sshd and network share permissions

Joseph Hetrick cygwin@bitjanitor.net
Thu Apr 6 15:58:00 GMT 2006 

Hello,
	I've been through the list archives and have googled fairly heavily and 
am up against a wall.

	I've set cygwin sshd up according to the following (which seems to be 
what is posted to the list at various intervals).

http://pigtail.net/LRP/printsrv/cygwin-sshd.html


I'm having a problem gaining access to remote shares.  Attached is my 
cygcheck out and I'll add the following:

1) Logged in as a normal user, I find that attempts to net use resources 
  on samba shares and I see:

Username MY.AD.DOMAIN\WIN007$ is invalid on this system

Windows shares generate similar errors in the eventlog as the 
machinename WIN007 is carried over instead of a proper username.

I've looked through the archives and the general discussion indicates 
that this breakage happens when folks are using RSAAuth...I am not. 
I've forced passwd auth, and I've restarted sshd without success.

Is this a symptom of sshd running as SYSTEM?

There is a single public share I do have access too, and mounting that 
shows that on the unix side my permissions are mapped and look like I 
should have r/w access.  In practice, however, I do not.  Similar errors 
as the above samba error show up in the event log for the 2k3 host doing 
the file serving.

Additionally:

If I do navigate to a public mountpoint and find a spot I have write 
access to, what I see happen is that when I create a file, from the 
ssh'd shell, things look as I would expect as far as ownership goes:

ex:
-rw-r--r-- 1 user_wa Domain Users 0 Apr  6 09:53 test

If I go there and look from a local shell:

-rwx------+ 1 ??????????? Domain Computers 0 Apr  6 09:53 test

(user_wa is an Admin)

Clearly the perms I think are applied are not, and I must have something 
misconfigured of I'm misunderstanding something.

Am I miss understanding something about ntsec or smbntsec in this instance?

As a little background, I'm a Unix Admin trying to create a unixified 
win host to do some management design, so, the nuances of win security 
are a bit new to me.

Thanks,

Joe
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20060406/7e3a5858/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list