OT: Win: Starting a windows enterprise admin group
Eric Shubert
ejs at shubes.net
Thu Aug 26 12:39:55 MST 2010
What are the permissions in your smb.conf file?
(check logon path and [Profiles] in particular)
JD Austin wrote:
> I think it is due to file/group permissions on SME Server but haven't
> locked it down yet (haven't turned server over to users yet thankfully).
> I had to load the latest bleeding edge version (shudder) because 7.5.1
> won't let Windows 7 log into the domain.
> It is currently giving this error on the windoze side:
>
> Windows cannot locate the server copy of your roaming profile and is
> attempting to log you on with your local profile. Changes to the
> profile will not be copied to the server when you logoff. Possible
> causes of this error include network problems or insufficient
> security rights. If this problem persists, contact your network
> administrator.
>
> DETAIL - The network name cannot be found.
>
> Windows cannot find the local profile and is logging you on with a
> temporary profile. Changes you make to this profile will be lost
> when you log off.
>
>
> It doesn't happen for the admin user but I don't believe SME Server has
> the admin user on roaming profiles. Samba errors make it look like a
> group/permission issue:
>
> Samba errors in the log when I log in:
> Aug 26 11:49:56 directory smbd[6413]: [2010/08/26 11:49:56, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:49:56 directory smbd[6413]:
> '/home/e-smith/files/samba/profiles' does not exist or permission
> denied when connecting to [Profiles] Error was Permission denied
> Aug 26 11:49:56 directory smbd[6413]: [2010/08/26 11:49:56, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:49:56 directory smbd[6413]:
> '/home/e-smith/files/samba/profiles' does not exist or permission
> denied when connecting to [Profiles] Error was Permission denied
> Aug 26 11:49:57 directory smbd[6413]: [2010/08/26 11:49:57, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:49:57 directory smbd[6413]:
> '/home/e-smith/files/samba/profiles' does not exist or permission
> denied when connecting to [Profiles] Error was Permission denied
> Aug 26 11:50:14 directory smbd[6413]: [2010/08/26 11:50:14, 0]
> smbd/service.c:m
> ake_connection_snum(1081)
> Aug 26 11:50:14 directory smbd[6413]:
> '/home/e-smith/files/samba/netlogon' doe
> s not exist or permission denied when connecting to [netlogon] Error
> was Permission denied
> Aug 26 11:50:15 directory smbd[6413]: [2010/08/26 11:50:15, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:50:15 directory smbd[6413]:
> '/home/e-smith/files/users/jd/home' does not exist or permission
> denied when connecting to [jd] Error was Permission denied
> Aug 26 11:50:15 directory smbd[6413]: [2010/08/26 11:50:15, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:50:15 directory smbd[6413]:
> '/home/e-smith/files/users/jd/home' does not exist or permission
> denied when connecting to [jd] Error was Permission denied
> Aug 26 11:50:16 directory smbd[6413]: [2010/08/26 11:50:16, 0]
> smbd/service.c:make_connection_snum(1081)
> Aug 26 11:50:16 directory smbd[6413]:
> '/home/e-smith/files/samba/netlogon' does not exist or permission
> denied when connecting to [netlogon] Error was Permission denied
>
>
> Permissions look good to me ?!?! :
> [root at directory ~]# ls -la /home/e-smith/files/samba/
> drwxrwxr-x 19 admin shared 4096 Aug 24 18:35 profiles
>
> I am in that group:
> [root at directory ~]# grep shared /etc/group
> shared:x:500:www,admin,public,betty,bill,heidy.lavoix,nancy.fernandez,kajia.pete
> rs,zhan.lui,jason.brooke,unprivledged,allusers,afls,*_jd_*
>
> Just for grins I changed the group ownership on /home/e-smith/files from
> root.root to root.shared and I don't get that error when logging in.
>
> I do however still get theses errors:
>
> Aug 26 11:57:02 directory smbd[6442]: [2010/08/26 11:57:02, 0]
> smbd/service.c:set_current_service(191)
> Aug 26 11:57:02 directory smbd[6442]: chdir
> (/home/e-smith/files/samba/netlogon) failed
> Aug 26 11:57:04 directory smbd[6442]: [2010/08/26 11:57:04, 0]
> smbd/service.c:set_current_service(191)
> Aug 26 11:57:04 directory smbd[6442]: chdir
> (/home/e-smith/files/samba/netlogon) failed
> Aug 26 11:57:04 directory smbd[6442]: [2010/08/26 11:57:04, 0]
> smbd/service.c:set_current_service(191)
> Aug 26 11:57:04 directory smbd[6442]: chdir
> (/home/e-smith/files/samba/netlogon) failed
>
>
> So.. lets try chmod 2750 /home/e-smith/files/samba/* (found those perms
> online somewhere)
> *I think I might have fixed it :) No errors on either side!*
> Hopefully next time I load SME Server it will just work :)
>
> JD
> On Thu, Aug 26, 2010 at 11:30, Eric Shubert <ejs at shubes.net
> <mailto:ejs at shubes.net>> wrote:
>
> Thanks, JD. I seem to remember that now, but missed it when I
> reviewed the thread this morning.
>
> Looks like 'Cherry' is doing some spammy postings. I hate that type
> of noise. One of the reasons I dislike google groups.
>
> Anyhow, what's your problem with roaming?
>
> I've got redirection working on selected profile folders via
> NTConfig.POL (speeds up logging on/off tremendously), and the
> profiles out from under home, so homes are handled by dfs. All user
> data (including redirections) is now on a 2nd samba file server,
> except for the remaining profile folders. I'm getting permissions
> error (profile ownership) when logging on when I try to use profiles
> on the 2nd samba server.
>
>
> --
> -Eric 'shubes'
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> <mailto:PLUG-discuss at lists.plug.phoenix.az.us>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
--
-Eric 'shubes'
More information about the PLUG-discuss
mailing list