DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=yGc8q6+dvB3JTBeMTprCdAzktjSHHsjXxztTDGUQgc+
	6rtn21RWw/bRKMVeZAAPZYxFz2/l+gX1pz/YVb0UV/LMTG7kOePorGe12soU+I6T
	hqzXijWVFKRqZeesm5ntd7M4MDmeU2hbmKHNpz1KokeETXBqWRzges4b2Z43PSlQ
	=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Message-ID: <56188EBE.5020607@tlinx.org>
Date: Fri, 09 Oct 2015 21:06:22 -0700
From: Linda Walsh <cygwin@tlinx.org>
User-Agent: Thunderbird
MIME-Version: 1.0
To: cygwin@cygwin.com
Subject: Re: strange cygwin sshd user generated (user name includes machine name)
References: <E7EAC5BC-C386-448C-B40D-53A1096374F2@mozilla.com>
In-Reply-To: <E7EAC5BC-C386-448C-B40D-53A1096374F2@mozilla.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

Peter Moore wrote:
> Hi,
> 
> I have a powershell script for installing cygwin and setting up sshd which I am using as UserData when firing up a Windows 2012 R2 instance in AWS EC2.
> 
> The same command succeeds when run manually, but fails when called from automation. I’m trying to understand what it is that is different, so I can fix it in automation.
> 
----
I have both a domain account (Bliss) and a local account on my 
winclient(Athenae): Bliss\linda & linda

Using Domain account on client -> Domain server
> ssh Bliss 
server logs say:
... sshd[49322]: pam_winbind(sshd:account): user 'Bliss\linda' granted access
using
> ssh linda@Bliss, server logs say:
sshd[51179]: pam_winbind(sshd:account): user 'linda' granted access


Using local account on client ->Domain:
> ssh Bliss
server says:
Oct  9 20:51:21 Ishtar sshd[51787]: pam_winbind(sshd:account): user 'linda' granted access
if I want to login to the domain account, I need to specify it as the user:
> ssh 'Bliss\linda'@Bliss
server says:
sshd[51982]: pam_winbind(sshd:account): user 'Bliss\linda' granted access

so in the above case, I am seeing a similar "symptom" -- where it uses
'domain\user' when I'm logged in my domain account 
and just 'user' if I specify 'user@Domain'.

Both login to the *same* account on the PDC -- because on the PDC
local users are domain users -- because the SID of the local machine
is the same as the domain SID.

I.e. on the domain server, I can display the domain or the local machine SID:

> net getlocalsid   #note, it equates local machine name as a domain name in this case
SID for domain ISHTAR is: S-1-5-21-33333-77777-33333

When I ask for the domain sid: it displays both:

> net getdomainsid
SID for local machine ISHTAR is: S-1-5-21-33333-77777-33333
SID for domain BLISS is: S-1-5-21-33333-77777-33333

----
So first, obvious question is "are domains involved",
but 2nd question ... are the machine 'SIDS' the same in both cases?

I.e. when you run 'live' vs. run under automation, maybe the 'automation'
looks like a different machine name and uses a different 'sid'?  
That'd be my best guess...I only replied because I have seen the same
symptom depending on usage of the domain vs. local account.


Good luck!


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple