Thursday, May 29, 2003
After serveral months of testing new servers running RH8/Samba, I migrated a user's home directory to the Samba file server. Backup of the data was done through ntbackup, to get around file permission issues by using the Windows backup API. The file was restored to the Samba share, whereupon the ntbackup.exe informed me the the destination filesystem will loose some of the security settings.
That's the idea. Storing the home directories on NTFS was creating all sorts of ownship/ACL complcations.
The user accesses their home directory through a share:
\\sambaserver\home
in that share, there is a symbolic link to the actual location of thier data on the Samba server.
After moving the users data, I modified the users record in the SAM database using usrmgr. I manually edited thier profile to:
\\sambaserver.env.duke.edu\home\username\profile
and their home directory to:
\\sambaserver.env.duke.edu\home\username
The user authenticated fine (nothing had changed there) but could not get their profile loaded onto the workstation.
After much troubleshooting, the problem lay in the permissions along the path to the acutal location where the users data was stored. The parent folder of the directory holding the users data need to be made world readable.
The perms had to be set like this:
[sambaserver.env.duke.edu/windata5/someuser]
-> drwxr-xr-x windata5
-> drwxr-x--- someuser
I'm not sure why. It seems strange, since the Samba runs as root. But it worked after that.
That's the idea. Storing the home directories on NTFS was creating all sorts of ownship/ACL complcations.
The user accesses their home directory through a share:
\\sambaserver\home
in that share, there is a symbolic link to the actual location of thier data on the Samba server.
After moving the users data, I modified the users record in the SAM database using usrmgr. I manually edited thier profile to:
\\sambaserver.env.duke.edu\home\username\profile
and their home directory to:
\\sambaserver.env.duke.edu\home\username
The user authenticated fine (nothing had changed there) but could not get their profile loaded onto the workstation.
After much troubleshooting, the problem lay in the permissions along the path to the acutal location where the users data was stored. The parent folder of the directory holding the users data need to be made world readable.
The perms had to be set like this:
[sambaserver.env.duke.edu/windata5/someuser]
-> drwxr-xr-x windata5
-> drwxr-x--- someuser
I'm not sure why. It seems strange, since the Samba runs as root. But it worked after that.
