This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: gid doesn't display correctly on SAMBA share using AD



On 02/25/2015 11:18 AM, Corinna Vinschen wrote:
On Feb 25 11:01, Len Giambrone wrote:
Using the latest cygwin:

$ cygcheck -c cygwin
Cygwin Package Information
Package              Version        Status
cygwin               1.7.34-6       OK

I've asked my admin to update the uidNumber and gidNumber in AD.  He has
done so:

DistinguishedName :
CN=build,OU=GroupAccounts,OU=Users,OU=Cambridge,DC=iscinternal,DC=com

Enabled           : True

gidNumber         : 999

GivenName         : build

Name              : build

ObjectClass       : user

ObjectGUID        : 0901b540-b044-437f-a167-53e1453eab94

SamAccountName    : build

SID               : S-1-5-21-112145844-1872675854-1690816760-17189

Surname           :

uidNumber         : 56191

UserPrincipalName : build@iscinternal.com


The username displays correctly, but the group name does not:

$ ls -la foo
-rw-rw-r-- 1 build Unix_Group+999 0 Feb 25 10:52 foo

And this is confirmed by running getent:

$ getent passwd build
build:*:1065765:1049089:U-ISCINTERNAL\build,S-1-5-21-112145844-1872675854-1690816760-17189:/home/build:/bin/bash

$ getent passwd group

I've read
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-gecos
'til I'm blue in the face, and I think this should work.
What am I missing?  How can I debug?
If your admin changed your user account to have a gidNumber 999 only,
then that won't help,  Consider:  Cygwin tries to find a group with
gidNumber set to 999.  How is it supposed to evaluate the right
gidNumber value from some arbitrary user account?

What Cygwin needs to get the right connection between a Windows group
and a gidNumber value is that the *group* entry in AD itself has the
gidNumber set to the right value.

I don't know if that's really the problem in your case, but that seems
the most likely.

Please report back.  I'm excited that I'm not the only one interested
in getting this connection between unix and windows ids working :)


It worked. :) Now I just have to persuade my admin to populate uidNumber and gidNumber for all our current and new users...

Corinna


--
-Len

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]