X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org From: "Ken Turner" To: References: Subject: RE: Mapping of Windows Domains? Date: Wed, 23 Jul 2008 21:10:28 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: X-stir.ac.uk-MailScanner: Found to be clean X-stir.ac.uk-MailScanner-From: kjt AT cs DOT stir DOT ac DOT uk Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com | > It turns out that these files are being served up with a fake domain name | > "D1" (because our Unix server isn't part of a Windows domain). When I log | > in I am authenticated against a real domain "D2". As a result, "D2\kjt" | > cannot access files whose permissions are set for "D1\kjt". There doesn't | > seem to be any way of influencing the choice of fake domain name "D1", so | > I need a client-side solution. | > | > Is there any way to get CygWin or Windows to map domains (e.g. to treat | > "D1" as equivalent to "D2")? Thanks! | | Think about what you're asking for. | | You want to change something at the client end, so that, without doing | anything at the server end, somebody who isn't a member of a domain could | get access to files as if they were a domain member. | | If you could pretend to be a user in a domain you're not a member of, why | not go the whole hippo and ask to be root in the domain you're not a member | of (by making yourself root of your own domain that you can control)? | | If anything remotely like that was even possible, security would simply | not exist, wouldn't it? You'd basically be letting anyone anywhere on the | internet have full and free access to any file on any server anywhere in the | worlds without having permissions or passwords. | | So, no, you can't do it. And if you could, you'd be horrified to realise | that everyone else in the world (D4\kjt, D5\kjt, .... Danything\kjt) could | get their hands on your files just by changing their username to kjt. Many thanks for the clarification. If that's the consequence of what I asked, then I agree it's not viable. The fact remains that I'm stuck with a 2.5 year old version of CygWin. I've described the problem in two posts, but haven't managed to find a solution. Since the above is evidently a non-starter, have you any idea how to get round this problem? Alternatively, what changed in this area with CygWin 1.5.18-2? Thanks for your time. -- Academic Excellence at the Heart of Scotland. The University of Stirling is a charity registered in Scotland, number SC 011159. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/