ANN: login.exe for Domain-Logins [was Re: Domain Logins from an NT workstation]

Corinna Vinschen corinna@vinschen.de
Mon Nov 29 10:18:00 GMT 1999 

Steve Bloomfield wrote:
> 
> > Steve Bloomfield wrote:
> > >
> > > After setting up inetd and telnetd I can successfully login
> > using accounts
> > > local to my workstation.  Is it possible to specify a
> > domain name when
> > > logging in with telnet to the password can be validated by a domain
> > > controller?

Hi all,

my original reply to this mail contained a useless recommendation.

But now, I have a solution. Unfortunately, this is useful only
for users of the latest snapshots, with `ntsec' on, with the
pw_gecos field in /etc/passwd has containing the SID of the user
as the last part.

I'm sorry for that, but I tried it with earlier dlls (above all
the 1.0 version) and without ntsec. No chance!

The solution consists of a new `login' application that substitutes
the old one and a change in /etc/passwd.

First of all, copy the new `login.exe' over the old one.

Then you have to change /etc/passwd in one of two ways:

I.  The simple way: Change the pw_name field so that it contains
    the nt-domain and the nt-username separated by a backslash:

    domain\user::1104:513:John Doe,S-1-5-21-...

    Disadvantage: You can't see the username in calls to `ls -l'
    anymore because ls shortens the name to 8 characters. Moreover
    you will have to use this long form (domain\user) on the command
    line, too.

II. The nice way (IMHO): The pw_gecos field may contain an additional
    field, that beginns with (upper case!) "U-", followed by the
    domain and the username separated by a backslash. 
    Very important: The SID _must_ be the _last_ part of pw_gecos!!!
    The username in pw_name itself may be any nice name:

    domuser::1104:513:John Doe,U-domain\user,S-1-5-21-...

    Now you may use `domuser' as your login name with telnet!!!
    This is possible additionally for local users, if you don't like
    your NT login name ;-) You only have to leave out the domain:

    locuser::1104:513:John Doe,U-user,S-1-5-21-...

    Disadvantage: No other field in pw_gecos may begin with "U-".

I have attached the gzip'd binary and the patch to login.c,
altogether about 10K.

Have fun,
Corinna
login.patch.gz
login.exe.gz
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: login.exe.gz
Type: application/x-gzip
Size: 9388 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/19991129/bbbd07fe/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: login.patch.gz
Type: application/x-gzip
Size: 732 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/19991129/bbbd07fe/attachment-0001.bin>

More information about the Cygwin mailing list