This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Testers needed: New passwd/group handling in Cygwin


On Mar 11 17:12, Achim Gratz wrote:
> Achim Gratz <Stromeko <at> NexGo.DE> writes:
> > Exactly.  But as revealed above, what was really missing is the
> > Administrators group.  Somehow, when "files" is in effect, that mapping
> > doesn't seem to exist unless it is explicitly listed in the file.  It does
> > get auto-created when I use _only_ the "db".  I hope that somehow makes
> sense...
> 
> I guess it does: the mapping that gets created from AD is sometimes 1049120
> instead of 544.  That depends on the settings in nsswitch.conf and whether
> an /etc/group file exists at all or contains an entry for Administrators.

Argh!  What about *details* which allow to reproduce this behaviour.

In my environment I *never* see the admins group being produced with
a GID of 1049120.  And it doesn't make any sense at all.  The UID/GID
values starting with 0x100000 are reserved for accounts of the primary
domain.  The admins account is *never* an account of the primary domain
because its SID doesn't start with S-1-5-21-YOUR-DOMAIN-SID.  Rather
it's a builtin account with SID 1-5-32-544, which always gets converted
to UID/GID 544.

[...time passes...]

Hmm.  The only reason I can see which would allow to generate the GID
1049120 is, if your account has a primaryGroupID of 544 in AD, but that
*should* be impossible.  The AD user properties dialog doesn't allow to
set the primary group to a builtin group... unless you set this in the
attribute editor.  This is totally unexpected by Cygwin.  From AD it
just gets a RID value, and it simply adds this to the primary domain
offset 0x100000.

Ok, so, here's the question.  Is your primaryGroupID in AD 544?  If not,
you will have to explain to me how this happens.  I have found no other
way to reproduce this.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpmhaAwd1QDY.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]