This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Suggestion for setup

> -----Original Message-----
> From: Rick Rankin []
> Sent: Wednesday, March 06, 2002 5:22 PM
> To: Bernard Dautrevaux; 'Robert Collins'; Stephano Mariani;
> Subject: RE: Suggestion for setup
> --- Bernard Dautrevaux <> wrote:
> > > > -----Original Message-----
> > On the same ground, it would be nice if, when creating 
> /etc/passwd and
> > /etc/group, setup.exe pass the "-d" flag to 
> mkpasswd/mkgroup; otherwise,
> > ntsec is almost unusable for the (vast majority of) 
> NT/2k/XP users that
> > happen to be in a Windows domain.
> > 
> > I don't know what happens if "mkpasswd -d" is used on 9x/Me 
> if not in a
> > domain, but this seems harmless on NT/2k/XP, so always 
> passing -d seems
> > harmless in these cases.
> > 
> Depends on how you define "harmless". We have a *huge* 
> domain, and "mkpasswd
> -d" can take a very long time (20 - 30 minutes) to complete, 
> so I definitely
> wouldn't want to run blindly run it with the -d option here. 
> If it were
> implemented, it should be an option, at least.

Oh, I didn't think at that ;-( Obviously a way to avoid running "mkpasswd
-d" in such a case would be useful. 

> When I run mkpasswd here, I generally run it twice, once to 
> get local machine
> accounts, and once with the -d *and* -u options to get a 
> specific user's info
> from the domain. It might be useful with those options. Hmm, 
> maybe I'll take a
> look at that. It would require some fields in the GUI though...

Sure this is the most flexible solution. Another option would be to only get
the password for the profiles we find locally on the system while

Of course the right solution would be to avoid the need for /etc/passwd and
/etc/group and automatically serach the NT domain controller, but I'm afraid
this would be a *huge* job to create these files as virtual files that just
talk to the domain controller if any. Plus if one blindly and dumbly just
search through the /etc/passwd file you will get the 20min run time anyway. 

I'm not familiar enough with how programs like "ls" for example maps user
IDs to user names; if there is some "standard" way to search for entries in
/etc/passwd, then these can look directly in the domain controller. OTOH if
they just read the whole password file linearly searching for the mapping,
then we're a bit stuck.

Oh, let me look at the doco: there is routines like "getpwuid()" or
"getpwnam()" that may be implemented to look at the domain controller. Of
course "getpwent()", iterating on the password database, will last for long

Just my .02euros


Bernard Dautrevaux
Microprocess Ingenierie
97 bis, rue de Colombes
Tel:	+33 (0) 1 47 68 80 80
Fax:	+33 (0) 1 47 88 97 85

Unsubscribe info:
Bug reporting:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]