On Jul 21 21:38, Linda Walsh wrote: > 1) local user 'law', 'root' and 'guest' are all in '513' > Sid "S-1-5-21----513" is a "well known sid" for 'Domain Users' > (why it shows up as a group labeled 'non' with my local > computers id in the computer part, is confusing.
It's confusing? It's Windows! Every local SAM has a default group with RID 513, the name of that group is even (badly) localized. "None" in English, "Kein" in German, "Aucun" in French, etc. > 2) 'law' is in 'lawgroup' (one good thing!) > But Domain user 'root' is in group 10513, which is sorta 'broken' > like the local users mapping to 513. It probably should have > mapped to '10512'? Nope. All users' primary group is "None" or "Domain Users", even for admins. > 3) Why 2 Backup Operators? -- Backup Operators mapping > correctly from Sid S---551->551. > but 'builtin\backup operators, (also 512, mapping to a different > domain-mapped UID on the local machine). One hes been returned by the local SAM group listing function, one by the domain group listing function. For all practical purposes it's the same group. You should not call `mkgroup -l' and then `mkgroup -D'. Call `mkgroup -l -D' in one go and the confusing double groups will disappear. > I do have Domain Admins, -512, but they aren't being mapped > to the correct local GID of '512'... > Same goes for 'Domain Controllers' (516->10516) > ---- > Conflicts? > Or design (I hope?, but how to fix the broken parts?) Calling $ mkpasswd -l -D > /etc/passwd $ mkgroup -l -D > /etc/group will fix it. http://cygwin.com/cygwin-ug-net/ntsec.html http://cygwin.com/cygwin-ug-net/using-utils.html#mkgroup http://cygwin.com/cygwin-ug-net/using-utils.html#mkpasswd Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
