Pdc perfil móvel não autentica

mcl085
(usa Debian)

Enviado em 08/09/2010 - 08:31h

Galera, estou configurando um servidor samba pdc com perfil móvel no CentOS 5.2. Quando me autentico com qualquer usuário pelo Windows XP me aparece uma mensagem do tipo:
"O Windows não pode atualizar o perfil movel. Dentre as causas possíveis do erro estão problemas com a rede ou direitos insuficientes de segurança. Se o problema persistir, contate o administrador de rede."
Já verifiquei as permissões dos diretórios profiles e .profile e está tudo ok com as permissões. As permissões do logon.bat estão abertas 777. Porém ainda continuo tendo o erro ao autentica. Abaixo estou postanto meu smb.conf e logo.bat. Se alguém puder me ajudar, por favor.


#############################################
# CONFIGURAÇÕES DO DOMÍNIO
#############################################
[global]
workgroup = SAFARI
server string = PDC TESTE
netbios name = supernova
interfaces = lo eth0 192.168.231.0/24
hosts allow = 127. 192.168.
remote announce = 192.168.231.255/SAFARI
ntlm auth = yes
lanman auth = yes
obey pam restrictions = yes
admin users = @admin,@adm

#############################################
# CONFIGURAÇÕES DO PDC
#############################################
log level = 0 vfs:10
log file = /var/log/samba/samba.log
max log size = 50
security = user
passdb backend = tdbsam
domain master = yes
domain logons = yes
logon script = %g.bat
; logon script = logon.bat
logon path = \\%L\profiles\%U
; logon home = %Lprofiles%U
; logon drive = j:
add user script = /usr/sbin/useradd "%u" -n -g users
add group script = /usr/sbin/groupadd "%g"
add machine script = /usr/sbin/useradd -g machines -c "Computador (%u)" -d /nohome -s /bin/false "%u"
delete user script = /usr/sbin/userdel "%u"
delete user from group script = /usr/sbin/userdel "%u" "%g"
delete group script = /usr/sbin/groupdel "%g"
local master = yes
os level = 33
preferred master = yes
wins support = yes
; wins server = w.x.y.z
; wins proxy = yes
; dns proxy = yes
; time server = yes

#############################################
# CONFIGURAÇÕES DE IMPRESSAO
#############################################
load printers = yes
cups options = raw
printcap name = /etc/printcap
printcap name = lpstat
printing = cups

#############################################
# CONFIGURAÇÕES DO FILESYSTEM
#############################################
;
; map hidden = no
; map read only = no
; map system = no
; store dos attributes = yes

#############################################
# CARREGAMENTO DE MODULOS EXTRAS
#############################################

vfs objects = recycle extd_audit


#############################################
# CONFIGURAÇÕES DO LIXEIRA DE REDE
#############################################
recycle:exclude = *.tmp *.temp *.o *.obj ~$*
recycle:keeptree = True
recycle:touch = True
recycle:versions = True
recycle:noversions = .doc|.xls|.ppt|.docx|.xlsx
recycle:repository = .recycle
recycle:maxsize = 0
recycle:directory_mode = 0770
recycle:subdir_mode = 0770
; recycle:force group = admin
; create mask = 0770
; directory mask = 0770
; force group = admin

#############################################
# CONFIGURAÇÕES DE AUDITORIA
#############################################
extd_audit:facility = local5
extd_audit:priority = notice
extd_audit:prefix = %u|%I|%S
extd_audit:success = all
; rename rmdir unlink
extd_audit:failure = none

; full_audit:facility = LOCAL6
; full_audit:priority = NOTICE
; full_audit:success = mkdir, rmdir, open, close, read, write, rename, lock, unlink, connect, disconnect
; full_audit:prefix = Usuario => %u - IP => %I - Máquina %m - Grupo %g e %G - Compartilhamento => %S
; full_audit:failure = mkdir, rmdir, open, close, read, write, rename, lock, unlink, connect, disconnect


#############################################
# CONFIGURAÇÕES DO WINBIND
#############################################
winbind use default domain = no
idmap backend = tdb
idmap gid = 10000-20000
idmap uid = 10000-20000
; idmap domains = ALLDOMAINS
idmap config ALLDOMAINS:default = yes
idmap config ALLDOMAINS:backend = tdb
idmap config ALLDOMAINS:range = 10000 - 50000
idmap alloc backend = tdb
; idmap alloc backend = ad
idmap alloc config:range = 10000 - 50000


#############################################
# DEFINIÇÕES DOS COMPARTILHAMENTOS
#############################################
;[printers]
; comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = yes
; valid users %u
; writable = no
printable = yes
public = yes

[netlogon]
comment = Network Logon Service
path = /home/safari-netlogon
guest ok = yes
writable = no
public = no
browseable = yes
share modes = no

[homes]
comment = Diretorios Homes
read only = no
browseable = no
create mask = 0700
directory mask = 0700
valid users = %S

[profiles]
force user = %U
browseable = no
writeable = yes
valid users = %U
path = /home/profiles

[public]
comment = Arquivos de Acesso Publico
path = /home/dados/publico
browseable = no
writeable = yes
force create mode = 0777
force directory mode = 0777
force group = nogroup
force user = nobody
guest ok = yes

[grupo1]
comment = Arquivos do Grupo 1
path = /home/dados/grupo1
browseable = no
writable = yes
force create mode = 0777
force directory mode = 0777
force user = nobody
force group = grupo1
valid users = +grupo1

[grupo2]
comment = Arquivos do Grupo 2
path = /home/dados/grupo2
browseable = no
writable = yes
force create mode = 0777
force directory mode = 0777
force user = nobody
force group = grupo2
valid users = +grupo2

No meu arquivo logon.bat adicionei a seguinte linha para mapear o /home do usuário logado.

net use j: /HOME

removido
(usa Nenhuma)

Enviado em 08/09/2010 - 14:20h

Marcelo, dá uma olhada no conteúdo do meu blog, ele mostra apenas o necessário pra funcionar:

http://blog.cesar.augustus.nom.br/configurando-um-pdc-com-samba-no-linux.html