From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 11888 invoked by alias); 26 Nov 2014 21:12:55 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 11877 invoked by uid 89); 26 Nov 2014 21:12:54 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 26 Nov 2014 21:12:54 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 43E368E146C; Wed, 26 Nov 2014 22:12:51 +0100 (CET) Date: Wed, 26 Nov 2014 21:29:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Cygwin AD schema and configuration extensions (was Re: RFC: 1.7.33 problem with user's home directory) Message-ID: <20141126211251.GB9157@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <20141110205216.GJ2782@calimero.vinschen.de> <0B8D23F7-0258-472D-BF38-860402FD3CDC@etr-usa.com> <20141111101821.GO2782@calimero.vinschen.de> <20141111111437.GB28012@calimero.vinschen.de> <20141126205658.GA9157@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9zSXsLTf0vkW971A" Content-Disposition: inline In-Reply-To: <20141126205658.GA9157@calimero.vinschen.de> User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2014-11/txt/msg00583.txt.bz2 --9zSXsLTf0vkW971A Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 1923 On Nov 26 21:56, Corinna Vinschen wrote: > > Cygwin schema extension? :) >=20 > I just created a patch and a matching snapshot on > https://cygwin.com/snapshots/ Ok, so we have a cygwin schema extension now. The file is called cygwin.ldif and is in the Cygwin CVS repo. It gets installed to /usr/share/cygwin. The schema extension consists of two auxiliary classes: CN=3DcygwinUser, gets attached to CN=3DUser and adds the attributes: cygwinHome cygwinShell cygwinGecos as well as the as of yet unused cygwinUnixUid cywinFstab CN=3DcygwinGroup, gets attached to CN=3DGroup and adds the attribute: cygwinUinxGid The cygwinHome, cygwinShell and cygwinGecos attributes are described in my previous mail. cygwinUnixUid and cygwinUinxGid are supposed to be used for NFS and Samba uid/gid account mapping, same as the posixAccount:uidNumber, and posixGroup:gidNumber fields. See https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nfs https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-samba cygwinFstab, a multi-string attribute, is supposed to be used as user fstab, along the lines, but replacing the /etc/fstab.d/$USER file. This way an administrator can predefine per-user mount points. In the long run I'm also planning to allow replacing /etc/fstab and /etc/nsswitch.conf with a Cygwin-specific AD configuration extension. The idea of this, including the cygwinFstab attribute, is to allow admins to get rid of any local system setting, to control the Cygwin system settings entirely from AD, and to drop the requirement for /etc being always alongside of Cygwin's /bin dir. Do you think this makes sense? Would you actually use these AD extensions, or do you see your admins using them if available? Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --9zSXsLTf0vkW971A Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUdkJTAAoJEPU2Bp2uRE+gMCQP/RtzjVRvhJihf9cC+MpRqFCe SMNmuQcFwY/yV96wuvRrLbNigJBeOaFdjecJD/kDg5M2GXPtb14H2n5taJ7RwsV3 jIZmKBZv/j7Pj2y1MjgE6X+okozPZ6PF/+YFvCO6B54+eTA00PKI3Z7cmHql2Eqp ynInvNMCahEdVBtskXdSh2F7dnta11HyiYk+xsQtBpxnhPKU3X4QWn2WAic9Wvpj BkftnXFcTH5H3oPm+cj/76NpPAkHxPQDnD/p0TRheWSI5ZDpfkWEryAvXTGrotAS PmgbxJkpcFljMYwcnsJip/iYCFVOupoBXtx/dpL88dwDQxnAYUebkweIolquYPnI N8SNHYJK9hO4cIFbHYIDCeB+CWc2V2PFb3X8Y+YzLeoJgLfQBgOGm2KtMwF+hV17 KMQ59zbGhks0mOJavj637fHc5nY9prsk0r/k4rgIr65axhDGMKr9LGQntz4IJ1vL T5b3L0o3Wg0sZHsD544wwh1T25o68jKaY5Nurzcqa+wo+KhrGYjiWSd0tnu+tJmM BGhPRmU+vpF77S6nZTur4voQi2uk5tl2sMwT5hFb80a0t5pZw3w9ren7XeoFI3lv eLmE75elXAX70hgJUKIhpUkBtMBo2nYhDvdS9jbN/SHZOgB1t2f1C6MqS8VztJTg J8ZBtgHPW0pFYWpqrZYZ =Tkm2 -----END PGP SIGNATURE----- --9zSXsLTf0vkW971A--