1.7.1: connect though sshd - account missing group memberships

Robert Jacobson sl6yxkzz001@sneakemail.com
Fri Mar 12 14:56:00 GMT 2010


Hi,

I just updated from 1.5.x to 1.7.1.  This nicely resolved a "slow login" problem I was having with my domain account login.

However, I'm still having one issue that I've been unable to resolve (i.e. it occurrs with both 1.5.x and 1.7.1).  When I login via SSH, my administrative account does not have membership in the same groups as when I login locally.  I'm missing membership in the root and Administrators groups.

Perhaps relevant:  This machine used to be a member of another domain.  A few months ago the machine domain membership changed.  It now allows logins from accounts in either domain.

Interestingly, with cygwin 1.5.x, when I logged in with an administrative account from the "old" domain, the account had Administrative privileges.  With accounts in the new domain, Admin privs were missing.

Now with cygwin 1.7.1, admin accounts for BOTH domains are missing administrative privileges!

The domain accounts are explicitly members of the Administrators group.  They are also a member of Administrators by being in a domain group specified as being in the Administrator group ( I added the explicit membership because I thought it would help). 

When I login locally, with my admin account "rjacobso".
# id | sed 's/,/\n/g'
uid=106451(rjacobso) gid=10513(Domain Users) groups=0(root)
544(Administrators)
545(Users)
10513(Domain Users)
180988(GS-464-Users)
180982(GS-GG-464-OU Admins)
180984(GS-GG-464-Twiki-Admins)
180985(GS-GG-464-Twiki-Users)

When I login via SSH:

# id | sed 's/,/\n/g'
uid=106451(rjacobso) gid=10513(Domain Users) groups=545(Users)
10513(Domain Users)
180988(GS-464-Users)
180982(GS-GG-464-OU Admins)
180984(GS-GG-464-Twiki-Admins)
180985(GS-GG-464-Twiki-Users)

I've attached cygcheck.out, but in summary:
I'm using WinXP SP3, with SSHD privilege separation account "sshd". 

I'm not sure what other information I need to provide to help troubleshoot this, so if I've left something out please let me know and I'll provide it.

--
Robert Jacobson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck.out
Type: application/octet-stream
Size: 64176 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20100312/f8f3d980/attachment.obj>
-------------- next part --------------
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


More information about the Cygwin mailing list