* Win32 account SID lookup if user and group have the same name?
@ 2024-02-13 1:12 Dan Shelton
2024-02-13 10:20 ` Corinna Vinschen
0 siblings, 1 reply; 3+ messages in thread
From: Dan Shelton @ 2024-02-13 1:12 UTC (permalink / raw)
To: cygwin
Hello!
How can I get the SID for either user XOR group if both have the same
name? Remember Cygwin, as Unix and Linux, allow that a user "danfsh"
can have his own group "danfsh". That works fine there, but on Win32
there is only LookupAccountSidA() which has no way to distinguish
whether you want a user SID or a group SID.
How can I get the SID for group "danfsh", or the SID for user "danfsh"?
Dan
--
Dan Shelton - Cluster Specialist Win/Lin/Bsd
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Win32 account SID lookup if user and group have the same name?
2024-02-13 1:12 Win32 account SID lookup if user and group have the same name? Dan Shelton
@ 2024-02-13 10:20 ` Corinna Vinschen
2024-02-13 15:40 ` [EXTERNAL] " Lavrentiev, Anton (NIH/NLM/NCBI) [C]
0 siblings, 1 reply; 3+ messages in thread
From: Corinna Vinschen @ 2024-02-13 10:20 UTC (permalink / raw)
To: Dan Shelton; +Cc: cygwin
On Feb 13 02:12, Dan Shelton via Cygwin wrote:
> Hello!
>
> How can I get the SID for either user XOR group if both have the same
> name? Remember Cygwin, as Unix and Linux, allow that a user "danfsh"
> can have his own group "danfsh". That works fine there, but on Win32
> there is only LookupAccountSidA() which has no way to distinguish
> whether you want a user SID or a group SID.
User and group "danfsh" are NOT a user and a group. Rather, there is
actually only one user account "danfsh" and Windows fills in your user
token with the *same* SID as primary group.
The weird thing in Windows is that it has no strict concept of groups.
The user token contains primary and supplementary group info, but the OS
can fill them with basically any SID it can lay its hands on.
And at one point (I'm deliberately vague here since I don't know exactly
when this occured), Microsoft started to fill in the primary group of
some local account with the user SID, rather than with the "None"(*)
group as is usually the default for local accounts.
(*) That's the local domain SID with RID 513. The name of the group
is actually localized.
> How can I get the SID for group "danfsh", or the SID for user "danfsh"?
It's the same SID and it's your user SID. There can't be a group with
the same name as a user account in the same user DB. Each account in
the local domain or in an AD domain has to have a unique account name.
HTH,
Corinna
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: [EXTERNAL] Re: Win32 account SID lookup if user and group have the same name?
2024-02-13 10:20 ` Corinna Vinschen
@ 2024-02-13 15:40 ` Lavrentiev, Anton (NIH/NLM/NCBI) [C]
0 siblings, 0 replies; 3+ messages in thread
From: Lavrentiev, Anton (NIH/NLM/NCBI) [C] @ 2024-02-13 15:40 UTC (permalink / raw)
To: cygwin, Dan Shelton
> It's the same SID and it's your user SID. There can't be a group with
> the same name as a user account in the same user DB. Each account in
> the local domain or in an AD domain has to have a unique account name.
Exactly! Which is why we use "namegrp" (an established convention) for Windows
groups when they are "mapped" to the respective Unix groups with the name just "name".
So the user "danfsh:danfsh" on Linux would be "danfsh:danfshgrp" on Windows.
Anton Lavrentiev
Contractor NIH/NLM/NCBI
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-02-13 15:41 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-13 1:12 Win32 account SID lookup if user and group have the same name? Dan Shelton
2024-02-13 10:20 ` Corinna Vinschen
2024-02-13 15:40 ` [EXTERNAL] " Lavrentiev, Anton (NIH/NLM/NCBI) [C]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).