[cvsnt] impersonation troubles on w2k

mister.mandarino at bluemail.ch mister.mandarino at bluemail.ch
Mon Sep 23 20:17:02 BST 2002


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


It seems that impersonation through pserver doesn't work well on w2k.

Our server is configured with the LocalSystem account running the cvsnt
services.

When the "Impersonation enabled" flag is turned on, clients can login but
cannot execute a "cvs ls", for example, and get an indication that they
lack permissions to create a tempdir. Because the users can login, the LocalSystem
has the proper rights and the services that run under it can impersonate
other users.

However, it seems that creation of the tempdir is attempted by another process.
In fact, the name of the tempdir includes a PID as part of it. There is
no process with this PID after the unsuccessful attempt to create the tempdir.
So it seems that the process exists only for a short time and that it is
spawned by the cvsnt services. This process seems not to have the proper
permission to create the tempdir.

On the other hand, when the services run with disabled impersonation (which
is not recommended for obvious security reasons), clients can login and
operate normally.

I have seen that other users experienced the same problem, but nobody has
posted a workaround until now.

Any explanation would be greatly appreciated.







More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook