Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
From: "Gerald S. Williams" <gsw AT agere DOT com>
To: <cygwin AT cygwin DOT com>
Subject: mkpasswd (Win2K) cannot find the domain controller
Date: Tue, 7 May 2002 15:58:17 -0400
Message-ID: <GBEGLOMMCLDACBPKDIHFKECLCIAA.gsw@agere.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
In-Reply-To: <1020349957.4397.ezmlm@cygwin.com>

I've seen some e-mail about changes in the way this worked
recently, and now it's hitting home. However, I didn't find
anything in the FAQ or mail archive that helps us get past
our current problem...

When I installed Cygwin (quite a while ago), my /etc/passwd
was created properly. I don't remember doing anything special
even though I am on an NT domain (and running Win2K).

But now others in my team are installing it, and everyone is
coming up as user "Administrator".

We've tried various flavors of this:
 $ mkgroup -l -d > /etc/group
 $ mkpasswd -l > /etc/passwd
 $ mkpasswd -d -u $USERNAME >> /etc/passwd

Although we get errors like the following:

 $ mkgroup -d
 ...
 Cannot get PDC, code = 2453

 $ mkpasswd -d
 ...
 mkpasswd: [2453] Could not find domain controller for this domain.

I'm not much of an expert in Windows domains, although I
seem to recall that the company makes heavy use of BDCs
(backup domain controllers). I think one of the published
security models involves distributing BDCs and limiting
access to PDCs (primary domain controllers). If this were
the situation, would that mess up mkgroup/mkpasswd? And
what is the workaround?

Or perhaps something else is happening. Any ideas?

I'm not sure where to go next. I need a solution that's not
too involved or dangerous-sounding for the average user--it
was difficult enough getting the buy-in of our group and
management to make the move away from Micro$oft products in
the first place, and I don't want them to have any excuses
to move back. :-)

One possible workaround that I've considered is creating a
local user by the same name, but that falls into the "too
dangerous-sounding" category. :-) Hopefully, we can get to
the bottom of this and solve it for real.

BTW, I'm already maintaining an internal mirror (and even
a customized version of setup.exe), so I can patch tools if
need be without putting any undue burden on "Joe user". Of
course, I'm also trying to get any such patches back into
the official release (one of the reasons why I'm now the
Cygwin SWIG maintainer).

-Jerry Williams


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/