Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Arthur - The passwords are the same for the client and server by design, I set them up that way. The usernames are the same also, but they are not the same accounts of course since there is no trust. There is no domain on the server, it is a standlone windows 2003 server that is not part of any domain. Previously, sending username and password worked, similar to how you can connect to a share on another machine with no trust. I don't think what you are now seeing is correct behavior. I should be able to authenticate to a server with no trust using either a local or domain account username/password on the target server, using either servermachinename\username or serverdomain\username and a password. To see what I mean try mapping a drive. You can connect using your current account or a "different username" which is supported for exactly this reason, mapping in a non-domain or non-trust environment. >> I imagine that the only way it will work is with: >> :sspi:SERVERMACHINELOCALDOMAIN\servername:/repositoryname I don't know how you've implemented, SSPI but that is not correct syntax for a username. In a domain environment you specify DOMAIN\username, in a non-domain it's machinename\username. >> Depending on the version of windows on your server you may also need to >> force the encryption to a lower level: >> :sspi;force=NTLM:SERVERMACHINELOCALDOMAIN\servername:/repositoryname I'll play with that, but again that is not correct syntax. -- Bob -----Original Message----- From: Arthur Barrett [mailto:arthur.barrett at march-hare.com] Sent: Thursday, December 29, 2005 10:18 PM To: Bob Provencher; cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook Subject: RE: [cvsnt] SSPI Problems Bob, > A server can authenticate a user as a local account. > This has nothing to do with a trust relationship. > The usual way to do this is to specify > MACHINENAME\username instead of DOMAINNAME\username. The problem is this (from your original message): > The username and password on the client are the same > as that on the domain. If you are logging into the client on a domain, and onto the server as a local user then the passwords will not be the same (or at least not guarenteed to be the same, and the authentication tokens will certainly not be the same). The way that CVSNT Server processes the authentication tokens was improved (to be more reliable) in 2.5.02, and has probably broken this setup. However what you are now seeing I *think* is the correct behaviour. I imagine that the only way it will work is with: :sspi:SERVERMACHINELOCALDOMAIN\servername:/repositoryname Depending on the version of windows on your server you may also need to force the encryption to a lower level: :sspi;force=NTLM:SERVERMACHINELOCALDOMAIN\servername:/repositoryname If you have ever used the passwords in the CVSROOT, you may have to clear it from the registry... Regards, Arthur Barrett