X-Spam-Check-By: sourceware.org
Message-ID: <31b7d2790707131317r48a2b4ear1c917902f88aa68f@mail.gmail.com>
Date: Fri, 13 Jul 2007 15:17:04 -0500
From: "DePriest, Jason R." <jrdepriest AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Non-trusted domain user causes mkpasswd and mkgroup to fail
In-Reply-To: <70952A932255A2489522275A628B97C304C130C5@xmb-sjc-233.amer.cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <015b01c7c567$6f21fbf0$2e08a8c0 AT CAM DOT ARTIMI DOT COM> 	 <70952A932255A2489522275A628B97C304C130C5 AT xmb-sjc-233 DOT amer DOT cisco DOT com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On 7/13/07, Matt Seitz (matseitz)  wrote:
> From: Dave Korn
> >
> >   Let me repeat myself:
> >
> > >> If you aren't
> > >> logged into the domain
> >    ^^^^^^^^^^^^^^^^^^^^^^
> >
> >   Logging into the local machine and logging into the domain
> > are two different
> > things.  When you are not logged in to the domain, it would
> > be very very wrong
> > for the domain controller to send you any information about
> > the domain.[*]
>
> Sorry, I guess I'm still not being clear.  When I did "runas /netonly
> /user:machine\user" followed by "mkpasswd -d machine -u user", I was
> trying to create a "passwd" entry for a user account that was local to
> the server named "machine".  In other words, I was trying to access
> information about the "machine\user" local user account.  I was not
> trying to access information about a domain user account.
>
> Perhaps I'm confusing things by using the example name "user" in both
> cases.  Let me try restating it:
>
> "runas /netonly /user:domain1\userA" followed by "mkpasswd -d domain1 -u
> userA":  works
> "runas /netonly /user:machine2\userB" followed by "mkpasswd -d machine2
> -u userB":  fails
>
> --
> Matt Seitz
> Manager, File System Virtualization
> Cisco Systems, Inc.
> .:|:.:|:.
>

If the server is stand alone, wouldn't mkpasswd -l be more appropriate
than mkpasswd -d?

-Jason

-- 
NOTICE:  This email is being sent in clear-text across the public
Internet.  Therefore, any attempts to include unenforceable legalese
restrictions are ridiculous and pointless.  If you can read this,
consider yourself authorized (whether I like it or not).

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/