On Oct 26 16:01, [email protected] wrote: > Hello, > > > With password > > authentication it's entirely up to the Win32 call LogonUser() to create > > that token and to manage that connection. Using pubkey authentication > > you have three choices described in the user's guide. Maybe one of them > > helps, see > > http://cygwin.com/1.7/cygwin-ug-net/ntsec.html#ntsec-setuid-overview > > > > > My decripted problem occurs with password and public key (without saved > password) authentication. > > I just asked the question because we see during network tracing that the > group policies are transferred to the client. > > Other logon processes (e.g. mounting a network drive with another user > than the logged on one) do not transfer the group policies. Is the call
I assume they don't have to since they only need the network credentials and policies are perhaps checked on the server. It looks like the underlying code uses something along the lines of LOGON32_LOGON_NEW_CREDENTIALS in a call to LoginUser. But that's just a guess. I don't know what's exactly going on under the hood. > LogonUser() really the right one, we use for the login procedure? When using password authentication or pubkey with saved password, yes. It's the one supported Win32 call to create a user token from user name and password. In contrast to a network share access, we need to create an interactive token using the LOGON32_LOGON_INTERACTIVE logon type. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
