| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-1.7 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,RP_MATCHES_RCVD,TW_MK |
| X-Spam-Check-By: | sourceware.org |
| X-DKIM: | Sendmail DKIM Filter v2.8.3 mux1.uit.no p9H8OfRQ086958 |
| Message-ID: | <1318839873.3370.14.camel@kare-desktop> |
| Subject: | Re: Problems with mkpasswd and mkgroup |
| From: | =?ISO-8859-1?Q?K=E5re?= Edvardsen <kare DOT edvardsen AT uit DOT no> |
| Reply-To: | <kare DOT edvardsen AT uit DOT no> |
| To: | <cygwin AT cygwin DOT com> |
| CC: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| Date: | Mon, 17 Oct 2011 10:24:33 +0200 |
| In-Reply-To: | <20111014082932.GA12878@calimero.vinschen.de> |
| References: | <20111014082932 DOT GA12878 AT calimero DOT vinschen DOT de> |
| MIME-Version: | 1.0 |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Unsubscribe: | <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On fr., 2011-10-14 at 10:29 +0200, Corinna Vinschen wrote: > On Oct 14 07:39, Edvardsen KÃ¥re wrote: > > > > > What is the contents of the "/etc/password" and "/etc/group" files > > > after you run the "mkpasswd/mkgroup" commands (as administrator)? > > > > > What user can log in, but isn't in the password file? > > > > > Is that user local or a domain user? > > > > The Windows account name with FULL admin privileges is "servicekonto" and cygwin was installed from this account which is locally on this client and NOT a domain user. > > "kae026" is the user who can log in, but isn't in the password file. > > "kae026" is a domain user. > > > > As admnistrator: > > > > $ mkpasswd -l -d > /etc/passwd > > mkpasswd (427): [5] Access is denied. > > [...] > > $ mkgroup -l -d > /etc/group > > mkgroup (369): [5] Access is denied. > > That's kind of clue, isn't it? You local administrator account > doesn't have the permissions to enumerate the accounts in AD. > Add the machine to the domain if you haven't done so already, > log in with a domain account and call `mkpasswd -d >> /etc/passwd' > and `mkgroup -d >> /etc/group'. Note that, depending on the > security settings of your AD, not all domain users might have > the permissions to enumerate domain accounts. If you login > with a domain admin account, you should have no problem, though. > > > Corinna > What does it mean to enumerate an account in AD? (or what happens?) I guess it's a bad circle if my local admin account doesn't have the permissions to enumerate the accounts in AD , and my domain account doesn't have the permissions to install cygwin on the machine...if I understand this right? KÃ¥re -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |