On Jan 21 10:37, Corinna Vinschen wrote: > On Jan 21 02:45, Andrey Repin wrote: > > Sorry for the holdup, I was trying to crack it by myself. > > But I was unsuccessful, and have to reach for help. > > Even the most striped down configuration doesn't produce visible > > improvements. > > > > The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.) > > Logged in as domain user with admin rights. > > Current profile path is C:\Users\<username>.<domainname> > > group/passwd files are moved away. > > > > Contents of nsswitch.conf (the last, stripped down next to nothing attempt): > > > > passwd: db > > group: db > > > > db_home: /%H > > db_shell: /bin/sh > > > > > > > set HOME > > HOMEDRIVE=C: > > HOMEPATH=\Users\anrdaemon.CCENTER > > > > > getent passwd %USERNAME% > > anrdaemon:*:1051576:1049089:U-CCENTER\anrdaemon,S-1-5-21-1031481445-3291699540-3997755762-3000:/home/anrdaemon:/bin/bash > > > > If I understand it right, the /%H should always return usable value, so do > > /bin/sh. But I can't get it to work. > > Weird, really. I just tried it again myself and it worked immediately. > > What I'm doing is this: > > - I'm *not* running cygserver. > - Open a mintty. > - Change the nsswitch.conf settings and save the file. > - Start another mintty to observe the effect. > > If cygserver is not running, every new mintty session will see the > latest version of the nsswitch.conf file and create the passwd/group > entries from there. > > I'm wondering if that's a side effect of using a NT4 domain. This isn't > supported in Cygwin anymore for quite some time. After all AD has > replaced NT4 15 years ago. All the LDAP calls to fetch the AD attributes > won't work in an NT4 domain, for instance. > > But even if all the calls to the DB fail, the /path scheme shouldn't be > affected.
But it is... I just inspected the code in CYgwin fetching the extra info
for domain accounts. Due to the way this works - a single ldap call to
fetch all AD attributes - the evaluation only takes place after the LDAP
call was successful. This is independent of using non-AD schemes, basically
like this:
if (is_domain_account)
{
[...]
if (cldap->fetch_ad_account ())
{
gid = posix_offset + cldap->get_primary_gid ();
home = cygheap->pg.get_home (cldap);
shell = cygheap->pg.get_shell (cldap);
gecos = cygheap->pg.get_gecos (cldap);
}
The reason here is that we have to fetch the gid value anyway, so the
code is relying on the ldap call. The get_home(), get_shell(), get_gecos()
methods get the full content fetched from AD and only then creates the
pw_dir, pw_shell and pw_gecos values based on the content of nsswitch.conf.
So, yes, this is a direct result of not supporting NT4 domains anymore.
Sorry,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
pgpX8Yi2tcVUB.pgp
Description: PGP signature
