Simplify AD integration?
Corinna Vinschen
corinna-cygwin@cygwin.com
Mon Aug 4 19:00:00 GMT 2014
On Jul 30 20:43, Corinna Vinschen wrote:
> On Jul 30 12:10, Eric Blake wrote:
> > [resend; apologies for the encryption snafu]
> >
> > On 07/30/2014 07:47 AM, Corinna Vinschen wrote:
> > >
> > > Default is 'auto':
> > >
> > > builtin accounts; "+SYSTEM", "+LOCAL", etc.
> > > primary domain "corinna", "cgf", ...
> > > other domain: "DOMAIN1+walter", "DOMAIN2+mathilda"
> > >
> >
> > >
> > > Also, the leading '+' for builtin accounts results in some downsides,
> > > one of them for instance the fact that `chown +x' assumes that x is a
> > > numerical uid or gid. Thus `chown +SYSTEM ...' fails. On the other
> > > hand it simplifies the account handling inside of Cygwin.
> >
> > I'm really worried about the leading + thing.
> > [...]
>
> Good points. I might have overvalued the gain of easily recognizing
> builtin accounts by the leading '+' separator.
>
> Big, big, hmmmmm, *thinking*...
I just uploaded a new snapshot to http://cygwin.com/snapshots/
This snapshot contains only a single change: It drops the prepended
plus entirely, So the builtin and well-known accounts are now called as
familiar: SYSTEM instead of +SYSTEM, Administrators instead of
+Administrators, etc.
The documentation doesn't reflect this change yet, but I will fix that
pretty soon.
As for other changes, I'm still not sure since we seem to have as
many different opinions as interested community members :}
I would still like to drop the db_prefix and db_separator settings and
just stick to the setting called "auto":
builtin accounts; "SYSTEM", "Administrators", etc.
primary domain "corinna", "yaakov", ...
This is typically all you see on non-domain machines. On domain
maches, add this:
other domain: "DOMAIN1+walter", "DOMAIN2+mathilda"
(local SAM accounts are subsumed under "other domain" here).
Would anybody have really terrible problems with this approach?
If so, what problems?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20140804/e3bf68bf/attachment.sig>
More information about the Cygwin
mailing list