VS 2005 cl.exe /Zi fails under ssh public key authentication

Andrew Jorgensen andrew.jorgensen@gmail.com
Thu Apr 19 21:58:00 GMT 2007 

I've been digging deep to try to solve this issue.  I have read the
older threads regarding it[0].  I have an open ticket with MSDN
support to resolve it and we've made some progress but I need some
help at this point.

What we've learned so far is that the new version of cl.exe launches
mspdbsrv.exe as a separate process and then attempts to connect to it
using RPC.  When logged in over ssh using a password this works fine,
when logged in using public key authentication it fails because it
lacks permission to use RPC.

After a good deal of debugging Microsoft has advised me that if sshd
would start the user process with NT AUTHORITY\INTERACTIVE as one of
it's groups, which should be possible by simply changing the
parameters used when spawning the new process, or so they tell me.

I would greatly appreciate it if someone with experience with this
area of openssh would help me attempt to solve this problem.

The following are debug logs from MS regarding this issue (supposing
that might be some help, perhaps):

Case1: When Public/Private key authentication is used:
=============================================
lkd> !process 0 0 cmd.exe
PROCESS 89544da0  SessionId: 0  Cid: 03c0    Peb: 7ffdf000  ParentCid: 0714
    DirBase: 1a2cf000  ObjectTable: e3d46610  HandleCount:  44.
    Image: cmd.exe

lkd> !process 89544da0
PROCESS 89544da0  SessionId: 0  Cid: 03c0    Peb: 7ffdf000  ParentCid: 0714
    DirBase: 1a2cf000  ObjectTable: e3d46610  HandleCount:  44.
    Image: cmd.exe
    VadRoot 89074380 Vads 59 Clone 0 Private 167. Modified 0. Locked 0.
    DeviceMap e10087c0
    Token                             e3cf8538
    ElapsedTime                       00:09:12.692
    UserTime                          00:00:00.046
    KernelTime                        00:00:00.000
    QuotaPoolUsage[PagedPool]         29500
    QuotaPoolUsage[NonPagedPool]      2360
    Working Set Sizes (now,min,max)  (674, 50, 345) (2696KB, 200KB, 1380KB)
    PeakWorkingSetSize                675
    VirtualSize                       27 Mb
    PeakVirtualSize                   33 Mb
    PageFaultCount                    707
    MemoryPriority                    BACKGROUND
    BasePriority                      8
    CommitCharge                      507

        THREAD 8953e750  Cid 03c0.03c8  Teb: 7ffde000 Win32Thread:
e3b756c0 WAIT: (Executive) UserMode Non-Alertable
            895b61dc  NotificationEvent
        IRP List:
            89a5bb80: (0006,0094) Flags: 00000900  Mdl: 00000000
        Not impersonating
        DeviceMap                 e10087c0
        Owning Process            89544da0       Image:         cmd.exe
        Wait Start TickCount      21817540       Ticks: 32719 (0:00:08:31.234)
        Context Switch Count      196                 LargeStack
        UserTime                  00:00:00.031
        KernelTime                00:00:00.000
        Win32 Start Address 0x4ad05056
        Start Address kernel32!BaseProcessStartThunk (0x7c810665)
        Stack Init af3bb000 Current af3bac1c Base af3bb000 Limit af3b7000 Call 0
        Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 16
        Kernel stack not resident.


lkd> !token -n e3cf8538
_TOKEN e3cf8538
TS Session ID: 0
User: S-1-5-21-1417001333-1708537768-725345543-500 (User:
BLR3B07-11\Administrator)
Groups:
 00 S-1-1-0 (Well Known Group: localhost\Everyone)
    Attributes - Mandatory Default Enabled
 01 S-1-5-11 (Well Known Group: NT AUTHORITY\Authenticated Users)
    Attributes - Mandatory Default Enabled
 02 S-1-5-21-1417001333-1708537768-725345543-513 (Group: BLR3B07-11\None)
    Attributes - Mandatory Default Enabled
 03 S-1-5-32-544 (Alias: BUILTIN\Administrators)
    Attributes - Mandatory Default Enabled
 04 S-1-5-32-545 (Alias: BUILTIN\Users)
    Attributes - Mandatory Default Enabled
Primary Group: S-1-5-21-1417001333-1708537768-725345543-513 (Group:
BLR3B07-11\None)


Case2: When Password authentication is used:
=============================================
lkd> !process 0 0 cmd.exe
PROCESS 89b618f0  SessionId: 0  Cid: 07c8    Peb: 7ffdb000  ParentCid: 0e94
    DirBase: 7efbb000  ObjectTable: e391d2a0  HandleCount:  44.
    Image: cmd.exe

lkd> !process 89b618f0
PROCESS 89b618f0  SessionId: 0  Cid: 07c8    Peb: 7ffdb000  ParentCid: 0e94
    DirBase: 7efbb000  ObjectTable: e391d2a0  HandleCount:  44.
    Image: cmd.exe
    VadRoot 88f2aed8 Vads 59 Clone 0 Private 167. Modified 0. Locked 0.
    DeviceMap e3b234a8
    Token                             e3882030
    ElapsedTime                       00:01:29.638
    UserTime                          00:00:00.015
    KernelTime                        00:00:00.031
    QuotaPoolUsage[PagedPool]         29500
    QuotaPoolUsage[NonPagedPool]      2360
    Working Set Sizes (now,min,max)  (669, 50, 345) (2676KB, 200KB, 1380KB)
    PeakWorkingSetSize                670
    VirtualSize                       27 Mb
    PeakVirtualSize                   33 Mb
    PageFaultCount                    702
    MemoryPriority                    BACKGROUND
    BasePriority                      8
    CommitCharge                      507

        THREAD 8952acc0  Cid 07c8.0a7c  Teb: 7ffdf000 Win32Thread:
e3b176a0 WAIT: (Executive) UserMode Non-Alertable
            89ab7acc  NotificationEvent
        IRP List:
            89590508: (0006,0094) Flags: 00000900  Mdl: 00000000
        Not impersonating
        DeviceMap                 e3b234a8
        Owning Process            89b618f0       Image:         cmd.exe
        Wait Start TickCount      21878581       Ticks: 4503 (0:00:01:10.359)
        Context Switch Count      185                 LargeStack
        UserTime                  00:00:00.000
        KernelTime                00:00:00.031
        Win32 Start Address 0x4ad05056
        Start Address kernel32!BaseProcessStartThunk (0x7c810665)
        Stack Init af5fb000 Current af5fac1c Base af5fb000 Limit af5f7000 Call 0
        Priority 8 BasePriority 8 PriorityDecrement 0 DecrementCount 0
        Kernel stack not resident.


lkd> !token -n e3882030
_TOKEN e3882030
TS Session ID: 0
User: S-1-5-21-1417001333-1708537768-725345543-500 (User:
BLR3B07-11\Administrator)
Groups:
 00 S-1-5-21-1417001333-1708537768-725345543-513 (Group: BLR3B07-11\None)
    Attributes - Mandatory Default Enabled
 01 S-1-1-0 (Well Known Group: localhost\Everyone)
    Attributes - Mandatory Default Enabled
 02 S-1-5-32-544 (Alias: BUILTIN\Administrators)
    Attributes - Mandatory Default Enabled Owner
 03 S-1-5-32-545 (Alias: BUILTIN\Users)
    Attributes - Mandatory Default Enabled
 04 S-1-5-4 (Well Known Group: NT AUTHORITY\INTERACTIVE)  // This is
the group permission required for the RPC to happen.
    Attributes - Mandatory Default Enabled
 05 S-1-5-11 (Well Known Group: NT AUTHORITY\Authenticated Users)
    Attributes - Mandatory Default Enabled
 06 S-1-5-5-0-232084320 (no name mapped)
    Attributes - Mandatory Default Enabled LogonId
 07 S-1-2-0 (Well Known Group: localhost\LOCAL)
    Attributes - Mandatory Default Enabled
Primary Group: S-1-5-21-1417001333-1708537768-725345543-513 (Group:
BLR3B07-11\None)

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list