X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; q=dns; s=default; b=RmKzz1p
	VuphNrbAOjK0xm/WGAEg2gAFA5X7anq0KYdYboC9cJlKGJF6e5QJfbqd0eArrbKq
	DYahnywSm5VTGXUbIig9nzZbsjmpqXTAM8G2yO4EWHhSp36zJr9NMpuNNsidSp0U
	1ZFyl/yQtwGbGQ0affkkkKGaLwGiQdceu0yg=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:references:in-reply-to:from:date
	:message-id:subject:to:content-type; s=default; bh=woty9VoOoBTln
	Gnw6AWLvEl0enA=; b=K4Jn9EeS9kFcuDNXBMprd9Blm7Z7Hf4MzUld/3u4TAUgh
	IgaUJ11g03xmFw1sjKi6nH74m1JVzvdqDbiOyVaEza+MoKvDSzhr7IhI/FJRELLA
	t2KHDdcWds5IA4Ve53dbjhPMCnEFDvcMDrwvPmzQvjSmc6Rq4j4PWPQfMI15kE=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=
X-HELO: mout.gmx.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.com;	s=dbd5af2cbaf7; t=1550258062;	bh=vBR5UvcYUCre3H0eJQYfuqCQVbKOkqkIVclmbLs5ac0=;	h=X-UI-Sender-Class:References:In-Reply-To:From:Date:Subject:To;	b=UtxgzqS616c9PWiSG1nVfX5Rwq/3sOXnYBHAuUsZ2F5kPFdQjCIKC8acsnf0veoo4	 4Iv7DMurf2+TxZ5Tox01j7d3XOh9WNPX4moqQHru9yYGj1nuCXMdRNmIDH2I/7n9Qr	 Vn+5NsjBBR8tfcyfivwEJaBRLRZ95qpVkIHw9XsI=
X-UI-Sender-Class: 214d933f-fd2f-45c7-a636-f5d79ae31a79
MIME-Version: 1.0
References: <CANV9t=SNfgP-CA32yfPwLv2=d0F8xtpdCT4o_wwGFGE+F3SEuA AT mail DOT gmail DOT com> <50cba8d1-4794-8db9-d1f3-ab9476421db7 AT gmx DOT com> <CANV9t=QQ1higAt1qeDF4fckkz_6eqQJtdhau8+uhrAvGtWUK_A AT mail DOT gmail DOT com> <20190215163817 DOT GI2702 AT calimero DOT vinschen DOT de>
In-Reply-To: <20190215163817.GI2702@calimero.vinschen.de>
From: Bill Stewart <bstewart AT iname DOT com>
Date: Fri, 15 Feb 2019 12:14:07 -0700
Message-ID: <CANV9t=Rm+su=qDqdFN-LqiMLEAHJD7WxW_OSqqSpqgeb6ir++w@mail.gmail.com>
Subject: Re: Windows to Cygwin username mapping: Domain before local account when duplicate name?
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset="UTF-8"
X-IsSubscribed: yes

On Fri, Feb 15, 2019 at 9:38 AM Corinna Vinschen wrote:

> There's a documented ruleset which is strictly followed
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-how:

From that reference, we have the following order:

* Well-known SIDs in the NT_AUTHORITY domain of the S-1-5-RID type

* Other well-known SIDs in the NT_AUTHORITY domain (S-1-5-X-RID)

* Other well-known SIDs

* Logon SIDs

* Accounts from the local machine's user DB (SAM)

* Accounts from the machine's primary domain

* Accounts from a trusted domain of the machine's primary domain

This listing suggests to me that local accounts would be returned
before domain accounts. This is sensible because you wouldn't want to
search the domain before searching the local machine first
(performance).

So the scenario I am talking about is there is testuser in local SAM,
and testuser in computer's domain.

'getend passwd testuser' returns the domain account. Based on the
above, I was expecting the local account to be returned first.

What am I missing?

Bill

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple