On Aug 16 15:49, Tom Rodman wrote: > On Wed 8/16/06 14:44 CDT mwoehlke wrote: > > Tom Rodman wrote: > > > Hosts effected: > > > > > > several boxes running windows 2003 server w/cygwin (1.5.20s(0.155/4/2) > > > 20060403 13:33:45) > > > > > > Problem (or feature?): > > > > > > when you ssh to these boxes, and run: > > > > > > $WINDIR/system32/whoami /all |grep -q S-1-2-0 || echo OOPs # "OOPS" > > > echos :-< > > > > > > "S-1-2-0" == "Users who log on to terminals locally (physically) > > > connected to the system." > > > [...] > > FWIW, on my 2k3 box, I show up as a member in S-1-2-0 both logged in > > "locally" (via Remote Desktop Sharing, with which I have never had > > anything "not work") and via Cygwin sshd. > > That's encouraging. The tool that fails for us (only in ssh) has been > doing so on several previous versions of cygwin, in all cases under > windows 2003; my hunch is there is something specific about our setup > that is causing the ssh session to not be in S-1-2-0. Days (or weeks from > now) I will try upgrading cygwin, and followup with cygcheck output if > the problem persists.
Maybe there's a difference between password and pubkey authentication? Or it's some security setting? I could easily imagine there's a switch in "local Security Settings" or "Domain Security Settings" which drops the LOCAL group from the token. There's a lot of mysterious stuff in 2K3... Whatever it is, it must be something related to 2K3. Cygwin doesn't differ the different OSes in terms of authentication. I also have the LOCAL group as part of my user token on 2K3. Temporary Workaround: Add the user to the local group by adding them to a manually created entry in /etc/group: local:S-1-2-0:2:user1,user2,... Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/