Cygwin - Create Windows User Group

Written: 03/25/12

Last Updated: 06/14/13

This guide is the fourth part of my Cygwin SSH server series and assumes that the first three guides have already been completed. If you have not yet completed those articles, click here to go to the first article. That being said, the content displayed here is not Cygwin specific. This article discusses how to create a Windows user group. This user group will be used to easily manage all of the current users on your SSH server. This article also makes the assumption that you have at least one user that you wish to add to this user group. If not, you can skip the steps involving adding a new user (Step 6 through the end) and do that at a later point in time.

Begin by clicking on the start menu and typing “%windir%\system32\compmgmt”. Click on “compmgmt.msc”, this will open up the computer management interface. You will need administrative privileges to make changes in this program. If you are not an admin, then you probably should not be following this tutorial 😉

cygwin-create-windows-user-group-1

On the left-hand side under “Computer Management” and under “System Tools” expand “Local Users and Groups”.

cygwin-create-windows-user-group-2

Click on “Groups” to display the current Windows user groups on your computer.

cygwin-create-windows-user-group-3

Right click somewhere in the center field, where all of the group names are shown. Click on “New Group…” to create a new group.

cygwin-create-windows-user-group-4

Give your group a name and description, such as those shown in the picture below and then click on “Create”. Make sure the name you give the group will be rememberable, as this group name will be used in the future. It is recommended that you stick with my naming convention, as this group name will be used in future tutorials.

NOTE: If you do not wish to add any users to this group / do not have any users to add to the group, you may stop the tutorial at this point and continue at a later point in time; otherwise, continue.

cygwin-create-windows-user-group-5

Right click on your newly created group and click on “Properties”.

cygwin-create-windows-user-group-6

Currently, there are no users in the user group. To add a user, click on the “Add…” button.

NOTE: You will need to add each user you want to access your files to this user group. In one of my later tutorials, I will provide a script I wrote to automatically add / remove users. Until then, you will need to manually add users by using this method.

cygwin-create-windows-user-group-7

In the window that pops up click on “Advanced…”.

cygwin-create-windows-user-group-8

Click on “Find Now”. This will search your computer for all of your users and user groups.

cygwin-create-windows-user-group-9

Select the user(s) that you wish to add. For this example, I created the dummy user, “myUser”. If you wish to add more than one user, press and hold CTRL to select them. When you’ve selected all of the users that you wish to add, click on “OK”.

cygwin-create-windows-user-group-10

Click “OK”.

cygwin-create-windows-user-group-11

Click “OK”.

cygwin-create-windows-user-group-12

This concludes the fourth part of the Cygwin SSH server series. The next article in the series covers the creation and addition of a new user to the server. Click here to link to that article.

Discussion (8)

There are 8 responses to “Cygwin – Create Windows User Group”.

  1. Marian Matejovic responded:

    · Reply

    Hello,
    The /etc/passwd and group files are no longer generated by default, starting with Cygwin 1.7.34.

    Do you plan any update of your tutorial reflecting this change?

    I implemented “cygwin-1.7.34-6.tar.xz” and made configuration per your perfect guideline. I also created sshs user for sshd service (as I could not create user account with name sshd in my win7 OS). My cygwin server runs under sshs admin user but I stuck how to add my computer user “Marian”.

    Thanks a lot for your help,
    Marian

    • Hi Marian,

      Did you look at the article that immediately follows this one? It can be found, here, and it covers how to make the passwd file (see Part II). Using the methods I provided, all users, including “Marian” should automatically be added. Basically, create the user in Windows using the normal process and then update the passwd and group files. If you just want to add that one user and not all of them, take a look at the comments, where I show an example of how to add one user.

      Let me know if you run into anymore issues!

  2. Marian Matejovic responded:

    · Reply

    Thanks James,

    Yes, I had followed your article and user “Marian” was created per your guideline.
    My concern is, that when I run Cygwin64 Terminal from my Thinkpad computer (logged to PC as Marian – user who has PC admin rights & under who I run cygwin installation) my SSH connection is working . If I connect as sshs (sshs is admin user for sshd session) from this terminal it works.

    [email protected] ~
    $ ssh [email protected]
    [email protected]’s password:
    Last login: Mon Feb 23 15:21:14 2015 from thinkpad

    [email protected] ~
    $ exit
    logout
    Connection to thinkpad closed.
    – – – – – – – – — – – – – – — – – – — – – – – – – – — – – — – – – – – — – – – – – — – – – — – – – – – – —

    However if I try to connect back as Marian than “/bin/bash/: Operation not permitted” warning occurs. Also when I try to connect from MobaXterm terminal as Marian I get the same message (sshs user connection from MobaXterm is running).

    [email protected] ~
    $ ssh [email protected]
    [email protected]’s password:
    Last login: Mon Feb 23 15:21:55 2015 from thinkpad
    /bin/bash: Operation not permitted
    Connection to thinkpad closed.

    [email protected] ~
    $
    – – – – – – – – — – – – – – — – – – — – – – – – – – — – – — – – – – – — – – – – – — – – – — – – – – – – —
    The same message I get also for common user

    [email protected] ~
    $ ssh [email protected]
    [email protected]’s password:
    Last login: Mon Feb 23 20:53:02 2015 from thinkpad
    /bin/bash: Operation not permitted
    Connection to thinkpad closed.

    Kindly can you help me to fix this issue?

    Thanks a lot, Marian

    • From what you posted it appears that you are only able to connect using the user account associated with the sshd service. It looks like it is a permission error, but I don’t think it is a problem with the passwd or group file. If the user didn’t exist you should have got an authentication failure.

      Take a look at the security details of your Cygwin “bin” folder (right click on the folder -> properties -> security). It is possible that you don’t have permission granted to the users you need. Either grant the “Everyone” user group read permissions or add the specific users. Hopefully this will fix your problem.

  3. This does not seem to apply to Windows 8 (Home Edition). “Local Users and Groups” is not in the Computer Management console. I did some research. It seems I would need to run the GPMC (group policy management console?), but I couldn’t install it.

    • I believe that snapin is only included in the pro versions of Windows; however, you should be able to do this via the commandline:

      1. Open an administrative command prompt
        1. Press the windows key
        2. Type: cmd.exe
        3. Right click on it and press “Run as Administrator”
      2. Create your user group by executing “net localgroup <groupname> <username> /add”. “<groupname> should be replaced with the name of the group (in this example that would be “sshUsers”). “<username>” should be replaced with the name of the user.
      3. Repeat step 2 for each user you are adding.
      4. Verify that it worked by executing “net localgroup <groupname>”. You should see a list of all of the users that you added in steps 2 and 3.
  4. Thank you! It was easier to do it this way:

    Go to desktop. Right-click windows icon. Click Command Prompt (Admin).

    In the command prompt window, you missed this first step:

    net localgroup /add

    Everything else was great. Thank you!

  5. That should be,

    net localgroup groupname /add

Leave a Reply