centos 5.4 samba 3.0.xxx as PDC problem with profile

I need a server as samba Primary Domain Controller (PDC) using tdbsam. I use the attached smb.cong file.
I have allready profiles from a previous installation. Where may I put the profile users direcrtory? At this time I put it in /data/Users/profile but when a windows xp workstation user logon a temporary profile is loaded.

any idea?
[global]

	workgroup = SOELPDC
	server string = Samba %v
	netbios name = SOELPDC
	interfaces = lo eth0 192.168.0.0/24 
	hosts allow = 127. 192.168.0.


	log file = /var/log/samba/%m.log
	max log size = 50

# ----------------------- Domain Controller Options ------------------------

	security = user
	passdb backend = tdbsam

	logon drive = P: 

	domain master = yes
	domain logons = yes

	logon script = %u.bat
;	logon path = \\%L\Profiles\%u
	logon path = \\%n\%u\profile
	
	add user script = /usr/sbin/useradd "%u" -n -g users
	add group script = /usr/sbin/groupadd "%g"
	add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
	delete user script = /usr/sbin/userdel "%u"
	delete user from group script = /usr/sbin/userdel "%u" "%g"
	delete group script = /usr/sbin/groupdel "%g"

	unix password sync = yes
	passwd program = /usr/bin/passwd %u
	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

#============================ Share Definitions ==============================

[homes]
	comment = Home Directories
	valid users = %S
	read only = No

[netlogon]
	comment = Network Logon Service
	path = /data/samba/netlogon
	browseable = No	 
	read only = No

[Profiles]
	comment = Roaming Profile Share 
	path = /data/samba/profiles
	read only = No 
	browseable = No 
	guest ok = Yes 
	profile acls = Yes

[users]
	comment = All users
	path = /data/Users
	read only = No
	inherit acls = Yes
	veto files = /aquota.user/groups/shares/

[groups]
	comment = All groups
	path = /home/groups
	read only = No
	inherit acls = Yes

[Application]
	comment = Windows Application Sharing Area
	path = /data/Application
	read only = No
	create mask = 0664
	directory mask = 0775
	hosts allow = 192.168.0.0/255.255.255.128

[Payroll]
	comment = Financial Samba  Sharing Area
	path = /data/Application/Financial/payroll
	force group = Payroll
	read only = No
	create mask = 0664
	directory mask = 0775
	hosts allow = 192.168.0.0/255.255.255.128

[Public]
	comment = Shared Public File Storage Area
	path = /data/Public
	read only = No
	create mask = 0666
	directory mask = 0777
	hosts allow = 192.168.0.0/255.255.255.128

Open in new window

glaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ygouthamCommented:
if you are using tdbsam, the machine trust accounts would also have been created in the smbpasswd file.  one way of ensuring that the profiles load correctly would be to re-attach the machines to this domain (take them to a workgroup and bring back in domain), which is the best option

second would be to copy the smbpasswd file or the entire contents of (/etc/samba/ ) to the new server. since the machine does not find its trust-account, it would load off a temp profile for the user and would never read (though the password authentication) would work as the user might have been valid in the new PDC.
0
glaAuthor Commented:
ok I am nto hava the previous smbpasswd file. I have try to o re-attach the machines to the domain but load temp profile. I think the problem is the profile directory is not placed to the correct path. Where is the correct path to put the user profile directory?
0
ygouthamCommented:
let us assume a user called "xxx"

Your smb.conf file shows a wrong entry

[Profiles]
      comment = Roaming Profile Share
      path = /data/samba/profiles
      read only = No
      browseable = No
      guest ok = Yes
      profile acls = Yes


whereas your comment posted above says /data/Users/profiles

change the path mentioned in the [Profiles] portion to read as the correct path

ensure that the directory have 755 permissions set for /data and /data/Users (so that the userr can get in and read his profile).

the directory  /data/Users/Profiles/xxx should have ownership/group as xxx:xxx setup with 700 permissions
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

glaAuthor Commented:
>> where as your comment posted above says /data/Users/profiles

are you sure?
I think is /data/Users/xxx/profile
based on
logon path = \\%n\%u\profile

because I dont understan what change exactly must I make in [Profiles]?
0
ygouthamCommented:
>>At this time I put it in /data/Users/profile but

the path given in the profiles section is

  path = /data/samba/profiles

that should be changed to

  path = /data/Users/profile


##########
I do not think that you have the proper directory declared in the profiles portion of the share and that is causing the mistake

######

also the logon path is declared twice in the smb.conf file posted by you

i think the following is how it should be

logon path = \\%n\Profiles\%u
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
glaAuthor Commented:
the logon path is one time the first one start with ";" that si comment I think is this correct?
0
ygouthamCommented:
yes, anything that starts with a ";" is a comment.  but havve you changed the profiles path in the smb declaration portion???
0
glaAuthor Commented:
ok please send me the correct profile path.

0
ygouthamCommented:
gla, first you need to find out where you have stored the profiles that you picked up from the old server

/data/samba/profile

or

/data/Users/Profile

The correct path from above needs to be used in the smb.conf file as i had posted earlier.  

i think the commented "logon path" has the correct syntax.  you can remove the other logon path and uncomment the one that is currently with a ";" at the beginning
0
glaAuthor Commented:
Ok I have make some changes:

logon path = \\%N\%U\profile

and now works, I don t know the case sensitive was the fault?

do you have any suggestions?
0
ygouthamCommented:
well if it works then it should be fine...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
File Sharing Software

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.