| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| From: | Miles Sabin <miles AT milessabin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Date: | Tue, 1 Feb 2005 02:12:46 +0000 |
| User-Agent: | KMail/1.6.2 |
| MIME-Version: | 1.0 |
| Message-Id: | <200502010212.46364.miles@milessabin.com> |
| X-SA-Exim-Connect-IP: | 195.184.234.172 |
| X-SA-Exim-Mail-From: | miles AT milessabin DOT com |
| Subject: | SSH and COM |
| X-Spam-Checker-Version: | SpamAssassin 2.63 (2004-01-11) on meinong.milessabin.com |
| X-Spam-Level: | |
| X-Spam-Status: | No, hits=-4.2 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 |
| X-SA-Exim-Version: | 4.1 (built Wed, 05 Jan 2005 11:09:49 -0500) |
| X-SA-Exim-Scanned: | Yes (on meinong.milessabin.com) |
| X-IsSubscribed: | yes |
Hi folks, My apologies if this question turns out to be more a general Windows security issue than something cygwin and ssh specific, but cygwin/ssh is the context I'm seeing my problem in and I'm utterly baffled ... any insight would be most welcome. I'm attempting to launch a parallel application on a Win2k cluster using cygwin's ssh(d) in conjunction with a simple distributed shell. This application uses COM automation to create and manipulate Excel instances. The user domain account on the cluster machines has the appropriate privileges to be able to do this (verified by logging into the machines as that user via terminal services and launching the application manually). However, when logged in via ssh, the privileges appear to be sensitive to the user account that the login was _from_. Specifically, * With an ssh login from user1 AT workstation to foo AT cluster the launched application can successfully create and manipulate Excel instances. * With an ssh login from user2 AT workstation to foo AT cluster the launched application manages to create Excel instances, but fails when attempting to manipulate them with a generic 80070005 Access is denied error. The solution is obvious: find out the differences between user1 and user2 and bring them into line. Unfortunately (or maybe fortunately ;-) that's out of my hands: I'm not an admin at this site and I just have to hope that the people who are will be able to deal with it. What I'd really like to understand, tho', is how this can possibly happen. I wasn't aware that the SSH protocol had any mechanism for communicating the identity (especially a Windows domain identity) of the _originator_ of an ssh connection. Surely the only identity and credentials which should be relevant are those of the target account? What's going on here? Something like the ident protocol? Any pointers you can give me which I can pass on to the people who are in a position to fix the problem would be very much appreciated. Cheers, Miles -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |