mkgroup — Write /etc/group-like output to stdout
mkgroup
[
-l | -L
[MACHINE
]
] [-d [DOMAIN
]] [-c] [-S CHAR
] [-o OFFSET
] [-g GROUPNAME
] [-b] [-U GROUPLIST
]
mkgroup
-h | -V
-l,--local [machine] Print local group accounts of \"machine\", from local machine if no machine specified. Automatically adding machine prefix for local machine depends on settings in /etc/nsswitch.conf. -L,--Local [machine] Ditto, but generate groupname with machine prefix. -d,--domain [domain] Print domain groups, from current domain if no domain specified. -c,--current Print current group. -S,--separator char For -L use character char as domain\\group separator in groupname instead of default '+'. -o,--id-offset offset Change the default offset (0x10000) added to gids -g,--group groupname Only return information for the specified group. One of -l, -d must be specified, too. -b,--no-builtin Don't print BUILTIN groups. -U,--unix grouplist Print UNIX groups when using -l on a UNIX Samba server. Grouplist is a comma-separated list of groupnames or gid ranges (root,-25,50-100). Enumerating large ranges can take a long time! -h,--help Print this message. -v,--version Print version information and exit. Default is to print local groups on stand-alone machines, plus domain groups on domain controllers and domain member machines.
Don't use this command to generate a local /etc/group file, unless you really need one. See the Cygwin User's Guide for more information.
The mkgroup program can be used to create a local
/etc/group
file. Cygwin doesn't need this file,
because it reads group information from the Windows account databases,
but you can add an /etc/group
file for instance, if
your machine is often disconnected from its domain controller.
Note that this information is static, in contrast to the information automatically gathered by Cygwin from the Windows account databases. If you change the group information on your system, you'll need to regenerate the group file for it to have the new information.
By default, the information generated by mkgroup
is equivalent to the information generated by Cygwin itself. The
-d
and -l/-L
options allow you to
specify where the information comes from, some domain, or the local SAM
of a machine. Note that you can only enumerate accounts from trusted
domains. Any non-trusted domain will be ignored. Access-restrictions
of your current account apply. The -l/-L
when used
with a machine name, tries to contact that machine to enumerate local
groups of other machines, typically outside of domains. This scenario
cannot be covered by Cygwin's account automatism. If you want to use
the -L
option, but you don't like the default
domain/group separator from /etc/nsswitch.conf
,
you can specify another separator using the -S
option,
for instance:
Example 3.8. Setting up group entry for current user with different domain/group separator
$
mkgroup -L server1 -S= > /etc/group
For very simple needs, an entry for the current user's group can be
created by using the option -c
.
The -o
option allows for (unlikely) special cases
with multiple machines where the GIDs might match otherwise. The
-g
option only prints the information for one group.
The -U
option allows you to enumerate the standard
UNIX groups on a Samba machine. It's used together with -l
samba-server
or -L samba-server
. The normal
UNIX groups are usually not enumerated, but they can show up as a group
in ls -l output.