On 08/02/2012 09:07 AM, Paul R. Ganci wrote:
On 08/01/2012 09:13 AM, Andreas Rogge wrote:
Am 01.08.2012 09:39, schrieb Paul R. Ganci:
anybody have a clue as to why %u is not evaluating to the linux username snichols and is getting treated simply as the string %u?
You have to use %U instead of %u - this is not a security issue as having the wrong UNC path should (and probably will) be caught using ACLs.
Well last night I implemented this change and indeed this fixed the Win XP problem. The domain users on the client Win XP box can indeed find their roaming profiles and properly sync them at logon/logoff time. However when I went to add a domain user to the first Win 7 Professional box added to the domain, that user only gets a local profile (i.e. a C:\Users\username instead of C:\Users\username.domainame) despite the fact the domain user has a roaming profile. I am sure this is a Win 7 client setup issue.
The best I have been able to do is copy a local profile from the Win 7 box for the domain user back to the Samba PDC. I then delete the domain user's local profile and could get the Win 7 client to read the profile from the Samba PDC on the domain user's next logon. Basically I can get the Win 7 client to create a new local profile from the profile found on the Samba PDC but on logoff the Win 7 client will not sync that profile with the Samba PDC and on subsequent logons only uses the local stored profile on the Win 7 box. It is like the Win 7 client policy is to use local profiles only and it uses the Samba PDC profile only as a default if the local profile doesn't exist. There is no subsequent profile synchronization at logon/logoff after the Win 7 local profile gets created.
Any suggestions to registry/policy settings to get roaming profiles to act as roaming profiles on a Win 7 Professional SP 1 box? I thought I ask here first as I am already on this list. Admittedly this might better belong on a Samba forum but I am guessing somebody out there has already run into this issue. Everything on the web says this should work but alas...
Are you adding all of the required registry entries on the Win7 machines to have them join the domain?