Account Links: Cart | Your Account | Logout

Skip to content

Red Hat Knowledgebase

Red Hat Knowledgebase Search:

Updated Within the Last:

New Solutions within the last day New Solutions within the last week New Solutions within the last month

Browse by topics:


Click to View a Topic
General Linux > Samba > Issue <<  19 of 98 >>

Solution Tools:


Email a Solution Postcard Printer version Submit a comment on this answer Update notifications Request an answer Back

Article Reference

Article ID: 4357
Last update: 11-24-04
Issue:
How can I set up my Samba Primary Domain Controller (PDC) to store our network users roaming profiles and home directories on the server?
Resolution:

You will need the following settings enabled in your /etc/samba/smb.conf file:

  1. In the [global] section: 

     
#	- Windows 2000/XP clients are fed this share as the 
           location to store their profile:
	logon path = \\%N\profiles\%U
#
#	- Windows 9x & NT clients are fed this share as the 
           location to store their profile:
	logon home = \\%N\%U\profile


  2. A [profiles] share in your smb.conf, to store 2000 and XP users' profiles and home directories on the server: 

     
[profiles]
	comment = Roaming User Profiles
	path = /home/profiles
	profile acls = yes
	csc policy = disable
	create mask = 0600
	directory mask = 0700
	browseable = no
	guest ok = no
	read only = no


    As the root user, create the share's directory on the server: 

     
# mkdir /home/profiles


    In the command below, set the group ID to the group on your Samba PDC that is mapped to the "Domain Users" group. This is 'smbusers' on my system: 

     
# chown root:smbusers /home/profiles
# chmod 770 /home/profiles


  3. If you have Win9x or NT Workstation network clients, verify that your [homes] share contains proper settings to store the user profile data, since the 'logon home' statement above will cause their profile to be stored in a directory named 'profile' under their home directory. 

     
[homes]
	comment = Home Directories
	csc policy = disable
	valid users = %U
	read only = no
	create mask = 0600
	directory mask = 0700
	browseable = No
	guest ok = no


    Once you have made these changes, restart the Samba service: 

     
# service smb restart

    Note: The 'directory mask' and 'create mask' values shown above reflect using a tighter security on users' data directories. You could modify these to less restrictive values if you prefer.

Your Samba PDC will now offer to store users' profiles on the server. Note, however, that much of the behavior regarding profile storage is governed by the client side of the equation (the Windows systems), even when your server is configured to support roaming profiles.

The first time a certain network user logs on from a particular NT, 2000, or XP workstation, a key is written to the Windows registry which tells the system where to load this user's profile from in the future. So if a certain network user has already logged onto the network from a certain workstation before you enabled roaming profile support on your Samba PDC, their profile will most likely still be loaded from the local system, due to the value of this registry key.

Incidentally, although editing the Windows registry is not recommended and well beyond the scope of this document, here is the registry key which contains the ProfileList subkeys, one for each user that has ever logged onto a given system. We do not recommend modifying anything, but this is where the information is stored:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

How To Change an Existing XP or 2000 Network User's Profile from Local to Roaming
On XP and 2000 systems, to change a network user's profile from a local profile type to a roaming profile type, be prepared to go to each workstation the network user has logged in from. But you will want to go to the system containing the user profile/home directory you want copied to the Samba PDC first.

First, back up any important data files currently stored in the network user's local home directory - on EACH WORKSTATION they have logged in from - to a location outside of the "Documents and Settings" folder structure.

  • Log in as the user - from the system containing the network user's profile that you wish to be copied to the server.
  • Open the System applet from the Control Panel.
  • Select the Advanced tab.
  • Click the the 'Settings' button under the User Profiles section.
  • Select the user whose profile type you wish to change, then click the Change Type button, and select 'Roaming profile'.
  • Apply/OK all menu boxes, then log off the system. As the logoff occurs, the user's profile will be copied to the Samba PDC, and from that point on, that user should use a roaming profile from this system.
  • Go to each other system the user has logged on from, log in as a Domain or Local Administrator (but in any case, NOT the network user!!), then following the navigation guide in steps above, change the user's profile type to a roaming profile, and OK your way out of all menus. The next time this user logs onto any of these systems, their profile should be loaded from the Samba PDC instead.

Other ways to convert Windows user profiles may exist, and some details may be different for older versions of Windows. For more information on the Windows side of this administration topic, please consult your Windows documentation, or other Microsoft support mechanisms.

For more information about Samba configuration, excellent Samba documentation is also available in PDF and HTML formats on any system which has the samba RPM installed, in the following directory: /usr/share/doc/samba-/docs


How well did this entry answer your question?


good wrong incomplete out of date
General Linux > Samba > Issue <<   19  of  98  >>