This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

second exec channel cannot access windows share (open-ssh)


Hi,

My company uses cygwin to enable client users to access an application through
open-ssh server via an ssh exec-channel. After the session connects fine, the
firstly created exec channel is able to access the mounted shares installed on
the box (in my test a Windows Server 2008 R2).
The issue comes when opening the second exec channel that is not able to access
the shares.

From the tests I made the second channel is not impersonating the user correctly
since it happears the application process runs as "Local System" which would
explain the issue.

The open-ssh service is installed under a special user account that runs with the
following settings in local security policy:
- adjust memory quotas for a process
- create a token object
- logon as a service
- replace a process level token

I tried to add this but without success:
- impersonate a client after authentication

I've also read the doc "Using Windows Security in Cygwin" but I'm unsure of the
correct diagnostic for the problem: wrong setting (do I need to use LSA authentication)
or is it a bug?

Any advice will be appreciated.
Thanks,

--Gilles

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]