[cvsnt] SSPI Problems
Arthur Barrett
arthur.barrett at march-hare.com
Fri Dec 30 03:17:42 GMT 2005
Bob,
> A server can authenticate a user as a local account.
> This has nothing to do with a trust relationship.
> The usual way to do this is to specify
> MACHINENAME\username instead of DOMAINNAME\username.
The problem is this (from your original message):
> The username and password on the client are the same
> as that on the domain.
If you are logging into the client on a domain, and onto the server as a
local user then the passwords will not be the same (or at least not
guarenteed to be the same, and the authentication tokens will certainly
not be the same).
The way that CVSNT Server processes the authentication tokens was
improved (to be more reliable) in 2.5.02, and has probably broken this
setup. However what you are now seeing I *think* is the correct
behaviour.
I imagine that the only way it will work is with:
:sspi:SERVERMACHINELOCALDOMAIN\servername:/repositoryname
Depending on the version of windows on your server you may also need to
force the encryption to a lower level:
:sspi;force=NTLM:SERVERMACHINELOCALDOMAIN\servername:/repositoryname
If you have ever used the passwords in the CVSROOT, you may have to
clear it from the registry...
Regards,
Arthur Barrett
More information about the cvsnt
mailing list