X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=QMONdIYKP/kGok1X24xTrRSwmIemQGYgwisIorDPAysu5JsZp/rDd z9q9UBoTo9+dl4S5K5McCwMHSCowLMNMohkb5wcKWBr+UQ/srS5TX8x0vDHGpVHf h7AQSXYpnrOOljF6hBAMiHZGj/gohbQTDJOIpMULSxun+kHCF3kLe8= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=vBkGLrpIOjWo4TGRZxHB1xSxjEk=; b=O9ieBDxbDMVU3mp2tsBg/46G7NQY MFDE5GQjWd1z55di54zZaE7lsNuWsQnb+UKjfBiRkZQmcChLBFITho/G+Y4mNjuB mFUrYza52gUpjo56YHS22bPPI+ZXF9VxRpX10tDlPBkAgQjs/sQISZo1Hd6fOrlw zxCPnIKf9oYZqfM= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-95.0 required=5.0 tests=AWL,BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,RDNS_DYNAMIC autolearn=ham version=3.3.2 spammy=H*f:sk:1470251, H*i:sk:1470251, H*MI:sk:1470251, Hx-languages-length:3855 X-HELO: calimero.vinschen.de Date: Thu, 4 Aug 2016 09:00:58 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: /dev/ptmx fails with Azure accounts Message-ID: <20160804070058.GA2333@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <1470156870 DOT 684316691 AT apps DOT rackspace DOT com> <20160803143207 DOT GB17526 AT calimero DOT vinschen DOT de> <1470243211 DOT 01868925 AT apps DOT rackspace DOT com> <20160803180012 DOT GC25811 AT calimero DOT vinschen DOT de> <20160803181649 DOT GD25811 AT calimero DOT vinschen DOT de> <1470251109 DOT 311822327 AT apps DOT rackspace DOT com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="qtZFehHsKgwS5rPz" Content-Disposition: inline In-Reply-To: <1470251109.311822327@apps.rackspace.com> User-Agent: Mutt/1.6.2 (2016-07-01) --qtZFehHsKgwS5rPz Content-Type: multipart/mixed; boundary="St7VIuEGZ6dlpu13" Content-Disposition: inline --St7VIuEGZ6dlpu13 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Aug 3 15:05, rmora AT aboutgolf DOT com wrote: > On Wednesday, August 3, 2016 14:16, "Corinna Vinschen" said: >=20 > > On Aug 3 20:00, Corinna Vinschen wrote: > >> On Aug 3 12:53, rmora AT aboutgolf DOT com wrote: > >> > > >> > > >> > The output is as below. This was without Run As Administrator - with > >> > it the Group 0 Sid changed to S-1-16-12288/High Mandatory Level, whi= ch > >> > *seems* appropriate.... > >> > >> It is. Thanks for this test, the result is as horrifying as I imagine= d. > >> Can you please try the testcase attached to this mail, too? It should > >> be built and run the same way: > >> > >> $ gcc -g -o azure-check2 azure-check2.c -lnetapi32 > >> $ ./azure-check2 > >=20 > > Pleae use the one attached in this mail. I noticed I forgot to print > > primary group info. It's not unimportant to see it as well. > >=20 >=20 > Here it is: >=20 > Unknown+User AT Lenovo-PC /cygdrive/c/cygwin64 > $ ./azure-check2 > Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282 > Dom\Name: AzureAD\RussellMora > Primary Group: > Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282 > Dom\Name: AzureAD\RussellMora > NetUserGetInfo: 53 >=20 > Unknown+User AT Lenovo-PC /cygdrive/c/cygwin64 > $ >=20 > (As an aside, I assume that the fact that the permissions on the > compiled executable are totally messed up, and thus the executable > won't run until I fix them via Windows, is incidental to the fact that > I am running under "Unknown+User" and thus you don't want any > information on that as well.....) Good thinking :) Can you please try the attached testcase? Probably my last straw. If that doesn't work as desired, support for AzureAD accounts will be very limited. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --St7VIuEGZ6dlpu13 Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="azure-check2.c" Content-Transfer-Encoding: quoted-printable #include #include #define _WIN32_WINNT 0x0a00 #define WINVER 0x0a00 #include #include #include #include int main () { HANDLE tok; PTOKEN_USER tp =3D (PTOKEN_USER) malloc (65536); DWORD ret; LPSTR str; WCHAR name[256]; WCHAR dom[256]; DWORD nlen, dlen; SID_NAME_USE type; PDOMAIN_CONTROLLER_INFOW pci; NET_API_STATUS status; PUSER_INFO_3 ui3; PUSER_INFO_24 ui24; if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &tok)) { printf ("OpenProcessToken: %u\n", GetLastError ()); return 1; } if (!GetTokenInformation (tok, TokenUser, tp, 65536, &ret)) { printf ("GetTokenInformation(user): %u\n", GetLastError ()); return 1; } ConvertSidToStringSidA (tp->User.Sid, &str); printf (" Sid: %s\n", str); LocalFree (str); nlen =3D dlen =3D 256; if (LookupAccountSidW (NULL, tp->User.Sid, name, &nlen,=20 dom, &dlen, &type)) printf ("Dom\\Name: %ls\\%ls\n", dom, name); else printf ("LookupAccountSidW: %u\n", GetLastError ()); ret =3D DsGetDcNameW (NULL, dom, NULL, NULL, DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, &pci); if (ret !=3D ERROR_SUCCESS) { printf ("DsGetDcNameW: %u\n", status); return 1; } printf ("domain controller: %ls\n", pci->DomainControllerName); status =3D NetUserGetInfo (pci->DomainControllerName, name, 3, (PBYTE *) &ui3); if (status !=3D NERR_Success) printf ("NetUserGetInfo(3): %u\n", status); else { printf ("UserInfo 3:\n"); printf (" Name: %ls\n", ui3->usri3_name); } status =3D NetUserGetInfo (pci->DomainControllerName, name, 24, (PBYTE *) &ui24); if (status !=3D NERR_Success) printf ("NetUserGetInfo(24): %u\n", status); else { printf ("UserInfo 24:\n"); printf (" InternetIdentity: %d\n", ui24->usri24_internet_identity); printf (" Flags: 0x%08x\n", ui24->usri24_flags); printf (" ProviderName: %ls\n", ui24->usri24_internet_provider_name); printf (" PrincipalName: %ls\n", ui24->usri24_internet_principal_nam= e); ConvertSidToStringSidA (ui24->usri24_user_sid, &str); printf (" Sid: %s\n", str); LocalFree (str); } return 0; } --St7VIuEGZ6dlpu13-- --qtZFehHsKgwS5rPz Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXougqAAoJEPU2Bp2uRE+gwksP/A5zvImDbQ1mHqh+iuEYd771 cNhz9Z63pEDzDCN3kWI+2kozGnRPKtHgYyrMbrJGTEu4KTpceYFCPIKod+BFszid n8fFuDDCtUyKfLZV1okPEjKk8hlBrRfopImGW5sPtqjpcPx0pdvsqhFXgrUkjuxV Y4YFckfBhOEbmTvjwZxLCwy5ceyPyym6xib1JlyzZs3AxG+TVOLHm1MkAono80tl wZHpAmNHPYQ6Yj/f51BZFnMUulp/YbqgnvMVi743iXV0s80RZHVtb1y+1rEzZvYF n7qpRSi8dPkDW/eWUQRMsGRlHJ9vUWsGgoDL5MhjK4ftnRleHI8v4EQtkoH73jyO coSlAKaf0dTpRIGuNTEteYPNVjP93JWf1RPCRv1/8Iwl1Bov+OXHYgTXlHuFMgug AUoo7hkg2go+AUzZJ1riEIEMIR4McGcNAcXKo/90h1mSXOsXDVTqL5L9yHP0Wvok oPNE/BrsCgcKIlm9ANed2f57/r88pWNd4XzMKvyhEbYSCjw0ffHzeyDNx+FFgNz9 MTyjd+hvxtNHzjRoNq+M38LPlBA0vrx59RZ70tWMG1I7W8SIChl8ETYBiGDJmkA0 bGWCTHLgBUKnzPqSdWKMZsGfpsxYpytDENjLDQmO7YWh7CmUC9EkTgdM70s23PIJ 0iiz6OdnFvPbbtjaa0wI =+bsT -----END PGP SIGNATURE----- --qtZFehHsKgwS5rPz--