On May 13 11:49, Schutter, Thomas A. wrote: > Corinna Vinschen wrote: > > > Except that is not what I am seeing. When I run "id" from a console > > > cygwin shell: > > > $ id > > > uid=18718(tschutter) gid=10513(Domain Users) > > > groups=544(Administrators),545(Users),10513(Domain > > > Users),18169(FDSV-GG-PrxBLD),22611(FDSV-GG-PrxPCAdmins) > > > > > > But when I run "id" from a ssh shell: > > > $ id > > > uid=18718(tschutter) gid=10513(Domain Users) > > > groups=545(Users),10513(Domain Users) > > > > > > So when I am using pubkey authentication, the user token is not a > > member > > > of the "Administrators", "FDSV-GG-PrxBLD", or "FDSV-GG-PrxPCAdmins" > > > groups. > > > > That wasn't what I was talking about. I was just referring to the > > assertion that Windows doesn't know about user impersonation or > > user switching. > > > > As for your user token, Cygwin tries to get information about the user > > by asking the local machine what local and global groups the user is > > member in. Some local groups are only in the user's group list, > > because > > one of the global grouyps is in turn member of a local group, which is > > probably the case for the Admin's group. For some reason your local > > machine doesn't return any of the information about the global domain > > groups your user is member in. Possible reasons are that retrieving > > the > > PDC for the user's domain fails, or that the PDC refuses to list the > > user's groups for some reason. That's something you would have to > > debug > > in your local installation. > > Ahh. From my original email from a console cygwin shell: > $ echo $USERDOMAIN > FLOODDATA > > But when I login via ssh: > $ echo $USERDOMAIN > FDSVBLD01SGRAPE > > So when I login via ssh, the USERDOMAIN is set to the local machine > rather than the domain. So I would suspect that the PDC is not even > being queried.
You're jumping to conclusions. The reason why USERNAME and USERDOMAIN are wrong I explained in my first reply. Both values don't matter when Cygwin tries to connect to the PDC, as long as the /etc/passwd pw_gecos field contains a valid U-DOMAIN\username entry. This information is used to connect to the PDC. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
