From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 34315 invoked by alias); 10 Oct 2015 04:06:37 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 34280 invoked by uid 89); 10 Oct 2015 04:06:28 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.0 required=5.0 tests=AWL,BAYES_50,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: Ishtar.hs.tlinx.org Received: from ishtar.tlinx.org (HELO Ishtar.hs.tlinx.org) (173.164.175.65) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Sat, 10 Oct 2015 04:06:27 +0000 Received: from [192.168.4.12] (Athenae [192.168.4.12]) by Ishtar.hs.tlinx.org (8.14.9/8.14.4/SuSE Linux 0.8) with ESMTP id t9A46MpJ053251 for ; Fri, 9 Oct 2015 21:06:25 -0700 Message-ID: <56188EBE.5020607@tlinx.org> Date: Sat, 10 Oct 2015 04:06:00 -0000 From: Linda Walsh User-Agent: Thunderbird MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: strange cygwin sshd user generated (user name includes machine name) References: In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-IsSubscribed: yes X-SW-Source: 2015-10/txt/msg00115.txt.bz2 Peter Moore wrote: > Hi, > > I have a powershell script for installing cygwin and setting up sshd which I am using as UserData when firing up a Windows 2012 R2 instance in AWS EC2. > > The same command succeeds when run manually, but fails when called from automation. I’m trying to understand what it is that is different, so I can fix it in automation. > ---- I have both a domain account (Bliss) and a local account on my winclient(Athenae): Bliss\linda & linda Using Domain account on client -> Domain server > ssh Bliss server logs say: ... sshd[49322]: pam_winbind(sshd:account): user 'Bliss\linda' granted access using > ssh linda@Bliss, server logs say: sshd[51179]: pam_winbind(sshd:account): user 'linda' granted access Using local account on client ->Domain: > ssh Bliss server says: Oct 9 20:51:21 Ishtar sshd[51787]: pam_winbind(sshd:account): user 'linda' granted access if I want to login to the domain account, I need to specify it as the user: > ssh 'Bliss\linda'@Bliss server says: sshd[51982]: pam_winbind(sshd:account): user 'Bliss\linda' granted access so in the above case, I am seeing a similar "symptom" -- where it uses 'domain\user' when I'm logged in my domain account and just 'user' if I specify 'user@Domain'. Both login to the *same* account on the PDC -- because on the PDC local users are domain users -- because the SID of the local machine is the same as the domain SID. I.e. on the domain server, I can display the domain or the local machine SID: > net getlocalsid #note, it equates local machine name as a domain name in this case SID for domain ISHTAR is: S-1-5-21-33333-77777-33333 When I ask for the domain sid: it displays both: > net getdomainsid SID for local machine ISHTAR is: S-1-5-21-33333-77777-33333 SID for domain BLISS is: S-1-5-21-33333-77777-33333 ---- So first, obvious question is "are domains involved", but 2nd question ... are the machine 'SIDS' the same in both cases? I.e. when you run 'live' vs. run under automation, maybe the 'automation' looks like a different machine name and uses a different 'sid'? That'd be my best guess...I only replied because I have seen the same symptom depending on usage of the domain vs. local account. Good luck! -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple