\system32\drivers\etc\LMHOSTS
x.x.x.x srv.example.com
x.x.x.x example.com
3)"Configuratiescherm -> Systeembeheer -> Lokaal beveiligingsbeleid ->
Lokaal beleid -> Beveiliginsopties"
1) Lid van domein: geen systeemonderhoud van wachtwoord van
computeraccount --> 0
2) Lid van domein: gegevens in beveiligd kanaal digitaal coderen (indien
mogelijk) --> 0
3) Lid van domein: gegevens in beveiligd kanaal digitaal coderen of
ondertekenen (altijd) --> 0
4) Lid van domein: gegevens in beveiligd kanaal digitaal ondertekenen
(indien mogelijk) --> 0
5) Lid van domein: sterke sessiesleutel verplicht (win 2000 of hoger) --> 0
Changed workgroup
reboot
Changed workgroup to domain
Added the XP-computer succesfully to the domain.
Created a NEW user.
created dir profile/KEES
created dir profdata profile/KEES and subdirs (Recent, MyDocuments etc)
changed owner and mod attrib (CHMOD CHOWN)
smbldap-useradd -a -m KEES
smbpasswd KEES
I logged in on the XP_computer with user KEES.
I logged out and the profile is written in the profile directory
My problem is:
I have some old users who dont have a userprofile (ROMING PROFILE)
I have looked in groups, passwd and shadow if there are some reference to
this users but found nothing.
I have deleted the users:
smbldap-userdel -r erik
smbpasswd -x erik
I have deleted the samba homedirs, unix homedirs, profiledir an profdatadir.
I rebuid the profiledir and profdatadirs
added the user
smbpasswd-add -m -a erik
smbpasswd erik
logged in with the windows client
but when i log off there is no profile in profiles/erik
I want to have also for this user an roaming profile
I see 3 solutions
Here they are in order of best to worst:
1) to completely delete the user, so that when added, it is seen as a
completely new user and a profile is created.
this solution could than also be followed when the profile is corrupted !
2) copy the profile from KEES to ERIK and edit the profile - but how?
3) completely remove samba and ldap and rebuild the confuguration and
database.
I dont like this sollution because profiles can also get corrupted and
then ....
Please help me.
I have read a lot about samba and profiles, but i did not find a good
solution.
Thanks.
I'm using debian 6.0 with latest updates (dd 3-aug-2012) and samba 3.5.6
I have created a samba configuration and used samba by example as an
reference,
and also read a lot in the samba howto.
I build the samba with ldap configuration.
I did have some problems when i created the users, proberly a firewall or
security problem.
For these users there was no PROFILE created in /profiles/u%
I have made a few modifications:
1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"requiresignorseal"=dword:00000000
2) C:\windows\system32\drivers\etc\LMHOSTS
x.x.x.x srv.example.com
x.x.x.x example.com
3)"Configuratiescherm -> Systeembeheer -> Lokaal beveiligingsbeleid ->
Lokaal beleid -> Beveiliginsopties"
1) Lid van domein: geen systeemonderhoud van wachtwoord van
computeraccount --> 0
2) Lid van domein: gegevens in beveiligd kanaal digitaal coderen (indien
mogelijk) --> 0
3) Lid van domein: gegevens in beveiligd kanaal digitaal coderen of
ondertekenen (altijd) --> 0
4) Lid van domein: gegevens in beveiligd kanaal digitaal ondertekenen
(indien mogelijk) --> 0
5) Lid van domein: sterke sessiesleutel verplicht (win 2000 of hoger) --> 0
Changed workgroup
reboot
Changed workgroup to domain
Added the XP-computer succesfully to the domain.
Created a NEW user.
created dir profile/KEES
created dir profdata profile/KEES and subdirs (Recent, MyDocuments etc)
changed owner and mod attrib (CHMOD CHOWN)
smbldap-useradd -a -m KEES
smbpasswd KEES
I logged in on the XP_computer with user KEES.
I logged out and the profile is written in the profile directory
My problem is:
I have some old users who dont have a userprofile (ROMING PROFILE)
I have looked in groups, passwd and shadow if there are some reference to
this users but found nothing.
I have deleted the users:
smbldap-userdel -r erik
smbpasswd -x erik
I have deleted the samba homedirs, unix homedirs, profiledir an profdatadir.
I rebuid the profiledir and profdatadirs
added the user
smbpasswd-add -m -a erik
smbpasswd erik
logged in with the windows client
but when i log off there is no profile in profiles/erik
I want to have also for this user an roaming profile
I see 3 solutions
Here they are in order of best to worst:
1) to completely delete the user, so that when added, it is seen as a
completely new user and a profile is created.
this solution could than also be followed when the profile is corrupted !
2) copy the profile from KEES to ERIK and edit the profile - but how?
3) completely remove samba and ldap and rebuild the confuguration and
database.
I dont like this sollution because profiles can also get corrupted and
then ....
Please help me.
I have read a lot about samba and profiles, but i did not find a good
solution.
Thanks.