Zentyal Forum, Linux Small Business Server
Zentyal Server => Directory and Authentication => Topic started by: Zsiraf on April 09, 2019, 03:22:03 pm
-
I installed a Zentyal 6 as PDC. Added users on webadmin. Joined windows7 computers to the server. 3 users logged in succesfully, but the next got an error message that there is problem with profile. Logged into the server via SSH and recognized /home/samba/profiles directory belongs to "default\domain users" group, but users are no longer. This is the reason why can't write to profiles or any shared directory.
For eg. this was when I created users:
#groups zsiraf
zsiraf : MyNetBIOSname\domain users BUILTIN\users
And this is now:
zsiraf : users BUILTIN\users
samba-tool group listmembers "Domain Users"
says that zsiraf user belongs to the group.
Has anybody idea what is the problem?
Thank's for any tip or suggestion.
-
I think there is a problem with the shared folder permissions of the mobile profiles.
that is the same problem when you try to create a shared folder within zentyal, it does not give access to traverse the directory in spite of giving permissions to the groups of reading and writing.
Roaming Windows User Profiles (https://wiki.samba.org/index.php/Roaming_Windows_User_Profiles)
-
Test:
administrator@servidor:~$ su root
Password:
root@servidor:/home/administrator# mkdir -p /home/samba/profiles
root@servidor:/home/administrator# chgrp -R "Domain Users" /home/samba/profiles
root@servidor:/home/administrator# chmod 1750 /home/samba/profiles
root@servidor:/home/administrator#reboot
-
Maybe I wasn't clear enough. Sorry.
The /home/samba/profiles directory belongs to "Domain Users" group. The problem is, if give on linux the groups command, it seems, users are not member of that group. But, if I check with samba-tool command, I see, users are member of that gorup in AD.