23.3 Mandatory Profiles


A Mandatory Profile is a profile that the user does not have the ability to overwrite. During the user's session, it may be possible to change the desktop environment, however, as the user logs out all changes made will be lost. If it is desired to not allow the user any ability to change the desktop environment, then this must be done through policy settings. See the previous chapter.

N OTE

graphics/round_pencil.gif

Under NO circumstances should the profile directory (or its contents) be made read-only as this may render the profile un-usable. Where it is essential to make a profile read-only within the UNIX file system, this can be done but then you absolutely must use the fake-permissions VFS module to instruct MS Windows NT/200x/XP clients that the Profile has write permission for the user. See Section 19.3.3.


For MS Windows NT4/200x/XP, the above method can also be used to create mandatory profiles. To convert a group profile into a mandatory profile, simply locate the NTUser.DAT file in the copied profile and rename it to NTUser.MAN .

For MS Windows 9x/ME, it is the User.DAT file that must be renamed to User.MAN to effect a mandatory profile.



Official Samba-3 HOWTO and Reference Guide
The Official Samba-3 HOWTO and Reference Guide, 2nd Edition
ISBN: 0131882228
EAN: 2147483647
Year: 2005
Pages: 297

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net