login about faq

One of our users setup a TecTia SSH server on windows 2008. (Version 6.1) The Windows-SSH server is in a domain (SSH) that has a 1-way trust to my domain (client).

I have given my account administrative rights on the ssh server in the ssh-domain. When I connect with Putty, it asks for my user account. I have tried client\myname and myname@client-parent.com, but I get authentication failed when I attempt to sftp to the server.

Help.

asked Sep 14 '10 at 20:54

Alex%20McDiarmid's gravatar image

Alex McDiarmid
1111

edited Sep 21 '11 at 16:44

SSH%20KB's gravatar image

SSH KB ♦
509249246237


It seems that a two way trust is required in order for trusted domain authentication to work.

Customer Support Tectia Corporation www.tectia.com

Tectia - Your People. Your Secrets. Protected.

link

answered Sep 21 '10 at 21:17

Alex%20McDiarmid's gravatar image

Alex McDiarmid
1111

Thanks for posting back the solution. Can you accept your own answer so that the question is closed? Thanks!

(Sep 22 '10 at 12:28) Roman ♦♦ Roman's gravatar image

Is the server running with a default configuration? The correct syntax should indeed be the first one you tried: domain\user so if everything is configured correctly client\yourusername should be ok.

After checking some of the common causes of this, can you see what the server troubleshooting mode says when trying to login with this account?

You can also check what is the Domain Policy that has been configured for the server, although this should only take effect if not specifying a prefix for your username when logging in.

link

answered Sep 14 '10 at 21:39

Roman's gravatar image

Roman ♦♦
7735817

I beleive that this server is running in the default configuration. I am able to connect from my workstation only if I create a local user on the server, who is part of the local administrators group. When I attempt to connect as Local Server user (non admin) I get access denied, although the user has read rights on the specified folder.

When I attempt to connect as a cross domain user, I get access denied, even though this account is part of the administrators group.

(Sep 16 '10 at 13:39) Alex McDiarmid Alex%20McDiarmid's gravatar image

Are you able to remote desktop with this user from the client to the server? (in order to rule out any domain permission and dns problems)

(Sep 17 '10 at 08:23) Roman ♦♦ Roman's gravatar image

Yes, we are able to remote desktop from our domain, to the server in question.

(Sep 17 '10 at 17:39) Alex McDiarmid Alex%20McDiarmid's gravatar image

In order to figure out what the problem is can you paste the relevant sections of the server debug output when the user is attempting to login (see above link on how to start the server in troubleshooting mode)? Since there's not much space here you can also paste the log to something like pastebin.com and just paste the link here.

(Sep 20 '10 at 05:43) Roman ♦♦ Roman's gravatar image

I am certain that our IT team will have me fired if I paste the server debug output to any external site: it includes things like domains; usernames.

(Sep 21 '10 at 20:39) Alex McDiarmid Alex%20McDiarmid's gravatar image
1

SSH Support has stated that a two way trust is required betweens.

(Sep 21 '10 at 21:16) Alex McDiarmid Alex%20McDiarmid's gravatar image

Yes, maybe I should have emphasized that the relevant sections of debug output I was requesting should be of course scrubbed of sensitive information. Usually these types of problems (if it's not a "how do I do X" type of question that requires looking through debug logs) are better handled via the official support channels. But good to know that it was solved by our excellent support staff.

(Sep 22 '10 at 12:24) Roman ♦♦ Roman's gravatar image
showing 5 of 7 show all
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×63
×12
×1

Asked: Sep 14 '10 at 20:54

Seen: 5,057 times

Last updated: Sep 21 '11 at 16:44

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.