Windows to Cygwin username mapping: Domain before local account when duplicate name?
Bill Stewart
bstewart@iname.com
Sat Feb 16 01:05:00 GMT 2019
On Fri, Feb 15, 2019 at 2:32 PM Corinna Vinschen wrote:
> What is a "typical" order?!?
>
> If you login locally to a domain member machine the default domain is
> the logon domain of this machine. If that's not what you want you have
> to choose the logon domain of your account explicitely, even if it's the
> local machine SAM. Windows will not try to find the user name locally
> if you didn't chose it explicitely. You get "The user name or password
> is incorrect. Try again" instead.
>
> The only exception I'm aware of is the "Administrator" account, at least
> in Windows 10.
Here's a real-world scenario you might not have considered...
I have a local account named "Admin" on my computer I use for
administrative tasks.
My computer is a member of a medium-side domain (about 25000 users),
and at some point in the past an admin created a group named "Admin"
that I didn't even know existed.
This means that when I test getent using the name "Admin", Cygwin
finds the domain group:
PS C:\> getent -w passwd admin
admin:nnnnnnnn:DOMAINNAME\admin:S-1-5-21-nnnnnnnnnn-nnnnnnnnn-nnnnnnnnn-nnnnnn
I get that this is by design, but .NET finds the local account first,
which is what I was expecting:
PS C:\> $name = [Security.Principal.NTAccount] "admin"
PS C:\> $sid = $name.Translate([Security.Principal.SecurityIdentifier])
PS C:\> $sid.Translate([Security.Principal.NTAccount])
Value
-----
COMPUTERNAME\Admin
Hence the question.
Regards,
Bill
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list