On Aug 21 11:13, Tom Rodman wrote: > On Fri 8/18/06 16:28 +0200 cygwin@cygwin.com wrote: > > The trick using /etc/group only works for password-LESS authentication, > > sorry for not mentioning it, but usually the problems reported here are > > with passwordless authentication so I just assumed this is the case here, > > too. > > A trick using /etc/group *does* work for password authentication - at > least for domain groups. We edit /etc/group, every day via a cron job -
Hmm, I'm a bit irritated since actually it can't work, at least not as you'd expect. If a user token created by a password logon is not matching the groups you added it to, the token is treated as invalid. This would happen, for instance, if the authenticating application (say, sshd), uses setgroups(2) with an entirely different set of groups. The result is that a new token is created in Cygwin, which has nothing to do with the orinal password token. Especially the new token is missing the network credentials and the user is again running in the wrong logon session. This is all a bit tricky. Right now, I don't know if it's possible to create a token with network credentials at all. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
