[cvsnt] Impersonation failure on Win2003 Server

Kevin Jones kevinj at develop.com
Mon Sep 15 17:40:33 BST 2003


Thanks Bo.

> # Set this to `no' if pserver shouldn't check system users/passwords
> #SystemAuth=yes

Mine looks like this

# Set this to "no" if pserver shouldn't check system users/passwords
#SystemAuth=no

Different default but commented out anyway :)

This has always confused me (the link between pserver and windows
authn). 
Do I want this value set to yes or no? 
What exactly happens if I use pserver both when this value is 'yes' and
when it is 'no'?
What is the default?

Do I need to alias pserver accounts to an NT account.

BTW I've changed the account the service logs on as and it all works
although I'd prefer to have it running as 'Local System' if possible

Kevin Jones
Developmentor
www.develop.com

> -----Original Message-----
> From: cvsnt-bounces at cvsnt.org 
> [mailto:cvsnt-bounces at cvsnt.org] On Behalf Of Bo Berglund
> Sent: 14 September 2003 17:20
> To: cvsnt at cvsnt.org
> Subject: Re: [cvsnt] Impersonation failure on Win2003 Server
> 
> 
> On Sun, 14 Sep 2003 14:39:58 +0100, "Kevin Jones" <kevinj at develop.com>
> wrote:
> 
> >I've just installed the latest CVSNT server (2.0.9) on win 
> 2003 Server.
> >I can access my repositories via ntserver but I need pserver access.
> >This is what I do:
> >
> >"c:\Program Files\cvsnt\cvs.exe" -d :ntserver:localhost:/ejsp passwd
> >Changing repository password for kevinj at localhost
> >New password: ******
> >Verify password: ******
> >
> >Then I try
> >
> >"c:\Program Files\cvsnt\cvs.exe" -d :pserver:kevinj at localhost:/ejsp
> >login
> >Logging in to :pserver:kevinj at localhost:2401:/ejsp
> >CVS password: ******
> >Fatal error, aborting.
> >
> >And I get
> >
> >cvs [login aborted]: kevinj: Impersonation failed - 
> configuration error.
> >Contact your System Administrator.
> >
> >I've tried this with kevinj's password set to the local 
> machine password
> >and as a different password (the machine is not in a domain)
> >
> >I've added various accounts to both the 'Create a token' and the
> >'Impersonate a client after authentication' policies (I've 
> added SYSTEM,
> >LOCAL SERVICE, NETWORK SERVICE, SERVICE and kevinj) still no luck
> >
> >What am I missing?
> >
> >Thanks,
> >
> >Kevin Jones
> >Developmentor
> >www.develop.com
> 
> What does your CVSROOT/config look like?
> That's where you set up how your server shall operate. Here is how it
> is set by default:
> 
> 
> As you can see the value is commented out and therefore the
> authentication against the system is ON.
> If you want the authentication to be changed you need to modify this
> file. (You have to check out CVSROOT and then edit config and commit
> it back.)
> 
> Then again, when this is set to 'no' then you *must* alias all passwd
> entries to a real user, otherwise it won't work either.
> 
> HTH
> 
> 
> /Bo
> (Bo Berglund, developer in Sweden)
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
> 



More information about the cvsnt mailing list