OT: Win: Starting a windows enterprise admin group

JD Austin jd at twingeckos.com
Fri Aug 27 19:21:55 MST 2010


I've confirmed that the roaming profiles work for a few test users.




On Fri, Aug 27, 2010 at 19:16, Bryan O'Neal <
Bryan.ONeal at theonealandassociates.com> wrote:

> Just to make sure roaming profile works from a client computer for the
> admin but not for the regular users on the same desktop?
> My first suggestion would to allow browsing and execution on the SAMBA
> and FS level for everyone (save guest) and use ACL's to control user
> access. If you join the samba server to the AD and use kerberos
> tickets to pass authentication the windows server will simply think of
> the samba server as another windows server.
>
>
>
> On Thu, Aug 26, 2010 at 12:56 PM, JD Austin <jd at twingeckos.com> wrote:
> > The netlogon doesn't have permissions listed but profiles does; it seems
> the
> > group name of the directory was mostly the issue (root):
> > [Profiles]
> > path = /home/e-smith/files/samba/profiles
> > writeable = yes
> > browseable = no
> > create mask = 0600
> > directory mask = 0700
> > csc policy = disable
> > hide files = /desktop.ini/ntuser.ini/NTUSER.*/
> >
> > [netlogon]
> > comment = Network Logon Service
> > path = /home/e-smith/files/samba/netlogon
> > guest ok = yes
> > writable = yes
> > browseable = no
> >
> > SME server uses a bunch of templates and has a system for building the
> > smb.conf file that I'm still learning how to use such as:
> >
> > db configuration setprop smb RecycleBin enabled
> > db configuration setprop smb KeepVersions enabled
> > signal-event group-modify shared
> > signal-event group-modify domain-admins
> > signal-event group-modify domain-users
> >
> > I really hate using a bleeding edge version but I'll make it work :)
> > JD
> > On Thu, Aug 26, 2010 at 12:39, Eric Shubert <ejs at shubes.net> wrote:
> >>
> >> What are the permissions in your smb.conf file?
> >>
> >> (check logon path and [Profiles] in particular)
> >>
> >
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20100827/16eabc24/attachment.html>


More information about the PLUG-discuss mailing list