Simplify AD integration?

[Achim Gratz]

Corinna Vinschen writes:
> I'm not sure if that would work as expected. Cygwin explicitely tests
> if the account name follows the current rule.  I'm not so sure what
> effects it would have, if getpwnam could return another username as
> the one given as parameter (apart from the case difference).

That could be a problem if an application checks for that, but then
there's only a handful of cases where you'd want to use an explicitly
prefixed user or group name.

> (and defuse the booby trap in chown).
>
> Well, hmm.  If we allow to specify "NT AUTHORITY+SYSTEM" or
> "BUILTIN+Administrators" even in "auto" or "primary" mode...
>
> Unfortunately this won't help in all cases.  I used a broken example :(
> The "LOCAL" account and a few others have NO domain.  Thus, they are
> simply +-prefixed ("+LOCAL"), even in 'db_prefix: always' mode.

We could invent one, for the sole reason to escape the leading "+".

> Tricky.

Certainly…

>> If you keep it, then there's an obvious candidate missing: "local+other",
>> which should prefix all accounts except the primary domain ones.
>
> Do you mean
>
>   builtin accounts;   "NT AUTHORITY+SYSTEM", "BUILTIN+Administrators", ...
>   primary domain      "corinna", "cgf", ...
>   other domain:       "DOMAIN1+walter", "DOMAIN2+mathilda"

Yes.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Samples for the Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#BlofeldSamplesExtra

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple