From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: mkpasswd: option to force the 'primary' domain?
Date: Fri, 20 Mar 2015 18:11:00 -0000 [thread overview]
Message-ID: <20150320181011.GB12906@calimero.vinschen.de> (raw)
In-Reply-To: <550C0B53.6080201@thales-esecurity.com>
[-- Attachment #1: Type: text/plain, Size: 1852 bytes --]
On Mar 20 11:58, Tim Magee wrote:
> Now then,
>
> Since Cygwin 1.7.34 dropped, mkpasswd has been problematic for us. Our
> problem is with the way user names pulled from outside the primary domain
> get decorated. My question is: will there ever be a way to tell
> mkpasswd/mkgroup "make <some non-primary domain> the one whose users get
> undecorated names"?
>
> We have Windows machines in one AD domain, and all our users in a different
> AD domain. According to the 'POSIX accounts, permissions and security'
> page, the machine's domain is considered the primary one. "mkpasswd -d" will
> generate undecorated names for that domain, and decorated names for any
> other named domain.
>
> We use SSH-based tools a great deal here, and we use Cygwin to make our
> Windows machines behave like members of our POSIX machine community, so
> having our usernames appear the same on all machines is very desirable.
>
> I think I can recreate the pre-1.74 behaviour with a little seddery, but I'd
> bet folding money that my seddery isn't future-proof. So, are
> mkpasswd/mkgroup ever likely to get an option to force the "undecorated
> users" domain?
I'm not planning this. The idea is that mkpasswd/mkgroup create account
names compatible with the "db"-based accounts and everyhing else is left
to post-creation manipulation.
Having said that, the new account handling is supposed to be stable on
the user level for quite some time, ideally at least as many years as
the old /etc/passwd&/etc/group-only based code. Therefore using some
sed script to filter the output of mkpasswd/mkgroup if you dislike the
new account handling is the way to go.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2015-03-20 18:10 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-20 12:24 Tim Magee
2015-03-20 18:11 ` Corinna Vinschen [this message]
2015-03-24 12:40 ` Tim Magee
2015-03-24 20:34 ` Linda Walsh
2015-03-25 0:50 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150320181011.GB12906@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).