Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Sep 29 10:38, Roland Schwingel wrote: > Hi to all.. > > I have the very similar problem. > > >> > I can't do anything, it just becomes an inconvenience. > >> > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT > SERVICE+TrustedInstaller 0 Sep 26 08:50 c > >> > drwxrwx---+ 1 Administrators Domain Users0 Sep > 14 11:57 i > >> > drwxrwx---+ 1 SYSTEM SYSTEM0 Sep 26 > 12:55 j > >> > drwxrwx---+ 1 Administrators Domain Users0 Sep > 27 07:55 m > >> > drwxr-xr-x 1 rootieng6_root0 Jul > 12 04:04 v > >> > drwxrwxr-x 1 Unknown+UserUnix_Group+5050 > Sep 21 09:41 w > >> > drwxrwxr-x 1 Unix_User+99Unix_Group+1010 > Sep 21 15:20 y > >> > > >> > > > You can tell your IT dep to pull their asses up and join all servers > to > AD. That would be a much more straightforward solution. > > My servers (linux with samba 4.4) are joined to the domain. An older > cygwin 1.7 does not show this problem. Presently this problem hinders > myself for quite some while to move to a newer cygwin version. > > In my case it shows something like: > -rwx-- 1 Unix_User+roland Unix_Group+develop 25 Sep 11 13:13 test.png > > And some file operations fail in cygwin (2.4.1 - this was my last version I > have tried) - mostly writting to the files, while writting to the files from > windows directly works... > > Any help would also be appreciated. There is a server-side solution for this problem, outlined in the docs: https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nfs https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-samba HTH, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Wayne Porter wrote: This is how it is currently set up. I can log in to the server via ssh or use the current method, which is to map the network share using my account credentials that they have set up for me. This works just fine in Windows and for the most part in Cygwin. I can read/write from the files but vim opens all files in read-only mode and I have to save using :w! I hate it when that happens! ;-) So the files you are trying to access are from your own local login on those machines? Is there a reason why the login you have on those machines is a machine-local login? I.e. I believe you said earlier, that the machines are joined to the domain. Say your domainname="domain", and you have a domain login "wporter". Can you login (or can anyone login) using domain credentials to those linux machines? OR can you arrange to be able to, then copy your files on those machines to your domain account. If the remote files are owned by you and you are logged into your domain account on your usual cygwin machine, then the permissions should match. There's alot of permissions/privileges on Windows that don't map to anything on Linux or cygwin. So while cygwin can compare the access rights in the things it knows about, it can't begin to know about various windows permissions and controls that might allow you to override the normal file-access controls. If you can't login to the linux machines on your domain account, could you get root access long enough to chown the files over to your domain account? If you can't login to the linux machines w/your dom account, authenticating your login w/the domain server might not be enabled. Might also have to create home directory for your domain account manually. If they need to setup login checks for domain logins on those machines, they need to add some windbind rules to the /etc/pam.d/common-... Just to give you an idea (they should figure out the order by looking at relevant docs): grep winbind /etc/pam.d/common* /etc/pam.d/common-account:account sufficient pam_winbind.so /etc/pam.d/common-auth:auth sufficient pam_winbind.so /etc/pam.d/common-password:password sufficient pam_winbind.so /etc/pam.d/common-session:session sufficient pam_winbind.so -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Sun, Oct 02, 2016 at 04:43:42PM -0700, Linda Walsh wrote: > Wayne Porter wrote: > > > Essentially you have a bunch of users on different machines that aren't > > > sharing their files under any common (or shared) security authority > > > (like a single domain). Until you persuade the owners of those linux > > > machines > > > to move the linux machines under a common security authority (like a > > > windows > > > domain) and moving the user accounts into the domain. Each local account > > > would have to be moved to a domain account with the files under each > > > machine-local account being moved (or "chown'ed") to the new, > > > corresponding > > > domain account). > > > > The shares are mapped and working just fine in Windows. To IT, there isn't > > anything that needs to be done. It just happens that Cygwin, which I'm the > > only > > one using, maps the Windows mapped drives to an unknown user account and > > makes > > using it difficult. > --- > Working in windows where? What does "working just fine in Windows" > mean? > That people in explorer on your machine have read+write access to the > linux-shares? > > Or do you have domain access to the machines running Windows? > Are those machine in your Domain or are they outside your domain like the > linux > machines? > If I open the W:\ drive in Windows, I have full read/write access. This is established via NET USE commands at boot. Then when I open Cygwin and navigate to the same location, which has been mapped by Cygwin to /cygdrive/w/ the user permissions appear as in my first email. Even though it says I have read-only access, I have full read/write ability. > > > > > > This is an organizational problem that has nothing to do with > > > cygwin, but whether windows and linux machines are using domain or > > > machine-local > > > security. Until your linux machines and their local user become part of > > > the > > > domain, you can't expect any "write" privileges granted to you under the > > > domain to work on the linux machines. > > > > > > > I have write permissions on those machines from Windows. Cygwin thinks I > > don't so > > files are opened in read-only mode but when I force them to be written, it > > works. > > I'm not sure if maybe I left this out of my initial information, but these > > are > > shares that are mapped in Windows on login and there are no issues there, > > but once > > I open Cygwin, I don't appear to have write access even though I do. > --- > If you have write access, then you are saying the permission are not > displaying > properly in Cygwin. So do you have the same, *actual* access in Cygwin as > windows (ignoring what permissions may be displayed)? It could be that you > have domain-admin > access and are overriding listed permissions on remote machines. If it's the > case > that your user doesn't have R+W access, but you are a domain admin, you might > just > be overriding the write-restrictions in windows as well as cygwin. > Yes, I have the same permissions, Cygwin is just displaying the wrong thing. > > > > When mapping the drives in Windows, a username and password are given. Is > > there no > > way to let Cygwin know about that username without joining the servers to > > the domain? > > I know that this setup isn't ideal, which is why I'm trying to find a > > work-around. > --- > Bingo! You need to try something like > "runas [alternate credentials + alternate password] net use W: ..." > > That might work... but is really icky, since you can't easily automate that > without storing the password in clear-text in some file in your profile... > that's > not a good solution. > There are many things currently wrong with our setup and passwords in clear-text wouldn't be anything out of the ordinary, I'm afraid. The script that maps these shares with NET USE already have them in it and load on boot, so I just need to adjust them to use "runas" instead of the current way, which is just to specify the username and password in the command? If you look at the info I provided in my first message, the NET USE script I use is there, with the username and passwords redacted. signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Sun, Oct 02, 2016 at 04:35:21PM -0700, Linda Walsh wrote: > Wayne Porter wrote: > > The server that the W: drive is mapped on is not using domain accounts. As > > far as I know, > > all Linux servers we have are running local accounts. Is there something I > > can set in > > my local /etc/passwd to convince Cygwin to map it to my user account? > --- > Let me phrase this differently. > > The linux accounts that are not in your domain and are under > private user-names, are NOT something that you have "write" permission to. > It sounds like those users (users outside your domain -- and not within > your administrative group) have allowed "anyone" to have read access, but > it makes sense that they wouldn't trust "anonymous" (that's you, if you > haven't authenticated against their machine). You seem to be asking > for access to files owned by people outside your group (or maybe outside > your company, for that matter, it's not known). This is correct, the linux machines have local accounts that I have mapped to drive letters in Windows. They are my accounts set up with my username and password and I have full read/write access to the folders in question. Cygwin just thinks I have read-only access and when I attempt to write to the files, I can. > > The Domain is a means to provide common trusted access to a group > of people who have agreed to honor each others' permission settings. Right > now, the linux people are not in a common-trust group, so you can't force > your wanted access upon them. > > Until you and their machines share a common security token (the Domain > token), you can't have shared permission settings. > > Alternatively , you might be able to convince the linux people to > give you an account on each linux machine, and use that login when attaching > to a share on that linux machine -- but that would be a pain. Certainly, > if they agreed to use a common domain and shared things with other domain > users, that would be easier, but until they agree to be in a common domain, > you can't force your desired access upon them. > This is how it is currently set up. I can log in to the server via ssh or use the current method, which is to map the network share using my account credentials that they have set up for me. This works just fine in Windows and for the most part in Cygwin. I can read/write from the files but vim opens all files in read-only mode and I have to save using :w! signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Wayne Porter wrote: Essentially you have a bunch of users on different machines that aren't sharing their files under any common (or shared) security authority (like a single domain). Until you persuade the owners of those linux machines to move the linux machines under a common security authority (like a windows domain) and moving the user accounts into the domain. Each local account would have to be moved to a domain account with the files under each machine-local account being moved (or "chown'ed") to the new, corresponding domain account). The shares are mapped and working just fine in Windows. To IT, there isn't anything that needs to be done. It just happens that Cygwin, which I'm the only one using, maps the Windows mapped drives to an unknown user account and makes using it difficult. --- Working in windows where? What does "working just fine in Windows" mean? That people in explorer on your machine have read+write access to the linux-shares? Or do you have domain access to the machines running Windows? Are those machine in your Domain or are they outside your domain like the linux machines? This is an organizational problem that has nothing to do with cygwin, but whether windows and linux machines are using domain or machine-local security. Until your linux machines and their local user become part of the domain, you can't expect any "write" privileges granted to you under the domain to work on the linux machines. I have write permissions on those machines from Windows. Cygwin thinks I don't so files are opened in read-only mode but when I force them to be written, it works. I'm not sure if maybe I left this out of my initial information, but these are shares that are mapped in Windows on login and there are no issues there, but once I open Cygwin, I don't appear to have write access even though I do. --- If you have write access, then you are saying the permission are not displaying properly in Cygwin. So do you have the same, *actual* access in Cygwin as windows (ignoring what permissions may be displayed)? It could be that you have domain-admin access and are overriding listed permissions on remote machines. If it's the case that your user doesn't have R+W access, but you are a domain admin, you might just be overriding the write-restrictions in windows as well as cygwin. When mapping the drives in Windows, a username and password are given. Is there no way to let Cygwin know about that username without joining the servers to the domain? I know that this setup isn't ideal, which is why I'm trying to find a work-around. --- Bingo! You need to try something like "runas [alternate credentials + alternate password] net use W: ..." That might work... but is really icky, since you can't easily automate that without storing the password in clear-text in some file in your profile... that's not a good solution. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Wayne Porter wrote: The server that the W: drive is mapped on is not using domain accounts. As far as I know, all Linux servers we have are running local accounts. Is there something I can set in my local /etc/passwd to convince Cygwin to map it to my user account? --- Let me phrase this differently. The linux accounts that are not in your domain and are under private user-names, are NOT something that you have "write" permission to. It sounds like those users (users outside your domain -- and not within your administrative group) have allowed "anyone" to have read access, but it makes sense that they wouldn't trust "anonymous" (that's you, if you haven't authenticated against their machine). You seem to be asking for access to files owned by people outside your group (or maybe outside your company, for that matter, it's not known). The Domain is a means to provide common trusted access to a group of people who have agreed to honor each others' permission settings. Right now, the linux people are not in a common-trust group, so you can't force your wanted access upon them. Until you and their machines share a common security token (the Domain token), you can't have shared permission settings. Alternatively , you might be able to convince the linux people to give you an account on each linux machine, and use that login when attaching to a share on that linux machine -- but that would be a pain. Certainly, if they agreed to use a common domain and shared things with other domain users, that would be easier, but until they agree to be in a common domain, you can't force your desired access upon them. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Thu, Sep 29, 2016 at 11:34:14PM +0300, Andrey Repin wrote: > Greetings, Wayne Porter! > > >> Essentially you have a bunch of users on different machines that > >> aren't > >> sharing their files under any common (or shared) security authority > >> (like a single domain). Until you persuade the owners of those linux > >> machines > >> to move the linux machines under a common security authority (like a > >> windows > >> domain) and moving the user accounts into the domain. Each local account > >> would have to be moved to a domain account with the files under each > >> machine-local account being moved (or "chown'ed") to the new, corresponding > >> domain account). > > > The shares are mapped and working just fine in Windows. To IT, there isn't > > anything that needs to be done. > > If they really believe that, they are even less qualified than I've thought. > The whole thing works by a pure accident. And a slightest change in > conventions or default behavior of either Windows or Samba may bring the end > to the happy dreams of your IT dep. > > > It just happens that Cygwin, which I'm the only one using, maps the Windows > > mapped drives to an unknown user account and makes using it difficult. > > Windows maps it to an unknown user account also. > It just happens to know, from which server the account came and can fetch the > names in a subrequest. But they are NOT domain names, neither their UID's are > domain UID's. You can't even control permissions from domain, you'd need to > login to the machine and fiddle with perms locally. > > >> This is an organizational problem that has nothing to do with > >> cygwin, but whether windows and linux machines are using domain or > >> machine-local > >> security. Until your linux machines and their local user become part of > >> the > >> domain, you can't expect any "write" privileges granted to you under the > >> domain to work on the linux machines. > >> > > > I have write permissions on those machines from Windows. Cygwin thinks I > > don't so > > files are opened in read-only mode but when I force them to be written, it > > works. > > I'm not sure if maybe I left this out of my initial information, but these > > are > > shares that are mapped in Windows on login and there are no issues there, > > but once > > I open Cygwin, I don't appear to have write access even though I do. > > > When mapping the drives in Windows, a username and password are given. Is > > there no > > way to let Cygwin know about that username without joining the servers to > > the domain? > > I know that this setup isn't ideal, which is why I'm trying to find a > > work-around. > > I've had this same setup for years, and one unlucky friday, it blew in my face > when I was committing an important batch of change in my project to the > repository. > I've spent next two weeks salvaging the working copy. But nothing worked until > I said "fuck it" and finally took my time to reinstall 64-bit OS and setup a > domain (this is my home network, so I though with only me using it there's no > pressing... guess there was). > > My situation is not ideal and I will try to convince IT to change their ways, but there is a chance that I'll be using the current work-arounds for a while. Thanks for the advice and the warnings about what to expect in the future. Thanks, Wayne signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Greetings, Wayne Porter! >> Essentially you have a bunch of users on different machines that aren't >> sharing their files under any common (or shared) security authority >> (like a single domain). Until you persuade the owners of those linux >> machines >> to move the linux machines under a common security authority (like a windows >> domain) and moving the user accounts into the domain. Each local account >> would have to be moved to a domain account with the files under each >> machine-local account being moved (or "chown'ed") to the new, corresponding >> domain account). > The shares are mapped and working just fine in Windows. To IT, there isn't > anything that needs to be done. If they really believe that, they are even less qualified than I've thought. The whole thing works by a pure accident. And a slightest change in conventions or default behavior of either Windows or Samba may bring the end to the happy dreams of your IT dep. > It just happens that Cygwin, which I'm the only one using, maps the Windows > mapped drives to an unknown user account and makes using it difficult. Windows maps it to an unknown user account also. It just happens to know, from which server the account came and can fetch the names in a subrequest. But they are NOT domain names, neither their UID's are domain UID's. You can't even control permissions from domain, you'd need to login to the machine and fiddle with perms locally. >> This is an organizational problem that has nothing to do with >> cygwin, but whether windows and linux machines are using domain or >> machine-local >> security. Until your linux machines and their local user become part of the >> domain, you can't expect any "write" privileges granted to you under the >> domain to work on the linux machines. >> > I have write permissions on those machines from Windows. Cygwin thinks I > don't so > files are opened in read-only mode but when I force them to be written, it > works. > I'm not sure if maybe I left this out of my initial information, but these are > shares that are mapped in Windows on login and there are no issues there, but > once > I open Cygwin, I don't appear to have write access even though I do. > When mapping the drives in Windows, a username and password are given. Is > there no > way to let Cygwin know about that username without joining the servers to the > domain? > I know that this setup isn't ideal, which is why I'm trying to find a > work-around. I've had this same setup for years, and one unlucky friday, it blew in my face when I was committing an important batch of change in my project to the repository. I've spent next two weeks salvaging the working copy. But nothing worked until I said "fuck it" and finally took my time to reinstall 64-bit OS and setup a domain (this is my home network, so I though with only me using it there's no pressing... guess there was). -- With best regards, Andrey Repin Thursday, September 29, 2016 23:26:04 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Greetings, Wayne Porter! > On Thu, Sep 29, 2016 at 12:10:53AM +0300, Andrey Repin wrote: >> Greetings, Wayne Porter! >> >> > On Tue, Sep 27, 2016 at 09:17:13PM -0700, Linda Walsh wrote: >> >> Wayne Porter wrote: >> >> > My system is joined to a domain and is connected to multiple servers via >> >> > mapped network shares in Windows. All of the windows servers allow >> >> > read/write >> >> > access to all files, but the Fedora servers all open with read-only >> >> > access. >> >> > I can still write to most files in vim by specifying :w! so it's not >> >> > like >> >> > I can't do anything, it just becomes an inconvenience. >> >> > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT >> >> > SERVICE+TrustedInstaller 0 Sep 26 08:50 c >> >> > drwxrwx---+ 1 Administrators Domain Users >> >> > 0 Sep 14 11:57 i >> >> > drwxrwx---+ 1 SYSTEM SYSTEM >> >> > 0 Sep 26 12:55 j >> >> > drwxrwx---+ 1 Administrators Domain Users >> >> > 0 Sep 27 07:55 m >> >> > drwxr-xr-x 1 rootieng6_root >> >> > 0 Jul 12 04:04 v >> >> > drwxrwxr-x 1 Unknown+UserUnix_Group+505 >> >> > 0 Sep 21 09:41 w >> >> > drwxrwxr-x 1 Unix_User+99Unix_Group+101 >> >> > 0 Sep 21 15:20 y >> >> > >> >> >> >> > >> >> > Can anything tell me what I might be missing? >> >> --- >> >> Does the linux server, where cygdrive "w" is located have the share/files >> >> owned >> >> by a domain group? I.e. On any system (win or lin) you can have domain >> >> accounts and >> >> local accounts. In order to share files with the rest of the domain, >> >> files >> >> on the server for drive 'w' have to be owned by a domain account. It >> >> looks >> >> like >> >> the files are owned by a linux-local account. >> >> >> >> >> > The server that the W: drive is mapped on is not using domain accounts. As >> > far as I know, >> > all Linux servers we have are running local accounts. Is there something I >> > can set in >> > my local /etc/passwd to convince Cygwin to map it to my user account? >> >> You can tell your IT dep to pull their asses up and join all servers to AD. >> That would be a much more straightforward solution. >> > That's part of my problem, I can't get them to do anything without a couple > arguments and eventually settling on a solution that doesn't work. I'm just > trying to make things work in the environment I'm in. Then, as Linda pointed out, your machines are NOT in the domain, and essentially can't be reliable operated inside domain environment. You may try ls -ln to see if the ID's on these shares are unique enough to warrant their addition to the /etc/passwd, but I really, really do not envy you in that case. You may get readable names, but you will never be able to identify one of these accounts as yourself. -- With best regards, Andrey Repin Thursday, September 29, 2016 22:17:56 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Wed, Sep 28, 2016 at 10:39:20PM -0700, Linda Walsh wrote: > Wayne Porter wrote: > > The server that the W: drive is mapped on is not using domain accounts. As > > far as I know, > > all Linux servers we have are running local accounts. Is there something I > > can set in > > my local /etc/passwd to convince Cygwin to map it to my user account? > --- > If the linux servers are not exporting files under the domain account, > then they files are not part of the 'domain' but owned only by the username > on that specific linux-machine. It sorta sounds like the linux server may > not even be in the domain -- in which case mentioning domains only confuses > the issue. The reason I bring up domains is that I thought the solution might be close to what was being discussed in the following thread: https://cygwin.com/ml/cygwin/2015-04/msg00506.html It seems that setting the comment in the user account to the uid that the linux machine has would possibly help, but I can't do that since it's not a local account. > > Essentially you have a bunch of users on different machines that aren't > sharing their files under any common (or shared) security authority > (like a single domain). Until you persuade the owners of those linux machines > to move the linux machines under a common security authority (like a windows > domain) and moving the user accounts into the domain. Each local account > would have to be moved to a domain account with the files under each > machine-local account being moved (or "chown'ed") to the new, corresponding > domain account). The shares are mapped and working just fine in Windows. To IT, there isn't anything that needs to be done. It just happens that Cygwin, which I'm the only one using, maps the Windows mapped drives to an unknown user account and makes using it difficult. > > This is an organizational problem that has nothing to do with > cygwin, but whether windows and linux machines are using domain or > machine-local > security. Until your linux machines and their local user become part of the > domain, you can't expect any "write" privileges granted to you under the > domain to work on the linux machines. > I have write permissions on those machines from Windows. Cygwin thinks I don't so files are opened in read-only mode but when I force them to be written, it works. I'm not sure if maybe I left this out of my initial information, but these are shares that are mapped in Windows on login and there are no issues there, but once I open Cygwin, I don't appear to have write access even though I do. When mapping the drives in Windows, a username and password are given. Is there no way to let Cygwin know about that username without joining the servers to the domain? I know that this setup isn't ideal, which is why I'm trying to find a work-around. Wayne signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Hi to all.. I have the very similar problem. >> > I can't do anything, it just becomes an inconvenience. >> > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT SERVICE+TrustedInstaller 0 Sep 26 08:50 c >> > drwxrwx---+ 1 Administrators Domain Users 0 Sep 14 11:57 i >> > drwxrwx---+ 1 SYSTEM SYSTEM 0 Sep 26 12:55 j >> > drwxrwx---+ 1 Administrators Domain Users 0 Sep 27 07:55 m >> > drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 v >> > drwxrwxr-x 1 Unknown+UserUnix_Group+505 0 Sep 21 09:41 w >> > drwxrwxr-x 1 Unix_User+99Unix_Group+101 0 Sep 21 15:20 y >> > >> > You can tell your IT dep to pull their asses up and join all servers > to AD. That would be a much more straightforward solution. My servers (linux with samba 4.4) are joined to the domain. An older cygwin 1.7 does not show this problem. Presently this problem hinders myself for quite some while to move to a newer cygwin version. In my case it shows something like: -rwx-- 1 Unix_User+roland Unix_Group+develop 25 Sep 11 13:13 test.png And some file operations fail in cygwin (2.4.1 - this was my last version I have tried) - mostly writting to the files, while writting to the files from windows directly works... Any help would also be appreciated. Roland -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Wayne Porter wrote: The server that the W: drive is mapped on is not using domain accounts. As far as I know, all Linux servers we have are running local accounts. Is there something I can set in my local /etc/passwd to convince Cygwin to map it to my user account? --- If the linux servers are not exporting files under the domain account, then they files are not part of the 'domain' but owned only by the username on that specific linux-machine. It sorta sounds like the linux server may not even be in the domain -- in which case mentioning domains only confuses the issue. Essentially you have a bunch of users on different machines that aren't sharing their files under any common (or shared) security authority (like a single domain). Until you persuade the owners of those linux machines to move the linux machines under a common security authority (like a windows domain) and moving the user accounts into the domain. Each local account would have to be moved to a domain account with the files under each machine-local account being moved (or "chown'ed") to the new, corresponding domain account). This is an organizational problem that has nothing to do with cygwin, but whether windows and linux machines are using domain or machine-local security. Until your linux machines and their local user become part of the domain, you can't expect any "write" privileges granted to you under the domain to work on the linux machines. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Thu, Sep 29, 2016 at 12:10:53AM +0300, Andrey Repin wrote: > Greetings, Wayne Porter! > > > On Tue, Sep 27, 2016 at 09:17:13PM -0700, Linda Walsh wrote: > >> Wayne Porter wrote: > >> > My system is joined to a domain and is connected to multiple servers via > >> > mapped network shares in Windows. All of the windows servers allow > >> > read/write > >> > access to all files, but the Fedora servers all open with read-only > >> > access. > >> > I can still write to most files in vim by specifying :w! so it's not like > >> > I can't do anything, it just becomes an inconvenience. > >> > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT > >> > SERVICE+TrustedInstaller 0 Sep 26 08:50 c > >> > drwxrwx---+ 1 Administrators Domain Users > >> > 0 Sep 14 11:57 i > >> > drwxrwx---+ 1 SYSTEM SYSTEM > >> > 0 Sep 26 12:55 j > >> > drwxrwx---+ 1 Administrators Domain Users > >> > 0 Sep 27 07:55 m > >> > drwxr-xr-x 1 rootieng6_root > >> > 0 Jul 12 04:04 v > >> > drwxrwxr-x 1 Unknown+UserUnix_Group+505 > >> > 0 Sep 21 09:41 w > >> > drwxrwxr-x 1 Unix_User+99Unix_Group+101 > >> > 0 Sep 21 15:20 y > >> > > >> > >> > > >> > Can anything tell me what I might be missing? > >> --- > >> Does the linux server, where cygdrive "w" is located have the share/files > >> owned > >> by a domain group? I.e. On any system (win or lin) you can have domain > >> accounts and > >> local accounts. In order to share files with the rest of the domain, files > >> on the server for drive 'w' have to be owned by a domain account. It looks > >> like > >> the files are owned by a linux-local account. > >> > >> > > The server that the W: drive is mapped on is not using domain accounts. As > > far as I know, > > all Linux servers we have are running local accounts. Is there something I > > can set in > > my local /etc/passwd to convince Cygwin to map it to my user account? > > You can tell your IT dep to pull their asses up and join all servers to AD. > That would be a much more straightforward solution. > That's part of my problem, I can't get them to do anything without a couple arguments and eventually settling on a solution that doesn't work. I'm just trying to make things work in the environment I'm in. > > -- > With best regards, > Andrey Repin > Thursday, September 29, 2016 00:10:06 > > Sorry for my terrible english... > signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Greetings, Wayne Porter! > On Tue, Sep 27, 2016 at 09:17:13PM -0700, Linda Walsh wrote: >> Wayne Porter wrote: >> > My system is joined to a domain and is connected to multiple servers via >> > mapped network shares in Windows. All of the windows servers allow >> > read/write >> > access to all files, but the Fedora servers all open with read-only access. >> > I can still write to most files in vim by specifying :w! so it's not like >> > I can't do anything, it just becomes an inconvenience. >> > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT SERVICE+TrustedInstaller >> > 0 Sep 26 08:50 c >> > drwxrwx---+ 1 Administrators Domain Users >> > 0 Sep 14 11:57 i >> > drwxrwx---+ 1 SYSTEM SYSTEM >> > 0 Sep 26 12:55 j >> > drwxrwx---+ 1 Administrators Domain Users >> > 0 Sep 27 07:55 m >> > drwxr-xr-x 1 rootieng6_root >> > 0 Jul 12 04:04 v >> > drwxrwxr-x 1 Unknown+UserUnix_Group+505 >> > 0 Sep 21 09:41 w >> > drwxrwxr-x 1 Unix_User+99Unix_Group+101 >> > 0 Sep 21 15:20 y >> > >> >> > >> > Can anything tell me what I might be missing? >> --- >> Does the linux server, where cygdrive "w" is located have the share/files >> owned >> by a domain group? I.e. On any system (win or lin) you can have domain >> accounts and >> local accounts. In order to share files with the rest of the domain, files >> on the server for drive 'w' have to be owned by a domain account. It looks >> like >> the files are owned by a linux-local account. >> >> > The server that the W: drive is mapped on is not using domain accounts. As > far as I know, > all Linux servers we have are running local accounts. Is there something I > can set in > my local /etc/passwd to convince Cygwin to map it to my user account? You can tell your IT dep to pull their asses up and join all servers to AD. That would be a much more straightforward solution. -- With best regards, Andrey Repin Thursday, September 29, 2016 00:10:06 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Unknown+User Unix_Group+505 on smb shares in a domian
On Tue, Sep 27, 2016 at 09:17:13PM -0700, Linda Walsh wrote: > Wayne Porter wrote: > > My system is joined to a domain and is connected to multiple servers via > > mapped network shares in Windows. All of the windows servers allow > > read/write > > access to all files, but the Fedora servers all open with read-only access. > > I can still write to most files in vim by specifying :w! so it's not like > > I can't do anything, it just becomes an inconvenience. > > d---r-x---+ 1 NT SERVICE+TrustedInstaller NT SERVICE+TrustedInstaller 0 > > Sep 26 08:50 c > > drwxrwx---+ 1 Administrators Domain Users0 > > Sep 14 11:57 i > > drwxrwx---+ 1 SYSTEM SYSTEM 0 > > Sep 26 12:55 j > > drwxrwx---+ 1 Administrators Domain Users0 > > Sep 27 07:55 m > > drwxr-xr-x 1 rootieng6_root 0 > > Jul 12 04:04 v > > drwxrwxr-x 1 Unknown+UserUnix_Group+505 0 > > Sep 21 09:41 w > > drwxrwxr-x 1 Unix_User+99Unix_Group+101 0 > > Sep 21 15:20 y > > > > > > > Can anything tell me what I might be missing? > --- > Does the linux server, where cygdrive "w" is located have the share/files > owned > by a domain group? I.e. On any system (win or lin) you can have domain > accounts and > local accounts. In order to share files with the rest of the domain, files > on the server for drive 'w' have to be owned by a domain account. It looks > like > the files are owned by a linux-local account. > > The server that the W: drive is mapped on is not using domain accounts. As far as I know, all Linux servers we have are running local accounts. Is there something I can set in my local /etc/passwd to convince Cygwin to map it to my user account? signature.asc Description: PGP signature
Re: Unknown+User Unix_Group+505 on smb shares in a domian
Wayne Porter wrote: My system is joined to a domain and is connected to multiple servers via mapped network shares in Windows. All of the windows servers allow read/write access to all files, but the Fedora servers all open with read-only access. I can still write to most files in vim by specifying :w! so it's not like I can't do anything, it just becomes an inconvenience. d---r-x---+ 1 NT SERVICE+TrustedInstaller NT SERVICE+TrustedInstaller 0 Sep 26 08:50 c drwxrwx---+ 1 Administrators Domain Users0 Sep 14 11:57 i drwxrwx---+ 1 SYSTEM SYSTEM 0 Sep 26 12:55 j drwxrwx---+ 1 Administrators Domain Users0 Sep 27 07:55 m drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 v drwxrwxr-x 1 Unknown+UserUnix_Group+505 0 Sep 21 09:41 w drwxrwxr-x 1 Unix_User+99Unix_Group+101 0 Sep 21 15:20 y Can anything tell me what I might be missing? --- Does the linux server, where cygdrive "w" is located have the share/files owned by a domain group? I.e. On any system (win or lin) you can have domain accounts and local accounts. In order to share files with the rest of the domain, files on the server for drive 'w' have to be owned by a domain account. It looks like the files are owned by a linux-local account. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Unknown+User Unix_Group+505 on smb shares in a domian
My system is joined to a domain and is connected to multiple servers via mapped network shares in Windows. All of the windows servers allow read/write access to all files, but the Fedora servers all open with read-only access. I can still write to most files in vim by specifying :w! so it's not like I can't do anything, it just becomes an inconvenience. I have searched for similar issues and read through the documentation for samba shares, but the solutions all point to things to do when not on a domain. The servers are not using winbindd to map users and my access to them is limited to a standard user. I can't add SAM comments since my user account is not a local account, but on the domain and I'm not sure if it is being used by the organization. Here is the output of the mount command: ❯ mount C:/cygwin64/bin on /usr/bin type ntfs (binary,auto) C:/cygwin64/lib on /usr/lib type ntfs (binary,auto) C:/cygwin64 on / type ntfs (binary,auto) C: on /cygdrive/c type ntfs (binary,posix=0,user,noumount,auto) I: on /cygdrive/i type ntfs (binary,posix=0,user,noumount,auto) J: on /cygdrive/j type ntfs (binary,posix=0,user,noumount,auto) M: on /cygdrive/m type ntfs (binary,posix=0,user,noumount,auto) N: on /cygdrive/n type ntfs (binary,posix=0,user,noumount,auto) O: on /cygdrive/o type ntfs (binary,posix=0,user,noumount,auto) P: on /cygdrive/p type ntfs (binary,posix=0,user,noumount,auto) Q: on /cygdrive/q type ntfs (binary,posix=0,user,noumount,auto) R: on /cygdrive/r type smbfs (binary,posix=0,user,noumount,auto) S: on /cygdrive/s type smbfs (binary,posix=0,user,noumount,auto) U: on /cygdrive/u type smbfs (binary,posix=0,user,noumount,auto) V: on /cygdrive/v type smbfs (binary,posix=0,user,noumount,auto) W: on /cygdrive/w type smbfs (binary,posix=0,user,noumount,auto) X: on /cygdrive/x type smbfs (binary,posix=0,user,noumount,auto) Y: on /cygdrive/y type smbfs (binary,posix=0,user,noumount,auto) Z: on /cygdrive/z type smbfs (binary,posix=0,user,noumount,auto) And here is the user/group info for each mapped drive: ❯ ls -l /cygdrive total 96 d---r-x---+ 1 NT SERVICE+TrustedInstaller NT SERVICE+TrustedInstaller 0 Sep 26 08:50 c drwxrwx---+ 1 Administrators Domain Users0 Sep 14 11:57 i drwxrwx---+ 1 SYSTEM SYSTEM 0 Sep 26 12:55 j drwxrwx---+ 1 Administrators Domain Users0 Sep 27 07:55 m drwxrwx---+ 1 Administrators Unknown+Group 0 Sep 8 13:26 n drwxrwx---+ 1 Administrators Unknown+Group 0 Dec 31 2015 o drwxrwx---+ 1 Administrators Unknown+Group 0 Jun 12 2014 p drwxrwx---+ 1 SYSTEM SYSTEM 0 Aug 15 15:04 q drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 r drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 s drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 u drwxr-xr-x 1 rootieng6_root 0 Jul 12 04:04 v drwxrwxr-x 1 Unknown+UserUnix_Group+505 0 Sep 21 09:41 w drwxrwxr-x 1 Unix_User+99Unix_Group+505 0 Sep 27 13:59 x drwxrwxr-x 1 Unix_User+99Unix_Group+101 0 Sep 21 15:20 y drwxrwxr-x 1 Unknown+UserUnix_Group+505 0 Sep 15 15:18 z Here are the mappings: NET USE O: \\REDACTED1\www /user:$USER NET USE P: \\REDACTED2\www /user:$USER NET USE Q: \\REDACTED3\ASA\REDACTED NET USE R: \\REDACTED4\www /user:REDACTED4\cwporter password NET USE S: \\REDACTED5\docs /user:$USER password NET USE T: \\REDACTED6\ /user:$USER password NET USE U: \\REDACTED7\docs /user:sspps-portal\cwporter password NET USE V: \\REDACTED8\docs /user:sspps-portal\cwporter password NET USE W: \\REDACTED9\docs\dev /user:$USER password NET USE X: \\REDACTED10\docs\public /user:$USER NET USE Y: