Re: Fwd: sshd access works only when user is member of Administrators

["Larry Hall (Cygwin)" <reply-to-list-only-lh at cygwin dot com>]

On 1/27/2013 10:12 AM, Godfried Borremans wrote:
> I try to use sshd on Windows 2008 Standard server: fresh install windows,
> fresh cygwin.
> Installation of ssh with ssh-host-config -y (standard)
> When I login with the administrator or with a user who is part of the
> administrators group I can login.
> If the test user is not part of the administrators group I do not get
> access: Permission denied.

<snip>

> If I reinstall the service with following command:
> /usr/bin/cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a "-d" -y
> tcpip -u cyg_server -w "password"

<snip>

> (Something confusing: in /etc/passwd both Administrator and my test user are
> member of the group "Domain Users". However these groups have a different
> GID: 513 for Administrator and 10513 for the test user.)

And that's the answer to your question.  Unless you've set cyg_server up as
a domain user (which the sshd_config script doesn't do), you won't be able
to switch to a domain user context.  10513 is typically named "Domain Users"
and is a domain group.  513 is typically named "None" and is a local group.
Make your test user a local user (which will put it in the 513 group) and
things should work better for you.


--
Larry

_____________________________________________________________________

A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple