As I noted earlier, there are problems with Windows’ roaming profiles in Samba. To be more accurate, there are problems with Windows’ roaming profiles in general, but most people don’t bother enabling them until they migrate to samba. It appears as though they were designed to be operated with an intermittant high-speed link, where it synchronizes your data (registry, settings, Desktop folder, Start Menu, IE cookies/history/etc., along with all your actual data, including “My Documents,” and it’s children, “My Pictures” and “My Music”) when you login, and again when you log out. In practice, this synchronization means logging in takes about a minute, and logging out (depending on how much stuff you’ve done) takes another minute or two — and it’s totally unacceptable to have your lab machines just sit on their hands for a minute while they unnecessarily copy (literally) hundreds of MB of crap they could just as easily access directly from the samba share. For the Unix-heads around, imagine if networked home directories worked by rsync’ing your home directory to the client machine and then back again when you logged out — dragging your gig-or-so worth of settings, caches, and data both ways. Multiply that by a few dozen users and you fill up your client machines’ disks with a quickness.
So, after some googling, I found a couple links describing how to speed up this stuff by editing the user’s registries to point to the networked resources directly (which it won’t try to synchronize).
As an aside: the best gotcha I’ve ever seen is how Windows (evil bastard that it is) keeps your NTUSER.DAT registry file on the profile share open after you’ve logged out. I fixed this by rebooting the Windows client box, though it’s probable that killing the smbd process (smbcontrol <pid-of-cxn-from-smbstatus> close-share) would do the job as well. It doesn’t appear as though it’s actually doing anything with the file, just holding it open.
After fiddling around, login time for my user was back down to a reasonable 2 – 5 seconds (the time it takes to download and apply the NTUSER.DAT file). I also setup my boss’ profile the same way, since he actually uses Windows for something other than fixing it, and thus is in a better position to tell me if things go horribly awry because of it.
One thing to keep in mind when using roaming profiles is that you should _make sure_ that the windows installations the users frequent are almost identical. A few differences here and there will ultimatly corrupt the users registry and things start to go horribly wrong.
This is probably something you know — but it could be useful to know before the ensuing problems gives you an ulsor…
I usually recomend people not to use roaming profiles and only set users home-directory to be centralized. Sure, you have to add a few lines to your backup-script, but hey.. ulsors suck even more than extra work
Yeah, the setups are already pretty homogenous thanks to Symantec Ghost and will soon be moreso thanks to Unattended (aside from the hilarity of “hit F12 at boot to re-install Windows”).
Are you using Windows 2000? If a service holds a key open after the user logged out, then the registry cannot be unloaded.
XP, so yeah.