| delorie.com/archives/browse.cgi | search |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 delorie.com 4A9H1eH53209417 |
| Authentication-Results: | delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com |
| Authentication-Results: | delorie.com; spf=pass smtp.mailfrom=cygwin.com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 delorie.com 4A9H1eH53209417 |
| Authentication-Results: | delorie.com; |
| dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=VAaInwH6 | |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org B6FB73858CD9 |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1731171699; | |
| bh=k1wymLVTxK52gIdQlS+4kRSj9FLlRXquzMBVV+VtKQo=; | |
| h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe: | |
| List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: | |
| From; | |
| b=VAaInwH60iCG+E5v22hz5B36KZ3bknGtqQCqhFONDies+H4a+8FBp8R5BY3ceZFuH | |
| ekGQZR1M2w7iUUFTv7PY2WiIJDb3NTX+jDglPLgNJA7jrIhmq8k/OisZ+iT1rOJuzC | |
| 0AEWtgp4v70dbK98Wq+Xa5TJyKG+tQQHJ4s3SL9U= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 916AF3858D20 |
| Date: | Sat, 9 Nov 2024 18:00:47 +0100 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Stable SIDs for "None"+'"Administrator" ? |
| Message-ID: | <Zy-VP7xZu-39qcio@calimero.vinschen.de> |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CAKAoaQ==gSPA7eiJN9LiLMcR1ktfE9CUTE1Bzc1oMDBs1PQhqw AT mail DOT gmail DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <CAKAoaQ==gSPA7eiJN9LiLMcR1ktfE9CUTE1Bzc1oMDBs1PQhqw@mail.gmail.com> |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | cygwin AT cygwin DOT com |
| Cc: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| Errors-To: | cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> |
On Nov 9 17:31, Roland Mainz via Cygwin wrote:
> Hi!
>
> ----
>
> Does anyone know a list of SIDs which can be used to get the
> user+group accounts for passwd entry "Adminstrator" and group entry
> "None" ?
>
> Our problem is that the actual account names vary with the system
> locale, e.g. group entry "None" is "Kein" in "de_DE", "Aucun" in
> fr_FR etc. ...
> ... so far we thought we fixed this by doing a lookup via SID, and
> then remembering the localised name.
>
> But: The SIDs are apparently not stable between Windows versions.
> For example:
> ---- snip ----
> # Windows Server 2022/en
> $ getent group None
> None:S-1-5-21-168624908-967194555-3343779530-513:197121:
> # Windows Server 2019
> $ getent group None
> None:S-1-5-21-3286904461-661230000-4220857270-513:197121
> ---- snip ----
They *are* stable in that they are
${Machine-SID}-513
> And if there is no such list, would $ mkgroup | egrep
> ':S-1-5-21-.+-513:' # be a suitable workaround ?
No.
${AD-SID|-513 == "Domain Users"
I have not the faintest idea what the MS guys were thinking at the time,
calling the group "None". This is basically the equivalent of "Domain
Users" for local accounts on machines not being domain controller. A
useful name would have been "Local Users" or "Machine Users", but,
well, it is what it is.
The safe way to check the SID is to fetch the machine SID attach the RID
513, and check for equality.
Corinna
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |