X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; q=dns; s=default; b=Q7
	g5Q+5Pb+kch5+cqNi2EHNFki2OEl/DW2dxemh5ZnOk7nByO61GkbxuIsLebpo0bZ
	fmijuElFsywuptwbXdXwbjLUS4dJGhRx3CCwjLE7nSvLpgFoq4/fh6UiTNw8H+m1
	R43+sU233zF3Bn6giitzaPjPV9ivYfyFQGZx86/xA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; s=default; bh=9Wy81imd
	xximdB8H6p24V6RWvzo=; b=j+epw84jFncpAYvV3aweG7rT1aD1OPvMETAWcDGB
	JvTcFku4LupLYTZXz4nskgXDF4954IQXqcuskGRpVUNH/buZjLMEnc+dfaV/K5bC
	5FBPZ92OgU4Pe16DgU6GwTD2UJzl5e4su52UlpSWt6apnEijgsYk/M8WUjQJplIV
	vxc=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=2.0 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=securities, U*anrdaemon, anrdaemonyandexru, sk:anrdaem
X-HELO: mail-oi0-f52.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;        d=1e100.net; s=20130820;        h=x-gm-message-state:mime-version:in-reply-to:references:date         :message-id:subject:from:to;        bh=yUW/+Wrzn6WwGXXHZ+DmsNv1PVhSFohnNuiNEbb06B0=;        b=hic6I+tWVq7K5cpk0dAvYRPlAAPGwxp9cJB5FovLg+/X+WDPfJWDUU2cCfe2IFzxZM         gJY5YvL7Tgo9oTEyX65HB1KrLYgxaxhRsNtofz3Dv4zdvgJL9JXr4KMKXdnoruRX1rwe         9/5N9pr1rVd9/warzIaTEgKCKBpRmqirLeB8D9JpR9j7wYiBFdNXh9tKXtd3Bo2cHMNP         Acm7K0is3ZFxFgjl6SFvWUNSz/icGLmMkJKa9ItsOObu3YF1pGCCxXcQepLSUZ1s5DmC         ZWSomyGQ56Wt+m5FQe6sWsnu9mwWLvMwUGmhmGzdEd3Y0Rc2oH8U1Lsa7m3tbYpQugsu         1iyw==
X-Gm-Message-State: AOPr4FXDfns6+Vn+H2paC5e91gUYYUJyGG5Za33beiwoFFrrChvHRw2lwhIz5qvPNwa6z/kye6xRx6DboClMSg==
MIME-Version: 1.0
X-Received: by 10.157.35.113 with SMTP id k46mr1670674otd.34.1461691785601; Tue, 26 Apr 2016 10:29:45 -0700 (PDT)
In-Reply-To: <CAN2X4tHCF0=XAuhmyUzq3EsKxTgJvgLA52XUVfUEa_DU4fNMUg@mail.gmail.com>
References: <CAN2X4tEmO4H8=757x_CYFWPHtcOr+YMRfR2b07Vg7rFcrNY6tg AT mail DOT gmail DOT com>	<loom DOT 20160414T170618-303 AT post DOT gmane DOT org>	<CAN2X4tFfqgPS5Jc9=rodiv_4mE-mb3akSD925oA1tWy6C5jebA AT mail DOT gmail DOT com>	<87ega8t99o DOT fsf AT Rainer DOT invalid>	<CAN2X4tHMu32aFfAnbz0fC3heNLBHrXPxVkcQvp8+RgT_o7rNbw AT mail DOT gmail DOT com>	<87a8kwt39s DOT fsf AT Rainer DOT invalid>	<CAN2X4tExtHpod9R_LLwt4sFvEJKp_bSh=UpyLFys5SbK1A1XnQ AT mail DOT gmail DOT com>	<87r3e7lan9 DOT fsf AT Rainer DOT invalid>	<CAN2X4tGz2OJZ-m_hFjC9+ZcbjCZvHoNY_dQ8HW7vdsr9XwWMYg AT mail DOT gmail DOT com>	<153497950 DOT 20160418003315 AT yandex DOT ru>	<CAN2X4tHCF0=XAuhmyUzq3EsKxTgJvgLA52XUVfUEa_DU4fNMUg AT mail DOT gmail DOT com>
Date: Tue, 26 Apr 2016 13:29:45 -0400
Message-ID: <CAN2X4tEsWhTcmi=LOvbFgHaEJzaPsvcrG-DXcyM=7vtGMry5fg@mail.gmail.com>
Subject: Re: Cygwin-2.5.0 net share wbadmin no longer working post update
From: Alexandria Gutierrez <alegutier AT gmail DOT com>
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=UTF-8
X-IsSubscribed: yes

I wanted to provide an update in order to help others with the same issue.

We ended up using method 3 from this link:
https://cygwin.com/cygwin-ug-net/ntsec.html

Switching the user context without password, Method 3: With password

Essentially as the user run "passwd -R" in order to store the password
in the registry.
Given our setup this was the best option for us, due to our current
securities restrictions. Keep in mind that this option is most likely
not the best solution for everyone.

Thank you again for the assistance everyone.



On Mon, Apr 18, 2016 at 1:28 PM, Alexandria Gutierrez
<alegutier AT gmail DOT com> wrote:
> I am still scratching my head on this one. I did read the link you
> provided. I am sure this should not be an issue as we have been
> running this for a long time without any issues. Keys where never an
> issue in that past. Currently the other computer is still auth via AD
> using cyg_serv as a domain user and running cyg_serv with SYSTEM
> privilege via gpo. That second computer is doing backups with out any
> issues. It is only the updated 2.5.0 machines we are having issues
> with. I will go over the link and ensure that the we are creating the
> token if necessary. If I find anything I will keep you updated as well
> as this could help others in the future as well.
>
> On Sun, Apr 17, 2016 at 5:33 PM, Andrey Repin <anrdaemon AT yandex DOT ru> wrote:
>> Greetings, Alexandria Gutierrez!
>>
>>> I been working on this today and have figured a few things out:
>>
>>> The issue appears to be only be affecting us when we use ssh keys to
>>> authenticate. When we do not have keys for authentications the command
>>> gets executed successfully:
>>
>> This is actually somewhat predictable.
>> Please check the http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
>>
>>> Here is the full command I am sending over ssh:
>>
>>> ssh USER AT cygservername -q -n -v '/cygdrive/c/windows/Sysnative/wbadmin
>>> DELETE CATALOG -quiet ;  [[ -f /cygdrive/c/windows/Sysnative/nfsadmin
>>> ]] && /cygdrive/c/windows/Sysnative/nfsadmin client stop ;
>>> /cygdrive/c/windows/Sysnative/wbadmin START BACKUP -user:USER
>>> -password:PASSWORD -backuptarget:\\\\SERVERNAME\\PATH\\TO\\SHARE
>>> -allCritical -systemstate -quiet;  [[ -f
>>> /cygdrive/c/windows/Sysnative/nfsadmin ]] &&
>>> /cygdrive/c/windows/Sysnative/nfsadmin client start' 2>&1
>>
>>> When I have ssh keys available for USER to authenticate without a
>>> password, I reseive the same error:
>>
>>> "ERROR - The user name or password is unexpected because the backup location
>>> is not a remote shared folder."
>>
>>> But when I remove the keys, and I am prompted for password, the
>>> command executes correctly.
>>
>>> This is very strange, and I am not quite sure that could be triggering this.
>>> Event viewer does not show anything.
>>
>>> Is there anyway I can enable debug on sshd? for example /usr/bin/ssh -d ?
>>
>> Yes, you can do that. Though, the results may be skewed, if you run SSHD
>> from another user's account. (Other than its normal one, I mean.)
>>
>>> Thank you again for the ongoing assistance
>>
>>
>> --
>> With best regards,
>> Andrey Repin
>> Monday, April 18, 2016 00:28:12
>>
>> Sorry for my terrible english...
>>

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple