On Feb 5 12:08, Achim Gratz wrote: > Corinna Vinschen writes: > >> 2. Parse the output of groups or id -G. I can't find any reliable way to > >> do > >> this. For example on my host, when I start a shell with "Run as > >> administrator", > >> the new group I get isn't 544 (Administrators). It's 114 (Local account > >> and > >> member of Administrators group). Is that at all portable or reliable? > > > > Huh? There is no such group in Windows. Where does it come from? > > Yes there is, at least on Windows 8.1N Core and Server 2012R2. In fact > there are two new SID: > > 113 (Local account) > 114 (Local account and member in Administrators group) > > http://blogs.technet.com/b/secguide/archive/2014/09/02/blocking-remote-use-of-local-accounts.aspx > https://msdn.microsoft.com/en-us/library/cc980032.aspx
Thanks for the info. Now I remember that I saw them already at one point, but I never had a deeper look what they actually are good for. However, the user token of such a user still contains the Administrators group (I just tested it) and thus the `id -G' test for 544 (or 0 with the old "root" entry in /etc/group) is still valid. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgp4Bh8V06DgL.pgp
Description: PGP signature
