[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[seul-edu] Samba is killing me.... very slowly!



Hey everyone,

I am REALLY fried on this one.  I'm going nuts.  If anyone can please
bring some sanity to my life before the start of school on Monday,
please do!!!!  For those who knew me back at the k12linux mailing list,
you're going to be tired of hearing me ask this question.  OK, I've been
working my butt off this summer getting all these computers ready and
then waiting till the last minute (of course) to set them all to log in
to the network - of course thinking that I had this working for a whole
year and it shouldn't be any problem.  Right!

I upgraded to Samba 2.0.7 and reworked the smb.conf file a little.  The
one thing I changed was the NETLOGON directory structure.  Before I had
one directory and one config.pol file for permissions.  However,
I thought I would split the directories up and use separate config.pol
files incase I wanted to give permission to a class on a particular
day.  With Samba, you can't use group policies, so this seemed like a
way around that.  I have one directory for each group (type, adm,
teacher, etc.) with a config.pol in it and a logon script.  The
[NETLOGON] share points to /home/samba/netlogon/%G and it get's mapped
to that fine.  The problem is that the computers don't seem to respond
to any changes to the config.pol file.  Presumably if a teacher logs in,
the config.pol file only has a default user and computer assigned in it,
then every teacher should get that policy.  Well, that doesn't seem to
happen.  I can't get any policies or roaming profiles to work, and I've
been trying for 6 hours.  I thought I had gong through this enough last
year that I really understood it.

So, I go into policy editor, open the registry and see that it's not
"updating", so I set it and log out, then back in.  Now things work, but
only for people that I have specific policies set for (say dsmith - a
teacher).  But no other teachers get any settings.  The NETLOGON share
is connected fine.  I've checked the logs and every computer appears to
be looking at the config.pol file, but nothing is being done.

What in the world could be going on?  I'm so lost.  I really have been
through this a hundred times today and I just can't make heads or tails
of anything anymore.  My smb.conf is below.

Thank you - anyone - that can offer something!
Ryan Booz
Tech Coordinator
Belleville Mennonite School

P.S.  After some more trials (before sending this) what I've come down
to is that the clients don't seem to be accepting any changes to
anything "default" in the policy files.  No matter what I do, until I
give a named policy to someone, nothing takes.  Even once they have a
named policy, I have to go into the registry, tell it to update, and
then those new settings take effect.  but NOTHING default ever takes.
How can this be?

----------------

   # Global parameters
   [global]
           workgroup = LAB
           netbios name = SERVER
           server string = File and Auth. Server
           encrypt passwords = Yes
           passwd program = /usr/bin/passwd %u
           passwd chat = *New*UNIX*password* %n\n
*Retype*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
           unix password sync = Yes
           debug level = 2
           log file = /var/log/samba/log.%m
           max log size = 50
           name resolve order = wins lmhosts bcast
           deadtime = 10
           keepalive = 60
           socket options = TCP_NODELAY SO_KEEPALIVE SO_RCVBUF=8192
SO_SNDBUF=8192
           load printers = No
           logon script = %G.bat
           logon home = \\%L\%U\profile
           domain logons = Yes
           os level = 65
           preferred master = Yes
           domain master = Yes
           dns proxy = No
           wins proxy = Yes
           wins support = Yes
           unix realname = Yes

   [homes]
           comment = Home Directoory
           writeable = Yes
           create mask = 0700
           directory mask = 0700
           veto files = /.bash*/.k*/.x*/
           browseable = No
           locking = No
           oplocks = No
           share modes = No

   [netlogon]
           comment = Network Logon Service
           path = /home/samba/netlogon/%G
           admin users = booz leon
           write list = booz leon
           locking = No
           share modes = No

   [admin]
           comment = Root on server
           path = /
           valid users = booz leon
           admin users = booz leon
           writeable = Yes
           create mask = 0700
           browseable = No

   [tmp]
           comment = Temporary file space
           path = /pchome/tmp
           writeable = Yes
           create mask = 0755
           guest ok = Yes
           root preexec = /etc/smblogs %U %m
           root postexec = /etc/smblogsout %U %m

   [scripts]
           path = /home/samba/netlogon
           valid users = booz leon
           admin users = booz leon
           write list = booz leon
           create mask = 0755
           browseable = No

   [adm_temp]
           comment = Administration temp directory
           path = /pchome/adm_temp
           valid users = booz leon
           admin users = booz leon
           write list = booz leon
           writeable = Yes
           browseable = No

   [wp]
           path = /pchome/classes/wp
           valid users = +wp +adm
           write list = booz leon
           force create mode = 0444
           browseable = No

   [comp_app]
           path = /pchome/classes/comp_app
           valid users = +adm +capp
           writeable = Yes
           force create mode = 0770
           force directory mode = 0770
           browseable = No

   [atrt]
           path = /pchome/classes/atrt
           writeable = Yes
           force create mode = 0777
           force directory mode = 0777
           guest ok = Yes
           browseable = No
           locking = No
           oplocks = No
           share modes = No

   [quill]
           path = /pchome/classes/quill
           valid users = +quill +adm +teacher
           write list = +quill +adm +teacher
           writeable = Yes
           force create mode = 0770
           force directory mode = 0770
           browseable = No

   [yearbook]
           path = /pchome/classes/yearbook
           valid users = +yearbook +adm +teacher
           write list = +yearbook +adm +teacher
           writeable = Yes
           force create mode = 0770
           force directory mode = 0770
           browseable = No