This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Simplify AD integration?


On Jul 30 13:09, Eric Blake wrote:
> On 07/30/2014 12:40 PM, Corinna Vinschen wrote:
> 
> >>> 2. Shall we stick to '+' as the separator char or choose another one?
> >>>    If so, which one?
> >>
> >> How about "@"?
> > 
> > Dunno.  It *might* be a good alternative to '+'.  Personally I just
> > dislike that a '@' is a less "light" character and it might give a wrong
> > idea.  Email:  name AT domain.  Cygwin account:  domain AT name.
> 
> How bad would it be to treat the window's DOMAIN\user as cygwin
> user@DOMAIN?  Yes, it means string-splicing to rearrange strings when
> converting between the two forms, rather than just single-character
> replacement, but it might work.

It's more or less simple from a coding perspective, slightly more
complicated when evaluating the incoming name in a call to
getpwnam/getgrnam.

But I'm concerned that using this form is worse than DOMAIN@user.  As
you know, starting with Active Directory in Windows 2000, there are two
variations of the domain name.

The first is the Netbios domain name as used in pre-Windows 2000
already.  It's called "flat name" and it consist of alphanumeric chars
only.  The Windows expression for this type of username is
FLATEXAMPLE\user.

The second, more modern is the DNS-type domain name.  In this case the
domain name is a DNS-style name like example.com.  A username in this
style is written like a email address (trying to workaround the mailing
list filters) user AT example DOT com.  You can use this style to login
to your machine, for instance.

FLATEXAMPLE and example.com are the same domain, just two different
names for the same thing.

LookupAccountSid and LookupAccountName return the FLATEXAMPLE domain and
that's used in the Cygwin username.

If you start using the FLATEXAMPLE domain in the writing style of
the DNS-style domain, I can see a lot of confusion coming up.  This
does in no way reflect what the users use with native Windows.

"name @ FLATEXAMPLE?!?  Shouldn't that be name AT example DOT com?"

OTOH, if we use the DNS-style name as username, we introduce an even
more complex naming scheme on the commandline, with additional dots.
I'm not sure how useful that is.

Does that make sense?


Corinna


-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpraFVzo2Iyx.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]