[KLUG Members] samba user permissions

[Adam Tauno Williams]

> 1) If you disable the roaming profiles, then operating reverts back to
> something that resembles local accounts, yet they are domain accounts. Roaming
> profiles is not the answer, it is the question, the answer is NO! ;-)

We use policies to control roaming profiles, and it works quite well.
You can defined some folders to be excluded from propogation (they are
always local) and other can be redirected - so for instance the
"desktop" is really a folder on a server, "My Document" is a folder in
their home directories, same with "Images", etc...

This makes it easy to also do things like drop items onto user's
desktops.

> 2) Sounds like you need to simply change the ACL on the ODBC portion of the
> registry so more users can make entries / modifications down there. Use
> RegEdt32 to change the persmissions, there are also command line.... oh no
> there isn't - that would be propritary C++ code I am thinking of... never mind.
> You can RegEdt32 or write your own C++ code to make the change.

There are perl modules for making registry changes as well.  Perhaps you
can do this via .NET (C#) as well.

> Look at HKLM\Software\ODBC...

Some (many... most?) applications that are poorly designed (the one in
question clearly is) walk all over the registry;  but their are several
registry watching tools for tracking down what keys/values an
application is attempting to twiddle (ntregmon is one)