[OpenAFS] OpenAFS 1.7.8 Windows 7 User Profiles

Lars Schimmer l.schimmer@cgv.tugraz.at
Fri, 06 Apr 2012 23:20:42 +0200

On 06.04.2012 19:45, G=E9mes G=E9za wrote:
> Hi,

> If I manually copy (as testuser) the Default User.v2 profile to
> \\afs\cellname\user\home\path\.Wprofile\Roaming.V2 it gets ignored with
> the same error message in the eventlog.
> Please advise how to debug this.

Could the user after logon access the profile path in OpenAFS?
Could the AD Server (samba 4) access that path without having tokens?
Is the roaming profile in windows clients "new" or "old"?
(e.g. remove the roaming profile from within system settings - profile ta=
Is the Samba 4 really production ready as a AD server for windows 7?

Sorry to be less helpful, but the first three problems were our biggest
problem with that issue.

For us: win 2008r2 AD & krb5 server with all users, win 7 64 clients,
users roaming profiles in OpenAFS.
Win XP profiles in \\AFS\.cgv.tugraz.at\home\username\winprofile\
Win 7 Profiles in \\AFS\.cgv.tugraz.at\home\username\winprofile.V2\
Both are volumes with seperate Quota, same ACLs.
Those path are set in AD as windows profile path.
Our AD server has IP ACL rl for the whole path and write ACL for the
winprofile(.V2) folders.
Clients do have obtain tokens on login enables and that does work quite
For Win XP we needed to disable security checking for the profiles, IMHO
we disabled this on the AD for Windows 7.

> Cheers
> Geza

Lars Schimmer
TU Graz, Institut f=FCr ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723