On Wed, Mar 06, 2024 at 02:01:06PM +0100, Corinna Vinschen via Cygwin wrote: > On Mar 5 23:38, Dan Shelton via Cygwin wrote: > > On Sat, 24 Feb 2024 at 14:11, Corinna Vinschen via Cygwin > > <cygwin@cygwin.com> wrote: > > > > > > On Feb 23 22:15, Dan Shelton via Cygwin wrote: > > > > HOWEVER, there is another Cygwin bug: > > > > "getent group mywingrp1" does not list any group members, even after > > > > "net localgroup mywingrp1 mywinuser44 /add", which is a POSIX > > > > violation. > > > > > > Not a bug. Two problems: > > > > > > - Getting members of a group can be an extremly costly operation > > > in a domain or, worse, a domain forest, or even worse, if the > > > domain or domain forest is remote. > > > > > > - Alonmg the same lines, getting members of a group can be extremly > > > costly in big orgs with thousands of users. Nobody want's to clutter > > > up space with the list of members in the "Domain Users" group. > > > > > > - Permissions to enumerate members of a group are restricted. > > > By default only admins and group members are allow to enumerate > > > members and this can be restricted further by domain admins. > > > > > > Therefore we dropped even trying to populate gr_mem, considering > > > that even in its original form on Unix systems, it's used only > > > to add supplementary groups. To do this right on Windows is even > > > more costly than blindly enumerating. > > > > > > It's not a bug, it's a feature :) > > > > Could you add an option to getent so that the full lookup can be > > requested via command line, pls? > > That's not possible. getent just calls getpwent/getgrent. > > > Always editing /etc/nsswitch.conf > > forth and back is not a elegant solution, aside from race conditions > > with other users on a system > > So, here we go again. > > - What exactly are you trying to accomplish by enumerating the accounts? > Maybe you won't actually need it for your task at hand. > > - Why do you have to change nsswitch.conf "back and forth"? > Just change it once and you're done. > > > Corinna
Hello > > Dan Shelton - Cluster Specialist Win/Lin/Bsd > > Always editing /etc/nsswitch.conf > > forth and back is not a elegant solution, aside from race conditions > > with other users on a system Please check the man page for getent. man getent getent --help You can use -s or --service to override the service used without editing nsswitch.conf. The man page on Linux provides an example with a bit more details than the man page for getent under cygwin. https://www.man7.org/linux/man-pages/man1/getent.1.html -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
