This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ANNOUNCEMENT] New release of setup.exe (

Pierre A. Humblet wrote:
On Sat, Mar 15, 2003 at 03:30:03AM -0800, Doug VanLeuven wrote:

I wish I had just one domain.  To set this up in a mutidomain
environment, I'm finding
I install as an administrator of one of the domains DOMAIN1
create local passwd & group files
	passwd.local & group.local
create domain passwd & group files:
	passwd.DOMAIN1 & group.DOMAIN1
Then log in as an admin in domain DOMAIN2
create domain passwd & group files:
	passwd.DOMAIN2 group.DOMAIN2

Why do you need to log in several times instead of using
repeatedly mkpasswd -d DOMAINX? Is it for access right reasons?
Also, how do you avoid having duplicated uids? Do you use the
-o switch ?

Have to log in to establish credentials. Same name in different domain is not really same user. Yeah -o offset. I use a case table matching against domain name when the domain name != machine name. Since the default case was 10000, I used multiples of 10000.

If it weren't for the access right problems (can you solve them
by having one user that has access everywhere), mkpasswd could be extended to take several domains at once. It could also avoid duplicating uids. Would that help you?

That could be done by trust relationships between domains and adding users outside the current domain to account operators. But those pre-conditions don't always exist and sometimes by design.

How large is /etc/passwd in the end? Do you really need to have all the users in the file?

Depends on the number of users. I have hundreds of accounts, not thousands, so its not too bad. call it 120k per domain.

Technically, it wouldn't strictly be necessary, but I roll out
images to a couple hundred machines.  I want proper account
info available in the event the machine boots without network
connectivity.  Notebooks are a good example of this.  The user
can log on for a configurable number of times to the domain
account when detached from the network.  Cygwin should work
under that circumstance too.

Plus it's one of those nitpicky completeness things I do just
because I've been admin on Unix for 20+ years & things
like that have bit me before.

Doug VanLeuven
Programmer/Analyst, SCWA
Chief Engineer, USMM

-- Unsubscribe info: Bug reporting: Documentation: FAQ:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]