[Samba] Windows cannot locate the server copy of your roaming profile - Samba

This is a discussion on [Samba] Windows cannot locate the server copy of your roaming profile - Samba ; Hi, I'm exerimenting with samba+ldap pdc and I have "Windows cannot locate the server copy of your roaming profile" on logon, here is smb.conf: [global] unix charset = LOCALE workgroup = CPE netbios name = CPE-PDC server string = Samba ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: [Samba] Windows cannot locate the server copy of your roaming profile

  1. [Samba] Windows cannot locate the server copy of your roaming profile

    Hi,

    I'm exerimenting with samba+ldap pdc and I have "Windows cannot locate
    the server copy of your roaming profile" on logon,

    here is smb.conf:

    [global]
    unix charset = LOCALE
    workgroup = CPE
    netbios name = CPE-PDC
    server string = Samba Domain Controller
    enable privileges = yes
    interfaces = eth1,lo
    bind interfaces only = Yes
    passdb backend = ldapsam:ldap://192.168.10.124
    # username map = /etc/samba/smbusers
    hide unreadable = yes
    hide dot files = yes
    log level = 1
    syslog = 0
    log file = /var/log/samba/%m
    max log size = 50
    smb ports = 137 138 139 445
    name resolve order = wins bcast hosts
    time server = Yes
    printcap name = CUPS
    # map to guest = Never
    # guest account = nobody
    wins support = Yes
    ldap suffix = dc=cpe,dc=it
    ldap machine suffix = ou=Computers
    ldap user suffix = ou=People
    ldap group suffix = ou=Groups
    ldap idmap suffix = ou=Idmap
    ldap admin dn = cn=admin,dc=cpe,dc=it
    idmap backend = ldap:ldap://192.168.10.124
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    map acl inherit = Yes
    printing = cups
    #printer admin = Administrator
    veto files = /*.eml/*.nws/*.{*}/
    veto oplock files = /*.doc/*.xls/*.mdb/
    encrypt passwords = Yes
    obey pam restrictions = No
    ldap passwd sync = Yes
    mangling method = hash2

    logon script = scripts\logon.bat
    logon path = \\%L\profiles\%U
    logon drive = H:
    logon home = \\%L\%U

    domain logons = Yes
    os level = 65
    preferred master = Yes
    domain master = Yes
    add user script = /usr/sbin/smbldap-useradd -m "%u"
    ldap delete dn = Yes
    add machine script = /usr/sbin/smbldap-useradd -w "%u"
    add group script = /usr/sbin/smbldap-groupadd -p "%g"
    add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
    delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
    set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
    delete user script = /usr/sbin/smbldap-userdel ā€œ%uā€
    delete group script = /usr/sbin/smbldap-groupdel ā€œ%gā€

    [netlogon]
    comment = Network Logon Service
    path = /home/samba/netlogon/
    browseable = No
    read only = yes
    writable = No
    locking = No
    share modes= No

    [profiles]
    path = /home/samba/profiles
    read only = No
    create mask = 0600
    directory mask = 0700
    browseable = No
    # guest ok = No
    profile acls = yes
    csc policy = disable
    nt acl support = Yes
    valid users = %U
    admin users = @"Domain Admins"
    hide files = /desktop.ini/outlook*.lnk/*Briefcase*/
    root preexec = PROFILE=/home/samba/profiles/%u; if [ ! -e $PROFILE ];
    then mkdir -pm700 $PROFILE; chown %u:%g $PROFILE;fi

    [homes]
    comment = Home Directories
    valid users = %S
    read only = No
    browseable = No
    writable = yes


    any hints?

    regards
    Nicola

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    On Sun, 29 Jun 2008, Mailing List SVR wrote:

    > I'm exerimenting with samba+ldap pdc and I have "Windows cannot locate
    > the server copy of your roaming profile" on logon,


    What does sambaProfilePath look like in the LDAP entry? Can the Windows
    machine resolve the address of the server?

    -steve
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Il giorno dom, 29/06/2008 alle 11.48 -0400, Steve Thompson ha scritto:

    > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    >
    > > I'm exerimenting with samba+ldap pdc and I have "Windows cannot locate
    > > the server copy of your roaming profile" on logon,

    >
    > What does sambaProfilePath look like in the LDAP entry? Can the Windows
    > machine resolve the address of the server?
    >
    > -steve



    each user has the right profile path in ldap:

    # test, Users, cpe.it
    dn: uid=test,ou=Users,dc=cpe,dc=it
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    objectClass: sambaSamAccount
    cn: test
    sn: test
    givenName: test
    uid: test
    uidNumber: 1555
    gidNumber: 513
    homeDirectory: /home/test
    loginShell: /bin/false
    gecos: System User
    sambaLogonTime: 0
    sambaLogoffTime: 2147483647
    sambaKickoffTime: 2147483647
    sambaPwdCanChange: 0
    displayName: test
    sambaSID: S-1-5-21-2468945884-3209077212-4101011376-4110
    sambaPrimaryGroupSID: S-1-5-21-2468945884-3209077212-4101011376-513
    sambaLogonScript: scripts\logon.bat
    sambaProfilePath: \\%L\profiles\test
    sambaHomePath: \\%L\test
    sambaHomeDrive: H:
    sambaLMPassword: 01FC5A6BE7BC6929AAD3B435B51404EE
    sambaAcctFlags: [U]
    sambaNTPassword: 0CB6948805F797BF2A82807973B89537
    sambaPwdLastSet: 1214745736
    sambaPwdMustChange: 1218633736
    shadowMax: 45

    after the first unsuccesfull login I created the
    diretory /home/samba/profiles/test and give it the right permissions but
    nothing changes,

    from windows xp I can ping cpe-pdc, so the name resolution seems ok

    thanks for your help,

    Nicola
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  4. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    On Sun, 29 Jun 2008, Mailing List SVR wrote:

    > each user has the right profile path in ldap:
    > # test, Users, cpe.it
    > dn: uid=test,ou=Users,dc=cpe,dc=it
    > [...]


    In the smb.conf file that you posted, you had:

    ldap user suffix = ou=People

    but the DN is:

    uid=test,ou=Users,dc=cpe,dc=it

    which is a different ou. I would venture that the H: drive doesn't mount
    either when you log in.

    Steve
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  5. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Il giorno dom, 29/06/2008 alle 12.34 -0400, Steve Thompson ha scritto:
    > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    >
    > > each user has the right profile path in ldap:
    > > # test, Users, cpe.it
    > > dn: uid=test,ou=Users,dc=cpe,dc=it
    > > [...]

    >
    > In the smb.conf file that you posted, you had:
    >
    > ldap user suffix = ou=People
    >
    > but the DN is:
    >
    > uid=test,ou=Users,dc=cpe,dc=it
    >
    > which is a different ou. I would venture that the H: drive doesn't mount
    > either when you log in.
    >
    > Steve


    additionaly this is my ldap config

    grep -vE '(^[[:space:]]*($|(#|!|;|//)))' /etc/ldap/slapd.conf
    include /etc/ldap/schema/core.schema
    include /etc/ldap/schema/cosine.schema
    include /etc/ldap/schema/nis.schema
    include /etc/ldap/schema/inetorgperson.schema
    include /etc/ldap/schema/samba.schema
    include /etc/ldap/schema/misc.schema
    pidfile /var/run/slapd/slapd.pid
    argsfile /var/run/slapd/slapd.args
    loglevel none
    modulepath /usr/lib/ldap
    moduleload back_hdb
    sizelimit 500
    tool-threads 1
    backend hdb
    database hdb
    suffix "dc=cpe,dc=it"
    rootdn "cn=admin,dc=cpe,dc=it"
    rootpw {SSHA}FEtTcnfGmIfrwQBiCZayXEHnQT0ysQIK
    directory "/var/lib/ldap"
    dbconfig set_cachesize 0 2097152 0
    dbconfig set_lk_max_objects 1500
    dbconfig set_lk_max_locks 1500
    dbconfig set_lk_max_lockers 1500
    index objectClass eq
    index cn pres,sub,eq
    index sn pres,sub,eq
    index uid pres,sub,eq
    index displayName pres,sub,eq
    index uidNumber eq
    index gidNumber eq
    index memberUID eq
    index sambaSID eq
    index sambaPrimaryGroupSID eq
    index sambaDomainName eq
    index default sub
    lastmod on
    checkpoint 512 30
    access to attrs=userPassword,shadowLastChange
    by dn.regex="cn=admin,dc=cpe,dc=it" write
    by anonymous auth
    by self write
    by * none
    access to dn.base="" by * read
    access to *
    by dn="cn=admin,dc=cpe,dc=it" write
    by * read
    access to attrs=sambaNTPassword,sambaLMPassword
    by dn.regex="cn=admin,dc=cpe,dc=it" write
    by * none

    thanks
    Nicola

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  6. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Il giorno dom, 29/06/2008 alle 18.48 +0200, Mailing List SVR ha scritto:
    > Il giorno dom, 29/06/2008 alle 12.34 -0400, Steve Thompson ha scritto:
    > > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    > >
    > > > each user has the right profile path in ldap:
    > > > # test, Users, cpe.it
    > > > dn: uid=test,ou=Users,dc=cpe,dc=it
    > > > [...]

    > >
    > > In the smb.conf file that you posted, you had:
    > >
    > > ldap user suffix = ou=People
    > >
    > > but the DN is:
    > >
    > > uid=test,ou=Users,dc=cpe,dc=it
    > >
    > > which is a different ou. I would venture that the H: drive doesn't mount
    > > either when you log in.
    > >
    > > Steve

    >
    > additionaly this is my ldap config
    >
    > grep -vE '(^[[:space:]]*($|(#|!|;|//)))' /etc/ldap/slapd.conf
    > include /etc/ldap/schema/core.schema
    > include /etc/ldap/schema/cosine.schema
    > include /etc/ldap/schema/nis.schema
    > include /etc/ldap/schema/inetorgperson.schema
    > include /etc/ldap/schema/samba.schema
    > include /etc/ldap/schema/misc.schema
    > pidfile /var/run/slapd/slapd.pid
    > argsfile /var/run/slapd/slapd.args
    > loglevel none
    > modulepath /usr/lib/ldap
    > moduleload back_hdb
    > sizelimit 500
    > tool-threads 1
    > backend hdb
    > database hdb
    > suffix "dc=cpe,dc=it"
    > rootdn "cn=admin,dc=cpe,dc=it"
    > rootpw {SSHA}FEtTcnfGmIfrwQBiCZayXEHnQT0ysQIK
    > directory "/var/lib/ldap"
    > dbconfig set_cachesize 0 2097152 0
    > dbconfig set_lk_max_objects 1500
    > dbconfig set_lk_max_locks 1500
    > dbconfig set_lk_max_lockers 1500
    > index objectClass eq
    > index cn pres,sub,eq
    > index sn pres,sub,eq
    > index uid pres,sub,eq
    > index displayName pres,sub,eq
    > index uidNumber eq
    > index gidNumber eq
    > index memberUID eq
    > index sambaSID eq
    > index sambaPrimaryGroupSID eq
    > index sambaDomainName eq
    > index default sub
    > lastmod on
    > checkpoint 512 30
    > access to attrs=userPassword,shadowLastChange
    > by dn.regex="cn=admin,dc=cpe,dc=it" write
    > by anonymous auth
    > by self write
    > by * none
    > access to dn.base="" by * read
    > access to *
    > by dn="cn=admin,dc=cpe,dc=it" write
    > by * read
    > access to attrs=sambaNTPassword,sambaLMPassword
    > by dn.regex="cn=admin,dc=cpe,dc=it" write
    > by * none
    >
    > thanks
    > Nicola
    >


    from windows client

    net use h: /home give network path not found error,

    ldap authentication seems works fine, if I change the shell to /bin/bash
    I'm able to login with ldap users on pdc,

    thanks
    Nicola

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  7. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Il giorno dom, 29/06/2008 alle 12.50 -0400, Steve Thompson ha scritto:
    > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    >
    > > Yes Steve, I changed that but still the same issue,

    >
    > I would suggest trying to map \\cpe-pdc\test by hand once you get logged
    > in, and then,


    manual mapping works fine ...

    > when it fails, look at the client logfile in /var/log/samba
    > to see why it failed. Also see if the Windows firewall settings on the
    > client allow file and printer sharing, and that the Windows machine entry
    > in LDAP is correct (that is, it is a domain member).
    >
    > Steve


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  8. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Il giorno dom, 29/06/2008 alle 18.53 +0200, Mailing List SVR ha scritto:
    > Il giorno dom, 29/06/2008 alle 18.48 +0200, Mailing List SVR ha scritto:
    > > Il giorno dom, 29/06/2008 alle 12.34 -0400, Steve Thompson ha scritto:
    > > > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    > > >
    > > > > each user has the right profile path in ldap:
    > > > > # test, Users, cpe.it
    > > > > dn: uid=test,ou=Users,dc=cpe,dc=it
    > > > > [...]
    > > >
    > > > In the smb.conf file that you posted, you had:
    > > >
    > > > ldap user suffix = ou=People
    > > >
    > > > but the DN is:
    > > >
    > > > uid=test,ou=Users,dc=cpe,dc=it
    > > >
    > > > which is a different ou. I would venture that the H: drive doesn't mount
    > > > either when you log in.
    > > >
    > > > Steve

    > >
    > > additionaly this is my ldap config
    > >
    > > grep -vE '(^[[:space:]]*($|(#|!|;|//)))' /etc/ldap/slapd.conf
    > > include /etc/ldap/schema/core.schema
    > > include /etc/ldap/schema/cosine.schema
    > > include /etc/ldap/schema/nis.schema
    > > include /etc/ldap/schema/inetorgperson.schema
    > > include /etc/ldap/schema/samba.schema
    > > include /etc/ldap/schema/misc.schema
    > > pidfile /var/run/slapd/slapd.pid
    > > argsfile /var/run/slapd/slapd.args
    > > loglevel none
    > > modulepath /usr/lib/ldap
    > > moduleload back_hdb
    > > sizelimit 500
    > > tool-threads 1
    > > backend hdb
    > > database hdb
    > > suffix "dc=cpe,dc=it"
    > > rootdn "cn=admin,dc=cpe,dc=it"
    > > rootpw {SSHA}FEtTcnfGmIfrwQBiCZayXEHnQT0ysQIK
    > > directory "/var/lib/ldap"
    > > dbconfig set_cachesize 0 2097152 0
    > > dbconfig set_lk_max_objects 1500
    > > dbconfig set_lk_max_locks 1500
    > > dbconfig set_lk_max_lockers 1500
    > > index objectClass eq
    > > index cn pres,sub,eq
    > > index sn pres,sub,eq
    > > index uid pres,sub,eq
    > > index displayName pres,sub,eq
    > > index uidNumber eq
    > > index gidNumber eq
    > > index memberUID eq
    > > index sambaSID eq
    > > index sambaPrimaryGroupSID eq
    > > index sambaDomainName eq
    > > index default sub
    > > lastmod on
    > > checkpoint 512 30
    > > access to attrs=userPassword,shadowLastChange
    > > by dn.regex="cn=admin,dc=cpe,dc=it" write
    > > by anonymous auth
    > > by self write
    > > by * none
    > > access to dn.base="" by * read
    > > access to *
    > > by dn="cn=admin,dc=cpe,dc=it" write
    > > by * read
    > > access to attrs=sambaNTPassword,sambaLMPassword
    > > by dn.regex="cn=admin,dc=cpe,dc=it" write
    > > by * none
    > >
    > > thanks
    > > Nicola
    > >

    >
    > from windows client
    >
    > net use h: /home give network path not found error,
    >
    > ldap authentication seems works fine, if I change the shell to /bin/bash
    > I'm able to login with ldap users on pdc,
    >
    > thanks
    > Nicola


    account machine is corretly created

    # vmware$, Computers, cpe.it
    dn: uid=vmware$,ou=Computers,dc=cpe,dc=it
    objectClass: top
    objectClass: account
    objectClass: posixAccount
    objectClass: sambaSamAccount
    cn: vmware$
    uid: vmware$
    uidNumber: 1553
    gidNumber: 515
    homeDirectory: /dev/null
    loginShell: /bin/false
    description: Computer
    gecos: Computer
    sambaSID: S-1-5-21-2468945884-3209077212-4101011376-1001
    displayName: VMWARE$
    sambaAcctFlags: [W ]
    sambaNTPassword: D35B3FD096A1D4CF9D721DD3EE8A035F


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  9. Re: [Samba] Windows cannot locate the server copy of your roaming profile

    Hi all,

    an update about this issue:

    on centos 5.2 the same configuration works just fine,

    seems something specific to ubuntu 8.04,

    regards
    Nicola

    Il giorno dom, 29/06/2008 alle 18.56 +0200, Mailing List SVR ha scritto:
    > Il giorno dom, 29/06/2008 alle 12.50 -0400, Steve Thompson ha scritto:
    > > On Sun, 29 Jun 2008, Mailing List SVR wrote:
    > >
    > > > Yes Steve, I changed that but still the same issue,

    > >
    > > I would suggest trying to map \\cpe-pdc\test by hand once you get logged
    > > in, and then,

    >
    > manual mapping works fine ...
    >
    > > when it fails, look at the client logfile in /var/log/samba
    > > to see why it failed. Also see if the Windows firewall settings on the
    > > client allow file and printer sharing, and that the Windows machine entry
    > > in LDAP is correct (that is, it is a domain member).
    > >
    > > Steve

    >


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread