X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: mwoehlke <mwoehlke AT tibco DOT com>
Subject:  Re: group"S-1-2-0"(users who login locally)in ssh;windows 2003
Date:  Wed, 16 Aug 2006 14:44:35 -0500
Lines: 66
Message-ID: <ebvsj3$bu7$1@sea.gmane.org>
References:  <200608161821 DOT k7GIL5VW024015 AT tigris DOT pounder DOT sol DOT net>
Mime-Version:  1.0
Content-Type:  text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding:  7bit
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.5) Gecko/20060719 Thunderbird/1.5.0.5 Mnenhy/0.7.4.0
In-Reply-To: <200608161821.k7GIL5VW024015@tigris.pounder.sol.net>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Tom Rodman wrote:
> Hosts effected:
> 
>   several boxes running windows 2003 server w/cygwin (1.5.20s(0.155/4/2) 20060403 13:33:45)
> 
> Problem (or feature?): 
> 
>   when you ssh to these boxes, and run:
> 
>     $WINDIR/system32/whoami /all |grep -q S-1-2-0 || echo OOPs # "OOPS" echos :-<
> 
>     "S-1-2-0" == "Users who log on to terminals locally (physically) connected to the system."
> 
> Under windows 2000 (also a different cygwin version), ssh sessions show group membership
> in "S-1-2-0":
> 
>    $ '/drv/c/Program Files/Resource Kit/whoami' /all|grep S-1-2-0
>    [Group  9] = "LOCAL"  S-1-2-0
> 
> The reason I care is that is that several tools we call from cygwin, will
> not run unless the session is in S-1-2-0.

What makes you say this? What tools?

> I'm not sure if this is a cygwin version issue, or due to windows 2003.
> Any thoughts/can others test this in an ssh session?:
> 
>   $WINDIR/system32/whoami /all |grep -q S-1-2-0 || echo OOPs

FWIW, on my 2k3 box, I show up as a member in S-1-2-0 both logged in 
"locally" (via Remote Desktop Sharing, with which I have never had 
anything "not work") and via Cygwin sshd. Under ssh, all privileges are 
"enabled", under "local", only SeChangeNotifyPrivilege, 
SeImpersonatePrivilege and SeCreateGlobalPrivilege are enabled.

Here are all system group memberships

"local" groups:
---------------
Everyone                          Well-known group S-1-1-0
LOCAL                             Well-known group S-1-2-0
NT AUTH*\REMOTE INTERACTIVE LOGON Well-known group S-1-5-14
NT AUTH*\INTERACTIVE              Well-known group S-1-5-4
NT AUTH*\Authenticated Users      Well-known group S-1-5-11
NT AUTH*\This Organization        Well-known group S-1-5-15
NT AUTH*\NTLM Authentication      Well-known group S-1-5-64-10
BUILTIN\Administrators            Alias            S-1-5-32-544
BUILTIN\Users                     Alias            S-1-5-32-545
(*Abbreviated for line-wrapping)

ssh groups:
-----------
Everyone                         Well-known group S-1-1-0
LOCAL                            Well-known group S-1-2-0
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11
NT AUTHORITY\SERVICE             Well-known group S-1-5-6
BUILTIN\Administrators           Alias            S-1-5-32-544
BUILTIN\Users                    Alias            S-1-5-32-545

This probably doesn't have much to do with your problem, but might 
relate to some of the other ssh problems people (including myself) have 
been having.

-- 
Matthew
vIMprove your life! Now on version 7!


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/