login about faq

Tectia Server 6.1 for Windows. I try to add 5 virtual folders, where 2 are local to the server C:.... and 3 are on a NAS (\DiskStation...). The NAS can be accessed from Windows Explorer with a local NAS users, fx. diskstation\admin + some password.

When I log into Tectia Server with FileZilla client, and I use password authentication, I can see all 5 directories in the client. And I can access them.

When I turn off password authentication in Tectia Server and only allows public-key authentication, I can log into the Tectia Server, but I can only see the 2 virtual folders pointing to local directories.

Is there a way to specify credentials for each virtual folder independant of each other? So Tectia Server impersonates the access to the virtual folder?

What is the default credentials used by Tectia Server? I see the server uses the LocalSystem account, which is nearly fully administrator on local machine, but has no rights in network.

asked Dec 17 '10 at 21:52

Roland%20Lyngvig's gravatar image

Roland Lyngvig
111

edited Sep 21 '11 at 17:34

SSH%20KB's gravatar image

SSH KB ♦
509249246237


When doing UserKey authentication and trying to access any domain resources (like using UNC paths) you must also set up delegation of the cifs service for the network share to work when using public keys. Windows treats domain users logging in with passwords in a totally different way than those who log in with public keys.

When using public key authentication to log on to a Windows domain, the user does not automatically have access to shared network folders, such as \remotemachine\sharedfolder. This is different from password authentication, where these folders are automatically available.

In domains with functional level Windows 2003 it is possible to enable access to shared folders in the network even for users who use public key authentication. Two things are needed:

  1. Enabling the access in the Active Directory
  2. Taking the resource into use during the ssh session

Setting up the delegation in Active Directory

  1. In the Domain Controller, open the Active Directory Users and Computers snap-in (or the corresponding tool in Start->Programs->Administrative Tools).

  2. Open the Computers tree and select the computer where the SSH Tectia Server is located.

  3. Right-click and select Properties.

  4. Select the Delegation tab

      * select Trust this computer for delegation to specified services only
      * select Use any authentication protocol
      * Click the Add button
      * Click the Users or Computers button
      * Enter the name of the host where the network share is located and click Ok
      * Select cifs (common internet file system) from the available services
      * Click Ok to close the open windows
    

Regards, -Joe

link

answered Dec 21 '10 at 19:33

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×5
×4
×3
×1

Asked: Dec 17 '10 at 21:52

Seen: 3,435 times

Last updated: Sep 21 '11 at 17:34

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.