mkpasswd — Write /etc/passwd-like output to stdout


mkpasswd [ -l | -L [MACHINE] ] [-d [DOMAIN]] [-c] [-S CHAR] [-o OFFSET] [-u USERNAME] [-b] [-U USERLIST]

mkpassword -h | -V


   -l,--local [machine]    Print local user accounts of \"machine\",
                           from local machine if no machine specified.
                           Automatically adding machine prefix for local
                           machine depends on settings in /etc/nsswitch.conf.
   -L,--Local [machine]    Ditto, but generate username with machine prefix.
   -d,--domain [domain]    Print domain accounts,
                           from current domain if no domain specified.
   -c,--current            Print current user.
   -S,--separator char     For -L use character char as domain\\user
                           separator in username instead of the default '+'.
   -o,--id-offset offset   Change the default offset (0x10000) added to uids
                           of foreign local machine accounts.  Use with -l/-L.
   -u,--username username  Only return information for the specified user.
                           One of -l, -d must be specified, too
   -b,--no-builtin         Don't print BUILTIN users.
   -p,--path-to-home path  Use specified path instead of user account home dir
                           or /home prefix.
   -U,--unix userlist      Print UNIX users when using -l on a UNIX Samba
                           server.  Userlist is a comma-separated list of
                           usernames or uid ranges (root,-25,50-100).
                           Enumerating large ranges can take a long time!
   -h,--help               Displays this message.
   -V,--version            Version information and exit.

Default is to print local accounts on stand-alone machines, domain accounts
on domain controllers and domain member machines.


Don't use this command to generate a local /etc/passwd file, unless you really need one. See the Cygwin User's Guide for more information.

The mkpasswd program can be used to create a /etc/passwd file. Cygwin doesn't need this file, because it reads user information from the Windows account databases, but you can add an /etc/passwd file, for instance if your machine is often disconnected from its domain controller.

Note that this information is static, in contrast to the information automatically gathered by Cygwin from the Windows account databases. If you change the user information on your system, you'll need to regenerate the passwd file for it to have the new information.

By default, the information generated by mkpasswd is equivalent to the information generated by Cygwin itself. The -d and -l/-L options allow you to specify where the information comes from, some domain, or the local SAM of a machine. Note that you can only enumerate accounts from trusted domains. Any non-trusted domain will be ignored. Access-restrictions of your current account apply. The -l/-L when used with a machine name, tries to contact that machine to enumerate local groups of other machines, typically outside of domains. This scenario cannot be covered by Cygwin's account automatism. If you want to use the -L option, but you don't like the default domain/group separator from /etc/nsswitch.conf, you can specify another separator using the -S option, analog to mkgroup.

For very simple needs, an entry for the current user can be created by using the option -c.

The -o option allows for special cases (such as multiple domains) where the UIDs might match otherwise. The -p option causes mkpasswd to use the specified prefix instead of the account home dir or /home/ . For example, this command:

Example 3.9. Using an alternate home root

$ mkpasswd -l -p "$(cygpath -H)" > /etc/passwd

would put local users' home directories in the Windows 'Profiles' directory. The -u option creates just an entry for the specified user. The -U option allows you to enumerate the standard UNIX users on a Samba machine. It's used together with -l samba-server or -L samba-server. The normal UNIX users are usually not enumerated, but they can show up as file owners in ls -l output.