On Nov 25 17:09, Habermann, David (D) wrote: > > Two things to keep in mind: > > > - It's not actually clear yet if it's a sidHistory entry or some SID > > created by another mechanism. > > > Even if it's sidHistory, it may be *very* old. Did you work at the > > company already back in NT4 times? That might explain the sidHistory > > entry and the total lack of files still having this SID in its ACL. > > As far as I know, Microsoft suggests to remove the sidHistory entries > > as soon as they are not needed anymore. > > Yes, I guess I'll have to date myself now. I've worked here with the > same user ID since 1975 (full time since 1980), so I span basically > the entire non-mainframe computer era. So what you are suggesting is > quite likely, and it would not be surprising for clean-up work to have > been neglected. A quick look in our AD shows numerous things such as > "Legacy local groups" and "Legacy Mailboxes". One concern I have here > is that when I dig down into AD to "DC=dow,DC=com,OU=Dow > Users,OU=Employees" and find what I believe is my current active > record I find a record with "U074036" (capital 'U') whereas the record > we saw as my "UID" earlier in this thread was with a lowercase 'u'.
Hmm. That should not be a big problem because user and group name comparisons are case-insensitive. Hopefully everywhere in the code... > I > found this by searching for sAMAccountName=u074036, and it is the only > record found by this search. Does this record have one or more entries in the sidHistory attribute? Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgp8MrEHwbBAC.pgp
Description: PGP signature
