X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; q=dns; s=default; b=xZAgydV
	3KC09OnoDMD0MOrRITxkUGIBsvdYgUFVJOY23UTo/fxDutDSGp8VWthCwX9xH1n9
	ok8OvgSNsLbwdPtxKUqjo8oSrnUhEaWvzcOP4ZdPHaiCMmtsYwg4p3G4QL0W0j/k
	9pE7hmtpac9Xu+7BBilUcOSuH1KfIikWqCE4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; s=default; bh=VFV4TsH0Yg8gm
	4+Rwjv6B4YV3eU=; b=TSXB64cVpXG3lWSKLdRNNBsdP39x+KtYoQPe9kCgIY4+O
	EGt6gZcjfAjzJOxndCZYE4qaO14O9IyCgQANkE4Ny2WX8GdtGvnfZ5fkfyqFLpZB
	em2kr48RLBORfvX3fgi985/Eya1Ct8ZGVc9sy7kxvkozg3RhWSbrDbfQaCwNJ4=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=0.1 required=5.0 tests=BAYES_00,DNS_FROM_AHBL_RHSBL,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS,TIME_LIMIT_EXCEEDED autolearn=unavailable version=3.3.1 spammy=H*c:alternative
X-HELO: mout.gmx.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.com;	s=dbd5af2cbaf7; t=1551907529;	bh=2sjfmn0pvhzCsJVvKto3PVuNTloHJYdwoMEXVWG8tMA=;	h=X-UI-Sender-Class:References:In-Reply-To:From:Date:Subject:To;	b=BtYYRUR+oioBVbRFmUaxodLIvlS8p2ILOJPgLTHNtbYppH+1IJTPzza5kyz6QcG/x	 ftnrYg8ea1P/xFnJjl+G7CfnDorLz1rcLpZli812vQFXpnPZPmX/Bd/KSx4pq2wJ2a	 bO3vaZ64ND+aK+U0cXT94bCs66OMgsGjtqjywt/I=
X-UI-Sender-Class: 214d933f-fd2f-45c7-a636-f5d79ae31a79
MIME-Version: 1.0
References: <20190306010254.GA4210@zebra> <20190306121154.GN3785@calimero.vinschen.de> <20190306124816.GR3785@calimero.vinschen.de> <20190306141716.GS3785@calimero.vinschen.de> <20190306143424.GU3785@calimero.vinschen.de> <CANV9t=SHLCT_xN_T35qTgJmoEBu98gGPaKjHMt559MZ+AwyToQ@mail.gmail.com> <20190306153404.GX3785@calimero.vinschen.de> <CANV9t=QiOH4cB47XzKZsReH7RLdaB0CxgY-o3jYgZ46DbV3OdA@mail.gmail.com> <20190306201331.GB3785@calimero.vinschen.de> <CANV9t=RtsR8+KZ68QirxfiU9w_sGk9QnQejEyJVeBcrdiuOq0w@mail.gmail.com> <20190306205931.GC3785@calimero.vinschen.de>
In-Reply-To: <20190306205931.GC3785@calimero.vinschen.de>
From: Bill Stewart <bstewart@iname.com>
Date: Wed, 6 Mar 2019 14:24:59 -0700
Message-ID: <CANV9t=SEj2CpNNp-OzoKQ0nJ-qPN-9_7_8ELBpCCBGDH0FUOzw@mail.gmail.com>
Subject: Re: sshd problem on WS2008R2 64bit
To: cygwin@cygwin.com
Content-Type: text/plain; charset="UTF-8"
X-IsSubscribed: yes

On Wed, Mar 6, 2019 at 2:00 PM Corinna Vinschen wrote:

> > Whether this workaround is feasible likely depends on the end user. The
> > workaround has its own limitations. Here are at least 2 that I can
think of
> > right now:
> >
> > 1. The local user must have "Log on as a batch job" (SeBatchLogonRight)
> > user right.
> >
> > 2. The "Network access: Do not allow storage of passwords and
credentials
> > for network authentication" security policy must be set to "Disabled".
(If
> > this policy is set to "Enabled", then you can't create scheduled tasks
with
> > stored passwords.)
> >
> > It's a weird problem. The best option would be for Microsoft to provide
a
> > fix (if we can provide a short example program that reproduces it).
>
> I'm reasonably sure there won't be any fix for these systems for at
> least two reasons:
>
> - All affected systems are EOLed or in the last year of their Extended
>   Support Cycle, all ending on 2020-01-14.
>
> - I opened a support case for an older Windows release a couple of years
>   ago.  A fix for the problem has been refused because the problem was
>   fixed in the newer OS.  I got told literally that the fix is to upgrade
>   to the newer OS.

You are probably right about that.

I guess you're stuck explaining this quirk in the documentation and
explaining the workarounds.

For my part, I'm writing a PowerShell script that does the following:

1) Create a local user account
2) Grant it SeBatchLogonRight
3) Create a scheduled task for it

Regards,

Bill

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple