This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Wich privileges required by ssh-host-config running user?

Dave Korn wrote:
Chris Taylor wrote:

Dave Korn wrote:

Chris Taylor wrote:

Dave Korn wrote:

Simplest workaround would be to always join the machine to the domain
first and install cygwin second.

And to install as the domain administrator, not the local admin, otherwise you run into this problem, as the OP has done.

Probably a domain user would suffice. It might be best if the domain
user account was made a "Power User" in the machine's local user

I'm not sure that power users have the ability to change ownership in
this way..

  Actually, I'm not sure either.  If "Power Users" isn't enough, it would need
to be a local admin.

It may be that you would be required to use a domain
administrator account to install and to set up any services you wished
to use, though I could be mistaken. I'd have to test it to see.

No, the issue is not what rights you have in the domain, but what rights the
domain user has over the local machine. Domain admins are automatically
admins over the local machine, and domain users are not, but domain users can
be made into local admins by anyone with admin rights over the machine (such
as the local admin) and it doesn't require domain admin rights.

  Basically, nothing you need to do to an individual machine should ever need
domain admin rights.  It's about _local_ rights.

cheers, DaveK

Good point.
However, it is potentially possible that the 'administrator' account on the local machine is locked down, without adversely affecting the administrators group, which could potentially cause the issues described by the OP - it would depend on the various group policy settings and such though.

It might be worth having the OP test manually changing the owner in both cygwin and windows if cygwin fails..

Cygwin: chown SYSTEM ssh_host_*
Windows: Select files, right click, properties, Security, Advanced, Owner, 'Choose other user' (or something to that effect), then specify SYSTEM and hit OK until you're back at explorer.
Please note that the windows method is only valid (afaik) on win2k3 servers.

Chris --

Spinning complacently in the darkness, covered and blinded by a blanket
of little lives, false security has lulled the madness of this world
into a slumber. Wake up! An eye is upon you, staring straight down and
keenly through, seeing all that you are and everything that you will
never be. Yes, an eye is upon you, an eye ready to blink. So face
forward, with arms wide open and mind reeling. Your future has
arrived... Are you ready to go?

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]