Hi!
First of all thank you very much for the terrific work with copSSH.
I would like to redirect the users to their home directories located on a network share. Is it possible to make copSSH impersonate? I would like copSSH to authenticate itself to my file server as the currently logged in user instead of the SvcCOPSSH account.
Also I wonder if the following message upon installation is normal:
Granting SeDenyRemoteInteractiveLogonRight to SvcCOPSSH ... failed
AddUserRightToAccount:
***Error*** AddUserRightToAccount -1073741728
CopSSH is running on a Windows 2000 Server SP4
Kind regards, Erik
The error message is normal :-) It complains a non-existent user right on windows 2000 systems. That will be fixed at the next release.
User activation script uses home directories local to copssh installation. A shortcut is placed to user's real home directory. COPSSH reinitializes user rights on the home directory and I don't want to mess up with users' real home directories.
I've got a couple of feedback about the issue. Maybe, time's come to make home directory selection as an option during user activation.
Rgrds Tev
Thank you for the answer.I don´t think I explained my question well enough.
I would like to do something like this,
On the copSSH machine:
"native"="\srv-file\Docs"
"flags"=dword:0000000a
... and then modiy the passwd file:
useraccount:unused_by_nt/2000/xp:11294:10513:Username,U-DOMAIN\useraccount,S-1-2-34-34584573456-234234234-23423434456-3444:/docs/useraccount:/bin/bash
When looking in the security log of the machine srv-file you can see the account SvcCOPSSH trying to connect and of course beeing denied since the account SvcCOPSSH does not exist on that machine. Is there a way to impersonate copSSH so that a connection to srv-file1 will be made using the currently logged in user, e.g. DOMAIN\useraccount .
I managed to get this work when using OpenSSH for Windows but I don't rember how I did it.
You can define a domain user as a copSSH service account. Check a relevant topic at cwRsync forum for some guidelines.
Working great! Thank you very much!