sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

Added NT4 Profile Modification Docs, updated Win2K version.

Browse Source 
NOTE: These documents are place holders for a REAL document.
This commit is contained in:
John Terpstra 0001-01-01 00:00:00 +00:00
parent c7793f2718
commit 393c4a37f3
2 changed files with 128 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
docs/textdocs/CreatingGroupProfiles-Win2K.txt
View File

@ -53,3 +53,60 @@ Note:
Under NT/2K the use of mandotory profiles forces the use of MS Exchange
storage of mail data. That keeps desktop profiles usable.
Note:
-----
Date: Tue, 19 Nov 2002 08:32:17 -0000
From: John Russell <apca72@dsl.pipex.com>
Reply-To: John Russell <j.c.russell@sussex.ac.uk>
To: samba@lists.samba.org
Subject: Re: [Samba] Samba and Windows XP
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
this is a security check new to Windows XP (or maybe only
Windows XP service pack 1). It can be disabled via a group policy in
Active Directory. The policy is:
"Computer Configuration\Administrative Templates\System\User
Profiles\Do not check for user ownership of Roaming Profile Folders"
...and it should be set to "Enabled".
Does the new version of samba have an Active Directory analogue? If so,
then you may be able to set the policy through this.
If you cannot set group policies in samba, then you may be able to set
the policy locally on each machine. If you want to try this, then do
the following (N.B. I don't know for sure that this will work in the
same way as a domain group policy):
On the XP workstation log in with an Administrator account.
Click: "Start", "Run"
Type: "mmc"
Click: "OK"
A Microsoft Management Console should appear.
Click: File, "Add/Remove Snap-in...", "Add"
Double-Click: "Group Policy"
Click: "Finish", "Close"
Click: "OK"
In the "Console Root" window:
Expand: "Local Computer Policy", "Computer Configuration",
"Administrative Templates", "System", "User Profiles"
Double-Click: "Do not check for user ownership of Roaming Profile
Folders"
Select: "Enabled"
Click: OK"
Close the whole console. You do not need to save the settings (this
refers to the console settings rather than the policies you have
changed).
Reboot.

71
docs/textdocs/CreatingGroupProfilesInNT4.txt Normal file
View File

@ -0,0 +1,71 @@
Unfortunately, the Resource Kit info is Win NT4/2K version specific.
Here is a quick guide:
1. On your NT4 Domain Controller, right click on 'My Computer', then
select the tab labelled 'User Profiles'.
2. Select a user profile you want to migrate and click on it.
Note: I am using the term "migrate" lossely. You can copy a profile to
create a group profile. You can give the user 'Everyone' rights to the
profile you copy this to. That is what you need to do, since your samba
domain is not a member of a trust relationship with your NT4 PDC.
3. Click the 'Copy To' button.
4. In the box labelled 'Copy Profile to' add your new path, eg:
c:\temp\foobar
5. Click on the button labelled 'Change' in the "Permitted to use" box.
6. Click on the group 'Everyone' and then click OK. This closes the
'chose user' box.
7. Now click OK.
Follow the above for every profile you need to migrate.
Side bar Notes:
---------------
You should obtain the SID of your NT4 domain. You can use smbpasswd to do
this. Read the man page.
With Samba-3.0.0 alpha code you can import all you NT4 domain accounts
using the net samsync method. This way you can retain your profile
settings as well as all your users.
Also Note:
----------
The above method can be used to create mandatory profiles also. To convert
a group profile into a mandatory profile simply locate the NTUser.DAT file
in the copied profile and rename it to NTUser.MAN.
Next Note:
----------
The W2K professional resource kit has moveuser.exe:
Description:
moveuser.exe changes the security of a profile from one user to another.
This allows the account domain to change, and/or the user name to change.
Next Note:
----------
You can identify the SID by using GetSID.exe from the Windows NT Server 4.0
Resource Kit.
Windows NT 4.0 stores the local profile information in the registry under
the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Under the ProfileList key, there will be subkeys named with the SIDs of the
users who have logged on to this computer. (To find the profile information
for the user whose locally cached profile you want to move, find the SID for
the user with the GetSID.exe utility.) Inside of the appropriate user's
subkey, you will see a string value named ProfileImagePath.