Hi Russell, On Aug 15 12:48, rm...@aboutgolf.com wrote: > $ ./azure-check3 > Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282 > Dom\Name: AzureAD\RussellMora > DsGetDcNameW: 1355 > NetUserGetInfo(NULL, 3): 2221 > NetUserGetInfo(NULL, 24): 2221
This is as bad as I feared. Apart from the username and the Windows home dir, there are no other information which could be fetched by the usual means. Quite apart from the fact that there are no means to *store* this information somewhere, other than creating an explicit /etc/passwd and matching /etc/group entry. But, anyway, I prepared some code for the Cygwin DLL to handle these accounts even if no /etc/passwd and /etc/group entries are present. It still needs some work, though, and for that I'd ask you to perform a last test. I attached a short testcase. We know that LookupAccountSid from the user SID in the user token returns a name (RussellMora) and a domain (AzureAD). However, the open question is if the reverse operation LookupAccountName works as desired when feeding it the domain name and the user name. Actually, for completeness the testcase tries it two ways: Once only with the username, once with dom\username. The reason for testing this is, if the reverse lookup works with only the name we *could* go ahead and omit the domain from the Cygwin username. I'm not yet sure if that's feasible, but it's certainly worth a try. Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
#include <stdio.h>
#include <wchar.h>
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include <windows.h>
#include <lm.h>
#include <dsgetdc.h>
#include <sddl.h>
int
main ()
{
HANDLE tok;
PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
DWORD ret;
LPSTR str;
WCHAR name[256];
WCHAR dom[256];
WCHAR aname[513];
PSID rsid = (PSID) malloc (128);
DWORD nlen, dlen, rlen;
SID_NAME_USE type;
if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &tok))
{
printf ("OpenProcessToken: %u\n", GetLastError ());
return 1;
}
if (!GetTokenInformation (tok, TokenUser, tp, 65536, &ret))
{
printf ("GetTokenInformation(user): %u\n", GetLastError ());
return 1;
}
ConvertSidToStringSidA (tp->User.Sid, &str);
printf ("Sid: %s\n", str);
LocalFree (str);
nlen = dlen = 256;
if (LookupAccountSidW (NULL, tp->User.Sid, name, &nlen, dom, &dlen, &type))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
else
printf ("LookupAccountSidW: %u\n", GetLastError ());
rlen = 128;
dlen = 256;
if (LookupAccountNameW (NULL, name, rsid, &rlen, dom, &dlen, &type))
{
ConvertSidToStringSidA (rsid, &str);
printf ("Reverse Sid (%ls): %s\n", name, str);
LocalFree (str);
}
else
printf ("LookupAccountNameW (%ls): %u\n", name, GetLastError ());
wcpcpy (wcpcpy (wcpcpy (aname, dom), L"\\"), name);
rlen = 128;
dlen = 256;
if (LookupAccountNameW (NULL, aname, rsid, &rlen, dom, &dlen, &type))
{
ConvertSidToStringSidA (rsid, &str);
printf ("Reverse Sid (%ls): %s\n", aname, str);
LocalFree (str);
}
else
printf ("LookupAccountNameW (%ls): %u\n", aname, GetLastError ());
return 0;
}
signature.asc
Description: PGP signature
