X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=BdnvR7DcC6rT1HLVsRthGGvrLD9IIlnYxTW1C+Z8tnG2pvBWnV3oX Ws8ARg+HWjz5QBG8IEG77WAuASeas30Mia5WybMkOvbihuwq2/5S8gIEqBGFyiOh uGY+nWOaIXgpOwo60t8usN5j7dquQk/vrE9FzymNtbY1zJPTrzjctY= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=sAN+0Q9DGZAmY/NTs507s0EAaEY=; b=oIbcr5+VS6z42PSvsEYwvE8pVStl /vU7qVdyxvEffV69DjSvg5REZcIr0NId+9W0cpz7Na4LoejVT/Y3I65/U+1DRGIm q2wEXy+TeiZwdyZbVC7ozpK20NOXIHGUEjcL+gFI8jXA6spmIZlWV0Iuj6jDibH1 KTv91/6QVqS99NE= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Date: Tue, 19 Aug 2014 21:08:59 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: Windows Server 2012R2 64bit and 32bit Cygwin sshd Message-ID: <20140819190859.GR2280@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <8761hphfps DOT fsf AT Rainer DOT invalid> <20140819170235 DOT GB29878 AT calimero DOT vinschen DOT de> <87bnrgpf8e DOT fsf AT Rainer DOT invalid> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="s9pXJW6w71JX4l3T" Content-Disposition: inline In-Reply-To: <87bnrgpf8e.fsf@Rainer.invalid> User-Agent: Mutt/1.5.23 (2014-03-12) --s9pXJW6w71JX4l3T Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Aug 19 19:21, Achim Gratz wrote: > Corinna Vinschen writes: > > This is a call to the Win32 API call NetUserGetGroups creating an > > exception due to an "access denied". The difference between 32 and 64 > > bit is probably a result of the differences in exception handling, and > > given that an ExceptionCode 5 will be ignored by Cygwin's exception > > handler, it's probably the next handler in the chain. >=20 > Well, as I said, Cygwin64 dutifully ignores the exception and then goes > to fetch my password from the registry and forks off the command given > to ssh. Yeah, as I said. > > Are you running sshd under a local cyg_server account or under a domain > > cyg_server account? Is it possible that this is a local cyg_server > > account, and as a non-domain account actually gets an "access denied" > > when trying to request AD user information? >=20 > It's a local account, actually I've got a separate account cyg_server32 > for that. I've double checked that this is set up the same way as the > original cyg_server account except for the home directory. It doesn't matter if it's the same. An exception is generated and 32 and 64 bit versions react differently for whatever reason. It's also really unnecessary to generate two accounts for this. > > If your cyg_server is a local account I'd suggest to try with an > > AD account per https://cygwin.com/faq/faq.html#faq.using.sshd-in-domain >=20 > I can try but the AD admins are still sitting on their thumbs for the > sshd domain account, so I don't have high hopes for fast enough > turnaround. Plus, they have new rules that forbid administrative > accounts that have unlimited activation, so I don't know how much use > this is. Setting up sshd should be the job of an admin in the first place. The domain account is a service starter account, not just some arbitrary administrative account. That, and much easier maintainance domain-wide should be blatantly obvious to the admins. > > Other than that I have a funny idea how to workaround this problem from > > inside Cygwin. If you want to give it a try, I'll send you a pointer > > to a 32 bit DLL via PM. >=20 > Yes please. As long as I don't get sshd to work, I can't use this > installation for its intended purpose anyway. Thanks, coming... Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --s9pXJW6w71JX4l3T Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJT86DLAAoJEPU2Bp2uRE+gARcP/RyY17HbSJvMySdbrfgDpMo5 BzubdMadkHESCIwn8fKnZihmwbX+FceKA/MdLFSdAgIwVlLuSIXG7kCFGA0bEwnn RcqDbuOGrDjUnGxGcHOYcFGalgX/JgmNaFDO1PUZc/x/b46Bc+sylWMfky6uCblZ dSkqmi5zs3eZ8vhhaFLWcbh1jYsMfRVvKNnRH+oNkFyOVFqkalaE2fx/ED5LT6Bg cLvj7jRPjz56vFZtqK3vy31+bCljKNO4eYFxrNOmY8fmks/2efnfBvWR1+qKozq+ /3gYDDIRiYrTQF6xJ2E/Qfv2QkLnCwDimunkiG3W1+C7YHjYwySdwW1CL60z5O+v M61k5h4bOrCdNmK25KIVWp90MN7Nuczc5nB1z2gFWOjxxajzMwSkNqZgZ7Z6ClaW 6x5pCxmaNaBgH8QkUN1PSxEHUonXghACSeHBXpK1TGGJsP5RnvAdFtzS7haYXzoG gCPun5ZWLkfsDWwmgd3FffsYYyYPQQChE7YfVlC0eGY0UX7pGuTgx+HHK9L+EAdm sUNe594yKSsOY9109ND10mBJ0al4ASWye3KM9upuSLxjQC0xwSUItJZLFpNUpfUG TJE6Mv+kjillGsxN4hVIx5oKPGrW6DmJoo0sJtC6L1mBzkNeWmkP6CCf5xcdvs5b HuVgVpqBnFunrX6qBEXT =m59J -----END PGP SIGNATURE----- --s9pXJW6w71JX4l3T--