This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [Bug] File permissions across domains

Corinna Vinschen writes:
> It's dirt easy:

For you... :-)  I know next to nothing about all this stuff.

> Ok.  However, MSDN explicitely suggests to fetch the AuthZ context
> from the current user token, if the idea is to ask for the permissions
> of the current user.  It's much less costly than calling
> AuthzInitializeContextFromSid.


> Is your account an admin account by any chance?  If so, does it work if
> you run in an elevated shell?

As I said, I have both an admin and a normal account that show the same
behaviour (it makes no difference if the admin account is used with
elevated privileges or not).

> I don't understand what you're trying to say here.  Are there
> differences or not?

You're on to something.  I have over 500 groups in my token in the old
domain, but only half of those end up in the token when I'm logged in on
the machine in the new domain (at least as far as Cygwin is concerned as
obviously I can still access the files when I'm actually trying).  I
scheduled an audience with one of the AD guys some time next week, he
thinks he can explain why that happens and hopefully it's something that
can be fixed on the AD side.  Eventually I'll have my account migrated
to the new domain later this year anyway at which point these sort of
problems should go away, but at least for the next two months I'll have
to stick it out.

+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Factory and User Sound Singles for Waldorf Blofeld:

Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]