Ken Turner wrote:
I've posted on this problem before
(http://www.cygwin.com/ml/cygwin/2006-11/msg00568.html) but now have a
better idea of what's going wrong. (I haven't supplied "cygcheck"
output as my question
is generic.)
Our Unix file server uses the TAS program to deliver files via SMB to
Windows clients. Up to CygWin 1.5.18-1 this worked just fine. All
versions of CygWin since then give "permission denied" when trying to
read these files. Changing CygWin options (e.g. "nontsec", "nontea",
"nosmbntsec", "notraverse") doesn't help. Trying to set domain details
in /etc/passwd doesn't help. I think the problem is that CygWin after
1.5.18-1 got a lot stricter about checking domains when checking
permissions.
It turns out that these files are being served up with a fake domain
name "D1" (because our Unix server isn't part of a Windows domain).
When I log in I am authenticated against a real domain "D2". As a
result, "D2\kjt" cannot access files whose permissions are set for
"D1\kjt". There doesn't seem to be any way of influencing the choice
of fake domain name "D1", so I need a client-side solution.
Is there any way to get CygWin or Windows to map domains (e.g. to
treat "D1" as equivalent to "D2")?
It's called trusts
(http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/deploy/dgbe_sec_ztsn.mspx?mfr=true).
You need to get the Windows administrator for D1 to establish a trust
relationship with D2.
Oh and you really should get the Unix admin to have the Unix system
participate fully in the Windows domains scheme too.
--
Andrew DeFaria <http://defaria.com>
Would a fly without wings be called a walk?
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
