Mail Archives: cygwin/2024/11/09/12:57:01

Roland Mainz via Cygwin <cygwin AT cygwin DOT com> · Sat, 9 Nov 2024 18:55:35 +0100

On Sat, Nov 9, 2024 at 6:00 PM Corinna Vinschen via Cygwin
<cygwin AT cygwin DOT com> wrote:
> On Nov  9 17:31, Roland Mainz via Cygwin wrote:
> > Does anyone know a list of SIDs which can be used to get the
> > user+group accounts for passwd entry "Adminstrator" and group entry
> > "None" ?
> >
> > Our problem is that the actual account names vary with the system
> > locale, e.g. group entry "None" is "Kein" in "de_DE",  "Aucun" in
> > fr_FR etc. ...
> > ... so far we thought we fixed this by doing a lookup via SID, and
> > then remembering the localised name.
> >
> > But: The SIDs are apparently not stable between Windows versions.
> > For example:
> > ---- snip ----
> > # Windows Server 2022/en
> > $ getent group None
> > None:S-1-5-21-168624908-967194555-3343779530-513:197121:
> > # Windows Server 2019
> > $ getent group None
> > None:S-1-5-21-3286904461-661230000-4220857270-513:197121
> > ---- snip ----
>
> They *are* stable in that they are
>
>   ${Machine-SID}-513
>
> > And if there is no such list, would $ mkgroup | egrep
> > ':S-1-5-21-.+-513:' # be a suitable workaround ?
>
> No.
>
>   ${AD-SID|-513 == "Domain Users"
>
> I have not the faintest idea what the MS guys were thinking at the time,
> calling the group "None".  This is basically the equivalent of "Domain
> Users" for local accounts on machines not being domain controller.  A
> useful name would have been "Local Users" or "Machine Users", but,
> well, it is what it is.
>
> The safe way to check the SID is to fetch the machine SID attach the RID
> 513, and check for equality.

How can I get the "machine SID", preferably using /usr/bin/getent,
/usr/bin/getconf or /proc ?

----

Bye,
Roland
-- 
  __ .  . __
 (o.\ \/ /.o) roland DOT mainz AT nrubsig DOT org
  \__\/\/__/  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
  /O /==\ O\  TEL +49 641 3992797
 (;O/ \/ \O;)

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

DMARC-Filter:	OpenDMARC Filter v1.4.2 delorie.com 4A9Hv1UI3220807
Authentication-Results:	delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results:	delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter:	OpenDKIM Filter v2.11.0 delorie.com 4A9Hv1UI3220807
Authentication-Results:	delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=vjXAcAIW
X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 516953858C78
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1731175019;
	bh=xOIQgYWQSS0qiowVxiOj2M8mI04tSJECriWV2ypyGBg=;
	h=References:In-Reply-To:Date:Subject:To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	From;
	b=vjXAcAIW6dwtyU7VUG2Lml5Thp2iSFYlBH4HjFXYjLK2OhCFAhD2anQUJKoKdNsrC
	kHDcquVCxio6cqSzzgIzJ4FVNp6WN0sc/bGfRCuDFXUjA24phefZEnFM+kqd69aKdZ
	1r+C9MLaaYhFefHJXBZNyxExW+MsQRUfN7b+XbYM=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.2 sourceware.org 5A8FD3858D20
ARC-Filter:	OpenARC Filter v1.0.0 sourceware.org 5A8FD3858D20
ARC-Seal:	i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1731174966; cv=pass;
	b=iuX8S7kRf9F1XT2fay0hksc1EMn3U361U/OjSLFqEKYWR4axA/RQtmkpuIPNLQ/qy7mzXuYwwOhamY+y34L54NWJT9/+dXAubSfGLcHfrHTAB0z/2h0xgBfuH/tayOXqP2wXu9tR0iJZBBGHEtS0KdDF6TB5GHnR1KmqdJSOARo=
ARC-Message-Signature:	i=2; a=rsa-sha256; d=sourceware.org; s=key;
	t=1731174966; c=relaxed/simple;
	bh=UeUt7Q6iSHFiVKYI3T8Cb1LUWjNOs8Q6eyguKt7NOjs=;
	h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To;
	b=sP35szw9WS3rZ84KsQooZjZYRwWimFDdK/3BUS2NrAQsRj7T/4tXx2/QlYQjLShnIIdvdQV+S32F/zYi5C3Fi4UIOiZmBnJblHVukcUvdpaBefp7Qj77U1Izqf5GY9ACKrhZ5SAVkn+kxItWGjlsMHq0oDuAFKqmWdBLWPuu+5s=
ARC-Authentication-Results:	i=2; server2.sourceware.org
X-Sender-Id:	dreamhost\|x-authsender\|gisburn AT nrubsig DOT org
ARC-Seal:	i=1; s=arc-2022; d=mailchannels.net; t=1731174962; a=rsa-sha256;
	cv=none;
	b=5O2OFjhSVcQkc0TVy14oTdrwh1Evwc6uJmsoU6AvgIzHQQdfy2TIZn93cwKExJ8pNJWoxw
	MB97szzQWHIrxFjxfbqyHUyUUsbE1Gqbld24/1Sc4J4NPaNj3fIqb7ALNCb9gVaVXqqTUt
	mPkuVf2Un9t1jt92qsunlT0VMsR55uY+KSWTsgyD2aEkr26hQLw5rWD8qmYmhyJqZOH1PG
	ZbOvMyy+chi5dbkQfi/G0JZWoN1kI9RGKzVW4mgNCHuLJh7+2s9mvwiH14XUJEnVBU4oLz
	PVb1d8dPOGdXpcFh4FcEjJlLTmxppGKft+QcoJAXAA/ASVE0bCJeTzkOkc6iEw==
ARC-Message-Signature:	i=1; a=rsa-sha256; c=relaxed/relaxed;
	d=mailchannels.net; s=arc-2022; t=1731174962;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=EsGAfLWbDpF1kFDAJg8oKUk3Z7MW3Fke2udjwrYbd0k=;
	b=fftP0n+HIoJE1kiGurjigLXlR4UWvMa4RyOREoiMFUUgYrUCda78YTPoGepM0eraCIC9CQ
	6fRAYlvGhdPh1avQeeuLQJwUYxQ0oBWp1H+9MqmPWLk5+S8N22FEI87EDJu2NYKc1T9erg
	0kEiI34oGvB4qNp6SRG42PwYEb6+jrgyDIbYo87XczX1VvHcLcg4pMVVScfHnS/YifLW1q
	Rluw1L2C+57UTJjY1SaD2Iwt3aQMXdL3mScIijfLGIiWa8+tCh639vWxfgh35KfQzE1pT8
	yX47CA3NLIWa3WaKaXQtmSbHWfWA1+8bER155RWLztNYSFUksESTfKtIfALR9A==
ARC-Authentication-Results:	i=1; rspamd-5b688f746d-wkjlg;
	auth=pass smtp.auth=dreamhost smtp.mailfrom=roland DOT mainz AT nrubsig DOT org
X-Sender-Id:	dreamhost\|x-authsender\|gisburn AT nrubsig DOT org
X-MC-Relay:	Neutral
X-MailChannels-SenderId:	dreamhost\|x-authsender\|gisburn AT nrubsig DOT org
X-MailChannels-Auth-Id:	dreamhost
X-Arithmetic-Hysterical:	6c48e2c3354bcad6_1731174963206_541615164
X-MC-Loop-Signature:	1731174963205:1999092003
X-MC-Ingress-Time:	1731174963205
X-Gm-Message-State:	AOJu0YwzyaqnaTVfsmwkOH5xL2ktGUXU9Y+9f6B9MkmeDYTJqDLcKwhX
	pyu/UOO64G2ZdubSAIuvnRvdZsJdwrqbbmxaFHj2VAzJremm0sOzWOPsN/3PWxCwIVO3z/JnlLJ
	R6E+w/yrrnNxREvhkEU49VrAn7Pw=
X-Google-Smtp-Source:	AGHT+IExzEvDi1J9X2+xLbHYBPjh0pB1EHE1Vq4hkVceRQ+M4ti2vYwTLh5GT1IBJWmr8he+2wGWW0t2UUzIGQ1xjcg=
X-Received:	by 2002:a05:6000:785:b0:378:89be:1825 with SMTP id
	ffacd0b85a97d-381f1852682mr5618433f8f.49.1731174961332; Sat, 09 Nov 2024
	09:56:01 -0800 (PST)
MIME-Version:	1.0
References:	<CAKAoaQ==gSPA7eiJN9LiLMcR1ktfE9CUTE1Bzc1oMDBs1PQhqw AT mail DOT gmail DOT com>
	<Zy-VP7xZu-39qcio AT calimero DOT vinschen DOT de>
In-Reply-To:	<Zy-VP7xZu-39qcio@calimero.vinschen.de>
Date:	Sat, 9 Nov 2024 18:55:35 +0100
X-Gmail-Original-Message-ID:	<CAKAoaQm6Z7U97tXS20bAnqYy8KULpLStD10SWK-TM5GB9iWOtg AT mail DOT gmail DOT com>
Message-ID:	<CAKAoaQm6Z7U97tXS20bAnqYy8KULpLStD10SWK-TM5GB9iWOtg@mail.gmail.com>
Subject:	Re: Stable SIDs for "None"+'"Administrator" ?
To:	cygwin AT cygwin DOT com
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Roland Mainz via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	Roland Mainz <roland DOT mainz AT nrubsig DOT org>
Sender:	"Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>
X-MIME-Autoconverted:	from base64 to 8bit by delorie.com id 4A9Hv1UI3220807

webmaster	delorie software privacy
Copyright � 2019 by DJ Delorie	Updated Jul 2019