Good morning,

We have Samba 4 running on SLES 11 SP3 as our primary domain controller for a Windows NT-based domain of mostly Windows 7 Professional machines.

Corruption of our SLES server necessitated the rebuilding of our controller this weekend, which was thankfully easy. We reinstalled SLES 11 SP3 and then copied over the /etc/passwd, /etc/group, /etc/samba/*, and /var/lib/samba/netlogon/* directories and applied the appropriate permissions, and were able to get everything running.

Unfortunately, I'm now finding that users who log in after the rebuild receive one, sometimes two errors:

Error 1) "Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.

DETAIL - The network name cannot be found."

Error 2) "Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off."

In general, users who already have a profile on the machine receive Error 1, but users who log into a workstation for the first time receive Error 2.

We do not need to implement roaming profiles on our domain -- local profiles do just fine for us.

Below are the contents of our smb.conf file:

	netbios name = [redacted]
	workgroup = [redacted]
	map to guest = Bad User
	passdb backend = smbpasswd
	unix password sync = yes
	add machine script = /usr/sbin/useradd -g ntadmin -c "NT Machine Account" -s /bin/false %u
	domain logons = Yes
	domain master = Yes
	local master = Yes
	os level = 64
	preferred master = Yes
	security = user
	wins support = Yes
	usershare max shares = 100
	browseable = No
	browsable = No
	include = /etc/samba/dhcp.conf
	usershare allow guests = No
	add user script = /usr/sbin/useradd -m %u
	delete user script = /usr/sbin/userdel -r %u
	encrypt passwords = Yes
	smb passwd file = /etc/samba/smbpasswd
	passwd program = /usr/bin/passwd %u
	logon script = logon.bat
	time server = Yes
	name resolve order = wins bcast host lmhosts
	recycle:keeptree = yes
	recycle:repository = /shares/.recycle
	recycle:versions = yes
	vfs objects = recycle
	ldap suffix = 

##[profiles] - Intentionally commented out
##	comment = Network Profiles Service
##	path = %H
##	read only = No
##	create mask = 0600
##	directory mask = 0700
##	store dos attributes = Yes

	comment = Network Logon Service
	path = /var/lib/samba/netlogon
	read only = yes
	write list = root
Any help would be appreciated!