I am trying to run an rexec command from a windows node to a unix node without getting prompted for a password.

This is easy going from unix to unix but I'm finding that my knowledge is limited on the windows side for how to configure it. I have tried plopping a netrc file in my windows user's home directory but that had no effect. Again, I can make this work if I run it interactively but I have a need to run it and forget it not enter a password each time it's run.

My unix accounts are not domain accounts, is this the problem?

Probably. Permissions in AD > All.

no AD on Unix, no domain accounts. doesn't matter we got it working sort of...

I had to open everything up on my unix nodes which the auditors will just love. Still, we're fine tuning it.... currerntly we have 2 nodes (2 different people) RDP'ed into my windows servers, one can run the rsh command successfully, one cannot. Same username(s) makes zero sense except that it's windows. We'll get it though, just hate having to use the almighty "+" to make anything work =\

I believe there are better versions of rexec.exe available that let you supply full credentials at the command line.

Do you happen to have a link or a version number? I'm wondering if I should have the windows guys install the toolkit or something.

Sorry, I thought you meant your Unix accounts didn't have the correct corresponding permissions on the Windows side....

Please disregard my statement....

Do you happen to have a link or a version number? I'm wondering if I should have the windows guys install the toolkit or something.

I don't, but I'm sure I've used it with command line credentials before. Senor Google to the rescue!

Forgive me if this is a dumb suggestion, I don't have a ton of experience getting Windows and Unix to play nice, but you could try adding the server and credentials to your managed passwords on the machine (in XP is Control Panel > User Accounts > Advanced Tab > Manage Passwords*). If you add the unix machine you're trying to connect to without being prompted and provide the proper credentials there (you might have to play around with formating of the username to get it to accept) this may get you where you're trying to be. The only thing is, if I remember correctly, it wants the user name in a user@domain or domain\User format. You may be about to get around that using computername\username, but I'm not sure if Unix will like that.


*if you don't have admin credentials on the windows domain, you'll get a window that opens and says you can't make changes, but there should be a link at the bottom for managing passwords

Akom, thanks for the reply. No suggestions are dumb in my opinion!

We got this working by adding in my windows user's home directory a file called netrc and put the credentials in there. In addition to that I had to edit .rhosts on my unix node and also /etc/hosts.equiv. That all worked quite well but it was odd that depending on the RDP session of the windows node it sometimes did not. If I made /etc/hosts.equiv and .rhosts wide open, i.e. the infamous + + it worked great every time.

In the end we decided not to do this b/c it added complexity to others in our group who would also have to support the script(s) when they were oncall. It was just to save us some coding each time we added a filesystem/mountpoint on our unix node. (in other words we were trying to be lazy :p )

Whew!

Glad I read this first, 'cus I was going to refer you to a couple friends that work at Marvin and Andersen's. :p

People still use rexec? Scary.

Most of that stuff is sensitive to forward/reverse name lookups matching, that'd be the first place I start looking. Windows DNS population is often psychotically bizarre, particularly for anything multi-homed.

Seriously though, try and get OpenSSH on Cygwin (or something commercial like Tectia) and leave the 1970s behind :>

LOL, if you ever work in healthcare you would understand the resistance towards anything new. ANYTHING! I'm still fighting the battle to put powershell on a windows node. For the record, all my unix servers have OpenSSH on them, my windows group is full of goobers.