DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=LdtJtYtz2FmGW+XOti7l58jduPl5JGJTKlGCsKFHmFG
	GYTOkpiNpSssAciqxYuf4ZvSAeyJc+7bKeMaPypNF0cDzxzF+7DujC/sYzkeeGqn
	tXrj/+78fb0HxZn77ncA8dy0D5LswiXzdkgGsbziWx0t1gglocOtKmv0BvL3C63o
	=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Message-ID: <57F1D760.9030904@tlinx.org>
Date: Sun, 02 Oct 2016 20:58:24 -0700
From: Linda Walsh <cygwin@tlinx.org>
User-Agent: Thunderbird
MIME-Version: 1.0
To: cygwin@cygwin.com
Subject: Re: Unknown+User Unix_Group+505 on smb shares in a domian
References: <57EB4449.7010206@tlinx.org> <20160928180456.GA1128@hdmetxxxx33004g.AD.UCSD.EDU> <57F199B9.5010000@tlinx.org> <20161002234944.vywfzlwv3lwiaqof@Chronos>
In-Reply-To: <20161002234944.vywfzlwv3lwiaqof@Chronos>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Wayne Porter wrote:
> This is how it is currently set up. I can log in to the server via ssh
> or use the current method, which is to map the network share using my
> account credentials that they have set up for me. This works just fine
> in Windows and for the most part in Cygwin. I can read/write from the
> files but vim opens all files in read-only mode and I have to save using
> :w!
----
I hate it when that happens!  ;-)

So the files you are trying to access are from your own local login on those
machines?

Is there a reason why the login you have on those machines is a machine-local
login?

I.e. I believe you said earlier, that the machines are joined to the domain.
Say your domainname="domain", and you have a domain login "wporter".  

Can you login (or can anyone login) using domain credentials to those linux
machines?  OR can you arrange to be able to, then copy your files on those
machines to your domain account.  

If the remote files are owned by you and you are logged into your domain
account on your usual cygwin machine, then the permissions should match.

There's alot of permissions/privileges on Windows that don't map to anything
on Linux or cygwin.  So while cygwin can compare the access rights in the
things it knows about, it can't begin to know about various windows permissions
and controls that might allow you to override the normal file-access controls.

If you can't login to the linux machines on your domain account, could
you get root access long enough to chown the files over to your domain
account?

If you can't login to the linux machines w/your dom account, authenticating
your login w/the domain server might not be enabled.  Might also have
to create home directory for your domain account manually.

If they need to setup login checks for domain logins on those
machines, they need to add some windbind rules to the 
/etc/pam.d/common-<files>...  Just to give you an idea (they
should figure out the order by looking at relevant docs):

> grep winbind /etc/pam.d/common*
/etc/pam.d/common-account:account sufficient pam_winbind.so
/etc/pam.d/common-auth:auth     sufficient      pam_winbind.so
/etc/pam.d/common-password:password sufficient  pam_winbind.so
/etc/pam.d/common-session:session sufficient pam_winbind.so


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple