| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| q=dns; s=default; b=Ba4WzbJRxeH+ZgSzPyqcrgOK+f6VELsinAvON5ZixHY | |
| eqZ/8nLeHYkzMCSrFs/0k7y2M33gWE4QmU1QHhXhr7op26jZRtN5xx7wL/r7oEWT | |
| a7UGqp/CzxGBte9vztJqXPHangetaeaOY+kZo/HVVtii3Ih1SUxRxBhklVi0zqaI | |
| = | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :references:in-reply-to:content-type:content-transfer-encoding; | |
| s=default; bh=Vbektfz/ginqruYEja3sV5QiKzk=; b=fnTLUlMs2+mbLeK4u | |
| UnNyUjFsm9sdY3GsK5ufHTDQfdC4OwlvV3aTgm2rYDRr4Gjbhzd1HWm7D0CM3HAz | |
| +my4LwzOHVD6YsPFPymCGjXVYODHJfLvXEithVo+2GfWxRjN0uy4eUoTZ1MlKRDh | |
| hA905LOGh4K0lFQzTSGUdtuDsk= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=0.6 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 |
| X-HELO: | mail1.bemta14.messagelabs.com |
| X-Env-Sender: | Tim DOT Magee AT thales-esecurity DOT com |
| X-Msg-Ref: | server-9.tower-27.messagelabs.com!1427187869!12588268!1 |
| X-StarScan-Received: | |
| X-StarScan-Version: | 6.13.6; banners=-,-,- |
| X-VirusChecked: | Checked |
| Message-ID: | <5511289D.5030203@thales-esecurity.com> |
| Date: | Tue, 24 Mar 2015 09:04:29 +0000 |
| From: | Tim Magee <Tim DOT Magee AT thales-esecurity DOT com> |
| User-Agent: | Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: mkpasswd: option to force the 'primary' domain? |
| References: | <550C0B53 DOT 6080201 AT thales-esecurity DOT com> <20150320181011 DOT GB12906 AT calimero DOT vinschen DOT de> |
| In-Reply-To: | <20150320181011.GB12906@calimero.vinschen.de> |
| X-IsSubscribed: | yes |
On 20/03/15 18:10, Corinna Vinschen wrote: > On Mar 20 11:58, Tim Magee wrote: >> Now then, >> >> Since Cygwin 1.7.34 dropped, mkpasswd has been problematic for us. Our >> problem is with the way user names pulled from outside the primary domain >> get decorated. My question is: will there ever be a way to tell >> mkpasswd/mkgroup "make <some non-primary domain> the one whose users get >> undecorated names"? >> >> We have Windows machines in one AD domain, and all our users in a different >> AD domain. According to the 'POSIX accounts, permissions and security' >> page, the machine's domain is considered the primary one. "mkpasswd -d" will >> generate undecorated names for that domain, and decorated names for any >> other named domain. >> >> We use SSH-based tools a great deal here, and we use Cygwin to make our >> Windows machines behave like members of our POSIX machine community, so >> having our usernames appear the same on all machines is very desirable. >> >> I think I can recreate the pre-1.74 behaviour with a little seddery, but I'd >> bet folding money that my seddery isn't future-proof. So, are >> mkpasswd/mkgroup ever likely to get an option to force the "undecorated >> users" domain? > > I'm not planning this. The idea is that mkpasswd/mkgroup create account > names compatible with the "db"-based accounts and everyhing else is left > to post-creation manipulation. > > Having said that, the new account handling is supposed to be stable on > the user level for quite some time, ideally at least as many years as > the old /etc/passwd&/etc/group-only based code. Therefore using some > sed script to filter the output of mkpasswd/mkgroup if you dislike the > new account handling is the way to go. > > > Corinna > Thanks, I feel more confident of my seddery already! In case anyone else with a similar setup reads this thread: using sed to trim off the domain decoration for the chosen domain is WFMing like a champ, but you'll want to make sure you're not creating name clashes. It's safe for us because we only have users we care about in one domain. Tim -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |