| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Spam-Check-By: | sourceware.org |
| Date: | Fri, 23 Jul 2010 10:57:45 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Difficulty setting up domain SSH daemon under Domain Security Policies |
| Message-ID: | <20100723085745.GH8324@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <7C5E3B536F261B47A73B1F1F70F2683F0B1B733F AT DETEX01 DOT trade DOT archway DOT com> <OF29E120F4 DOT 529C2492-ONC1257767 DOT 0028C238-C1257767 DOT 00297F88 AT de DOT ibm DOT com> <7C5E3B536F261B47A73B1F1F70F2683F0B1B734E AT DETEX01 DOT trade DOT archway DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <7C5E3B536F261B47A73B1F1F70F2683F0B1B734E@DETEX01.trade.archway.com> |
| User-Agent: | Mutt/1.5.20 (2009-06-14) |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On Jul 22 17:28, Hunter, Bryan wrote:
> Here are the results.
> administrator AT detfs01 ~
> $ ssh-host-config -y -c "tty ntsec" -u "TRADE\sshd_server_domain"
> --privileged
> [...]
> *** Warning: Creating the user 'TRADE\sshd_server_domain' failed!
> Reason:
> The syntax of this command is:
>
>
> NET USER
> [username [password | *] [options]] [/DOMAIN]
> username {password | *} /ADD [options] [/DOMAIN]
> username [/DELETE] [/DOMAIN]
The ssh-host-config script is not made for that. It has been created to
set up a local sshd installation creating a local account. Please note
that I mentioned that already at one point: The script has been created
to help home users in the first place. A bit of AD support has been
added as a curtesy to the users, but it's not at all complete. For AD
environmentes, please follow the following procedure explained in the
FAQ: http://cygwin.com/faq/faq-nochunks.html#faq.using.sshd-in-domain
Having said that, patches to the ssh-host-config script (BSD-licensed,
part of the upstream sources, no snares attached) to add better AD
support are *much* appreciated.
But, given the potential complexity of domain policies, I don't think
there's a generic solution which could be handled by a simple generic
shell script.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |