Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Date: Wed, 17 Jul 2002 14:56:42 +0200
From: Corinna Vinschen <vinschen AT redhat DOT com>
To: cygwin-developers AT cygwin DOT com
Subject: Re: Corinna or Pierre please comment? [jason AT tishler DOT net: Re: setuid() problem when disconnected from PDC under 1.3.12-2]
Message-ID: <20020717145642.G6932@cygbert.vinschen.de>
Reply-To: cygwin-developers AT cygwin DOT com
Mail-Followup-To: cygwin-developers AT cygwin DOT com
References: <20020713165415 DOT GB30143 AT redhat DOT com> <20020715110733 DOT B6932 AT cygbert DOT vinschen DOT de> <20020715125051 DOT GC2372 AT tishler DOT net> <20020715145826 DOT H6932 AT cygbert DOT vinschen DOT de> <20020715155951 DOT GG2372 AT tishler DOT net> <3 DOT 0 DOT 5 DOT 32 DOT 20020715162535 DOT 0080c900 AT mail DOT attbi DOT com> <20020716191735 DOT GB1692 AT tishler DOT net> <20020717121704 DOT GA1260 AT tishler DOT net> <20020717142259 DOT E6932 AT cygbert DOT vinschen DOT de> <20020717123351 DOT GB1260 AT tishler DOT net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020717123351.GB1260@tishler.net>
User-Agent: Mutt/1.3.22.1i

On Wed, Jul 17, 2002 at 08:33:51AM -0400, Jason Tishler wrote:
> On Wed, Jul 17, 2002 at 02:22:59PM +0200, Corinna Vinschen wrote:
> > On Wed, Jul 17, 2002 at 08:17:05AM -0400, Jason Tishler wrote:
> > > So, it appears that I can get my domain group(s) from the cached
> > > credentials even after being disconnected from my PDC for a "long" time
> > > when I logon with a password.  Where do we go from here?
> > 
> > Did you logout and then login again while being disconnected?
> 
> Yes.
> 
> Actually, I first tried it *without* logging out and then after
> re-logging in -- all while being disconnected.  There was no difference
> -- my domain groups were still available.  Was 14 hours long enough?

Sure.  The problem is that there's no such info available for
the services running under system account, AFAICS.  The cached
credentials are not accessible in a programatic way, except for
logon applications.  So you have this information as soon as
you logon locally or you logon via ssh w/ password since that's
running a LogonUser() call which is nearly the same as logging in
locally.

Really, I have no idea how to do that.  As I said, the old way
worked by returning *wrong* information.  It's not a choice to
go back to that implementation.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.