On Jan 21 11:20, Corinna Vinschen wrote:
> On Jan 21 10:37, Corinna Vinschen wrote:
> > On Jan 21 02:45, Andrey Repin wrote:
> > > The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.)
> > > [...]
> > I'm wondering if that's a side effect of using a NT4 domain. This isn't
> > supported in Cygwin anymore for quite some time. After all AD has
> > replaced NT4 15 years ago. All the LDAP calls to fetch the AD attributes
> > won't work in an NT4 domain, for instance.
> >
> > But even if all the calls to the DB fail, the /path scheme shouldn't be
> > affected.
>
> But it is... I just inspected the code in CYgwin fetching the extra info
> for domain accounts. Due to the way this works - a single ldap call to
> fetch all AD attributes - the evaluation only takes place after the LDAP
> call was successful. This is independent of using non-AD schemes, basically
> like this:
>
> if (is_domain_account)
> {
> [...]
> if (cldap->fetch_ad_account ())
> {
> gid = posix_offset + cldap->get_primary_gid ();
> home = cygheap->pg.get_home (cldap);
> shell = cygheap->pg.get_shell (cldap);
> gecos = cygheap->pg.get_gecos (cldap);
> }
>
> The reason here is that we have to fetch the gid value anyway, so the
> code is relying on the ldap call. The get_home(), get_shell(), get_gecos()
> methods get the full content fetched from AD and only then creates the
> pw_dir, pw_shell and pw_gecos values based on the content of nsswitch.conf.
>
> So, yes, this is a direct result of not supporting NT4 domains anymore.FTR, Andrey and I were tackling this problem off-list, and I now added a small, non-intrusive piece of code to allow fetching account info from an NT4 domain. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpgAn4RpT3FK.pgp
Description: PGP signature
