Home Forums OS X Server and Client Discussion Questions and Answers OD as a PDC with roaming profile inside the home directory

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • January 8, 2009 at 3:11 am #375091
    scr
    Participant

    Hello there

    I have two servers, one an OD Master which I have configured as a PDC , and a second server which stores AFP network home directories, both running 10.5.4. I would like to configure each user so that their Windows Roaming Profile is stored inside their AFP home directory on the other server. To attempt this I changed the User Profile Path setting inside Workgroup Manager to \\homedirserver\sharename\username\Profile but when I try and login on a WinXP machine I get the following error:

    “Windows did not load your roaming profile and is attempting to log you on with your local profile. Windows did not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the administrator group must be the owner of the folder.”

    If I look inside that users network home folder, I see that the system created a folder called Profile which has read/write permissions for that user, but it didnt populate it with anything. How can I get the roaming profile stored in the users network home directory?

    January 8, 2009 at 11:11 pm #375104
    scr
    Participant

    Nothing like responding to your own post!

    Ok, after a lot of digging around I came across this Microsoft support article: http://support.microsoft.com/kb/327259 which actually talks about Windows Server 2003, but the fix seemed to work:

    To change the “Do not check for user ownership of Roaming Profile Folders” policy setting:
    Start the Group Policy snap-in.
    Browse to the following folder:
    Computer Configuration\Administrative Templates\System\User Profiles
    In the right pane, double-click Do not check for user Ownership of Roaming Profile Folders.
    To turn on the policy, click Enabled. To turn off the policy, leave the policy undefined or click Disabled.
    Click OK.

    My assumption is that WinXP was unable to determine the correct owner of the profile folder possibly because of ACLs. There also appeared to be an option to put into the smb.conf file under the [Profiles] share called ‘profile acls = yes’ but this didnt seem to have any effect for me, I guess because my profiles are not stored in the default Samba location so that setting didnt apply?

    Either way, the Microsoft solution seems to have fixed the problem. Yay! 😀

    January 9, 2009 at 3:35 am #375108
    Dave Hagan
    Participant

    This might be of interest to you…

    http://support.apple.com/kb/TA22688?viewlocale=en_US

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.