Web lists-archives.com

Re: Windows to Cygwin username mapping: Domain before local account when duplicate name?




Greetings, Bill Stewart!

>> What is a "typical" order?!?
>>
>> If you login locally to a domain member machine the default domain is
>> the logon domain of this machine.  If that's not what you want you have
>> to choose the logon domain of your account explicitely, even if it's the
>> local machine SAM.  Windows will not try to find the user name locally
>> if you didn't chose it explicitely.  You get "The user name or password
>> is incorrect. Try again" instead.
>>
>> The only exception I'm aware of is the "Administrator" account, at least
>> in Windows 10.

> Here's a real-world scenario you might not have considered...

What is your nsswitch configuration, yet again?…

> I have a local account named "Admin" on my computer I use for
> administrative tasks.

> My computer is a member of a medium-side domain (about 25000 users),
> and at some point in the past an admin created a group named "Admin"
> that I didn't even know existed.

> This means that when I test getent using the name "Admin", Cygwin
> finds the domain group:

> PS C:\> getent -w passwd admin
> admin:nnnnnnnn:DOMAINNAME\admin:S-1-5-21-nnnnnnnnnn-nnnnnnnnn-nnnnnnnnn-nnnnnn

> I get that this is by design, but .NET finds the local account first,
> which is what I was expecting:

> PS C:\> $name = [Security.Principal.NTAccount] "admin"
> PS C:\> $sid = $name.Translate([Security.Principal.SecurityIdentifier])
> PS C:\> $sid.Translate([Security.Principal.NTAccount])

> Value
> -----
> COMPUTERNAME\Admin

> Hence the question.

> Regards,

> Bill

> --
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



-- 
With best regards,
Andrey Repin
Saturday, February 16, 2019 3:56:41

Sorry for my terrible english...