The SSHD service is successfully running under the local cyg_server userid set up by ssh-host-config. Pulbic key authentication is working. It is running on a Windows 2003 Server with Domain Security Policies being pushed down from the Domain server. Using the windows GUI, access to change the local security settings is greyed out. After replication or some time passing, the cyg_server settings disappear from the local security settings. If running, the sshd service continues to work. If there is a need to restart the service, then the following procedure works: 1 Stop the service 2 Delete the service 3 Delete the cyg_server userid 4 Rerun ssh-host-config 5 Restart the service I am trying to setup access to the entire domain, and to that end tried creating a domain userid with various policies to run the service. When this userid propagates, it does not appear to propagate the "Create a token object" policy. When I run ssh-host-config and specify the new userid, I get a message that the userid has insufficient permissions. Indeed, it does not work. I am not sure which way to look at this, but can anyone provide some direction? Here are some points as I see them. 1 The ssh-host-config program doesn't say what permissions are inadequate. Is there a specific list of what is needed? 2 Is there a way to force ssh-host-config to create the permissions? It seems that it will only create permissions when creating a fresh new setup. 3 If the local security policies are indeed being over written and the create token object doesn't propagate, then it looks like some additional process is needed to recreate the privileges? Is there a different way of going about this? Would it make any sense to install SSH on the domain controller itself? Any guidance in this matter would be appreciated. Best Regards, Bryan Hunter
cygcheck.out
Description: cygcheck.out
-- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
