Tokar
09.08.06, 13:45
Hallo erstmal,
ich hab hier einen Samba PDC zu sammen geschraubt. Der funktioniert soweit auch ganz gut , außer dass ich wenn ich mich als DomainAdmin anmelde ich die Fehler Meldung bekomme "Profil kann nicht gefunden werden...."
Ich kann auf den Servershares schreiben, wenn ich mir dann da die Dateien ansehe ist eigentümer root und die Gruppe ist die Admin Gruppe. Question
Hat jemand diese Phänomän schon mal erlebt?
Hier mal meine smb.conf:
[global]
workgroup = DOM
server string =
interfaces = ******************
obey pam restrictions = Yes
passdb backend = tdbsam:/var/lib/samba/passdb.tdb, guest
passwd program = /usr/bin/passwd %u
unix password sync = Yes
log level = 9
log file = /var/log/samba/log.%m
debug uid = Yes
add user script = /usr/sbin/useradd -m %u
delete user script = /user/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g S-Computers %u
logon script = %U.bat
logon path = \\%L\profiles\%U\%a
logon drive = z:
logon home = \\%L\homes\%U
domain logons = Yes
os level = 250
preferred master = Yes
domain master = Yes
wins support = Yes
time server = Yes
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
admin users = @Samba-Admins
wide links = No
follow symlinks = No
[homes]
comment = Home Directories
username = %U
read list = %U
write list = %U
read only = No
create mask = 0775
directory mask = 0775
[netlogon]
comment = Logonscripte
path = /srv/netlogon
read list = @Museum, @Praktikanten, @Samba-Admins, @Admin-Mus
write list = @Samba-Admins
create mask = 0774
guest ok = Yes
browseable = No
[profiles]
comment = Profiles
path = /srv/profiles/
username = %U
read list = %U
write list = %U
read only = No
create mask = 0775
directory mask = 0775
[public]
comment = Gemeinsames Verzeichniss
path = /srv/public/
read list = @Praktikanten, @Samba-Admins, @Museum, @Admin-Mus
write list = @Samba-Admins, @Museum, @Admin-Mus
read only = No
create mask = 0755
directory mask = 0775
[praktikanten]
comment = Praktikanten
path = /srv/praktikanten/
username = %U
read list = @Praktikanten, @Samba-Admins, @Museum, @Admin-Mus
write list = @Samba-Admins, @Museum, @Admin-Mus, @Praktikanten
read only = No
create mask = 0755
directory mask = 0775
[non-pub]
comment = Adminverzeichniss
path = /srv/non-pub/
username = @Admin-Mus
read list = @Admin-Mus, @Samba-Admins
write list = @Admin-Mus, @Samba-Admins
read only = No
create mask = 0755
Und Groupmaps:
rumpelkiste:~# net groupmap list
System Operators (S-1-5-32-549) -> -1
Domain Admins (S-1-5-21-277819011-3172192512-657168873-512) -> Samba-Admins
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Domain Users (S-1-5-21-277819011-3172192512-657168873-513) -> Museum
Power Users (S-1-5-32-547) -> Museum
Domain Guests (S-1-5-21-277819011-3172192512-657168873-514) -> Praktikanten
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
mfg
Tokar
ich hab hier einen Samba PDC zu sammen geschraubt. Der funktioniert soweit auch ganz gut , außer dass ich wenn ich mich als DomainAdmin anmelde ich die Fehler Meldung bekomme "Profil kann nicht gefunden werden...."
Ich kann auf den Servershares schreiben, wenn ich mir dann da die Dateien ansehe ist eigentümer root und die Gruppe ist die Admin Gruppe. Question
Hat jemand diese Phänomän schon mal erlebt?
Hier mal meine smb.conf:
[global]
workgroup = DOM
server string =
interfaces = ******************
obey pam restrictions = Yes
passdb backend = tdbsam:/var/lib/samba/passdb.tdb, guest
passwd program = /usr/bin/passwd %u
unix password sync = Yes
log level = 9
log file = /var/log/samba/log.%m
debug uid = Yes
add user script = /usr/sbin/useradd -m %u
delete user script = /user/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null -g S-Computers %u
logon script = %U.bat
logon path = \\%L\profiles\%U\%a
logon drive = z:
logon home = \\%L\homes\%U
domain logons = Yes
os level = 250
preferred master = Yes
domain master = Yes
wins support = Yes
time server = Yes
ldap ssl = no
panic action = /usr/share/samba/panic-action %d
admin users = @Samba-Admins
wide links = No
follow symlinks = No
[homes]
comment = Home Directories
username = %U
read list = %U
write list = %U
read only = No
create mask = 0775
directory mask = 0775
[netlogon]
comment = Logonscripte
path = /srv/netlogon
read list = @Museum, @Praktikanten, @Samba-Admins, @Admin-Mus
write list = @Samba-Admins
create mask = 0774
guest ok = Yes
browseable = No
[profiles]
comment = Profiles
path = /srv/profiles/
username = %U
read list = %U
write list = %U
read only = No
create mask = 0775
directory mask = 0775
[public]
comment = Gemeinsames Verzeichniss
path = /srv/public/
read list = @Praktikanten, @Samba-Admins, @Museum, @Admin-Mus
write list = @Samba-Admins, @Museum, @Admin-Mus
read only = No
create mask = 0755
directory mask = 0775
[praktikanten]
comment = Praktikanten
path = /srv/praktikanten/
username = %U
read list = @Praktikanten, @Samba-Admins, @Museum, @Admin-Mus
write list = @Samba-Admins, @Museum, @Admin-Mus, @Praktikanten
read only = No
create mask = 0755
directory mask = 0775
[non-pub]
comment = Adminverzeichniss
path = /srv/non-pub/
username = @Admin-Mus
read list = @Admin-Mus, @Samba-Admins
write list = @Admin-Mus, @Samba-Admins
read only = No
create mask = 0755
Und Groupmaps:
rumpelkiste:~# net groupmap list
System Operators (S-1-5-32-549) -> -1
Domain Admins (S-1-5-21-277819011-3172192512-657168873-512) -> Samba-Admins
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Domain Users (S-1-5-21-277819011-3172192512-657168873-513) -> Museum
Power Users (S-1-5-32-547) -> Museum
Domain Guests (S-1-5-21-277819011-3172192512-657168873-514) -> Praktikanten
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1
mfg
Tokar