login winXP home edition

pbs pnews@tiscali.co.uk
Tue Oct 9 16:29:00 GMT 2007


Morgan Gangwere wrote:
> On 10/2/07, pbs <pnews@someblokeintheukwantsananswer> wrote:
>> I am trying to get xdmcp to work on a winXP home edition machine. But
>> there are several issues that are cropping up. One of them can be
>> simplified by looking at problems with "login" from the command line prompt.
>>
> 
> Heres problem number One. WinXP Home = WinXP Pro - (service control +
> MultiLogin over network + real NT kernel)
> 
>> I have a number of Cygwin users and I have messed around with the
>> /etc/passwd file. The machine has a user called admin -- because the
>> administrator user does not seem to be available under XP home edition
>> other than in recovery mode etc.
>>
> 
> are you using mkpasswd and mkuser?

I was using mkpasswd. But I have solved my problem (sort of) It came
from reading these two posts
http://www.cygwin.com/ml/cygwin/2006-07/msg00587.html
Which led to bin/ssh-host-config
and http://www.cygwin.com/ml/cygwin/2006-07/msg00588.html

editrights -a SeAssignPrimaryTokenPrivilege -u username
editrights -a SeCreateTokenPrivilege -u username
editrights -a SeTcbPrivilege -u username
editrights -a SeServiceLogonRight -u username
editrights -a SeCreateGlobalPrivilege -u username
editrights -l -u $1

Then login from the user specified as username to any other ordinary
user works. So does "su -"

> Also, Administrator is availible under home for more that recovery
> mode -- look at TweakUI's user hiding, theres an option to allow
> Administrator to log in
>> Admin has administrator rights on the machine and I have altered the uid
>> to 0 in the /etc/passwd, so that it is root under Cygwin.
>>
> 
> bad idea? only root should be root.

It does not really matter. The trouble is that creating a Win 95 windows
account called root is not the best idea for network security as I do
not wish to have root mountable access to my samba servers.

> 
>> If I run login on the command from a bash command line prompt it works
>> for "login admin" and comes back with a "Last login:..." and "#",  but
>> for any other user it returns with
>>         Last login:..
>>         Login: no shell: /bin/bash: Permission denied
>> and looking at the log file I see the reason for the failure is
>>         CreateProcess failed, Win32 error 1314
>>
> 
> It may be that you are setting access permissions for /bin/bash wrong
> -- they should be rwxr-xr-x (744?) and belong to nobody.

The permissions are correct 755 it was never a problem with that it was
a problem with forking a new process.

>> Which is "A required privilege is not held by the client.
>> ERROR_PRIVILEGE_NOT_HELD" (see
>> http://help.netop.com/support/errorcodes/win32_error_codes.htm)
>>
>> I see from this posting "Re: "incorrect password" or "permission denied"
>> when switching users"
>> (http://cygwin.com/ml/cygwin/2004-02/msg00649.html) an explanation for
>> this behaviour. Including reading the
>> /usr/share/doc/Cygwin/openssh.README (which is not on my machine but was
>> available from http://pigtail.net/LRP/printsrv/openssh.README.txt
>>
>> Also  "Re: cygwin_logon_user() not working"
>> (http://cygwin.com/ml/cygwin/2003-07/msg00744.html)
>> http://cygwin.com/cygwin-ug-net/ntsec.html#NTSEC-SETUID
>>
>>
>> I have tried putting admin and the other user into the same group in
>> /etc/passwd (including SYSTEM group).
>>
>> I have tried making the second user (lets call it USER2) admin in the
>> Windows XP Control panel->User Accounts, but that does not work either.
> 
> are you creating limited accounts or "administrator" accounts?
> 
>> I have tried to log on Administrator but can not do so other than in
>> safe mode. http://support.microsoft.com/kb/290109/EN-US/
>>
> 
> Have you tried using the Non-Graphical (username: password: Domain:) login?

yes.

>> I also saw this "logon as a service for XP home edition"
>> (http://www.cygwin.com/ml/cygwin/2003-03/msg01298.html)
>> Which suggests using ntrights which led me to "How to Set Logon User
>> Rights with the Ntrights.exe Utility"
>> (http://support.microsoft.com/kb/279664)
> 
> Never heard of it.
> 
>> This tool is available in rktooks "Windows Server 2003 Resource Kit
>> Tools"
>> http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&DisplayLang=en
>>
>> But before I alter the group permissions at the windows OS level with
>> ntrights, I would like some advise on what I am doing because as an old
>> UNIX and VMS hacker I understand the concepts in principle but I do not
>> want to drive a coach and horses through Microsoft's attempts to protect
>> the system for what is basically an application level problem.
>>
> 
> right.
> 
>> So any advice (or a URL to such advise) on how to set up a WinXP home
>> edition, to allow a Cygwin root user to use the login program to login
>> as another user would be appreciated. Regards pbs
>>
> 

Thanks for your help Morgan :-)



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list