From 34a50bf03fb79607934f428797003b9f35125b45 Mon Sep 17 00:00:00 2001 From: Joshua Daniel Franklin Date: Sat, 1 Mar 2003 17:29:51 +0000 Subject: Document new mkgroup,mkpasswd options --- winsup/utils/utils.sgml | 74 +++++++++++++++++++++++++++++++------------------ 1 file changed, 47 insertions(+), 27 deletions(-) diff --git a/winsup/utils/utils.sgml b/winsup/utils/utils.sgml index 131b0a5..d4ffe7d 100644 --- a/winsup/utils/utils.sgml +++ b/winsup/utils/utils.sgml @@ -372,6 +372,7 @@ This program prints a /etc/group file to stdout Options: -l,--local print local group information + -c,--current print current group, if a domain account -d,--domain print global group information from the domain specified (or from the current domain if there is no domain specified) @@ -389,14 +390,15 @@ One of `-l' or `-d' must be given on NT/W2K. The mkgroup program can be used to help configure your Windows system to be more UNIX-like by creating an -initial /etc/group substitute (some commands need this -file) from your system information. It only works on the NT series -(Windows NT, 2000, and XP). mkgroup does not work on -the Win9x series (Windows 95, 98, and Me) because they lack the security model -to support it. To initially set up your machine, you'd do something like -this: - -Setting up the groups file +initial /etc/group. +Its use is essential on the NT series (Windows NT, 2000, and XP) to +include Windows security information. +It can also be used on the Win9x series (Windows 95, 98, and Me) to +create a file with the correct format. +To initially set up your machine if you are a local user, you'd do +something like this: + +Setting up the groups file for local accounts $ mkdir /etc $ mkgroup -l > /etc/group @@ -408,16 +410,24 @@ information in your system, you'll need to regenerate the group file for it to have the new information. The -d and -l options -allow you to specify where the information comes from, either the -local machine or the default (or given) domain. The -o -option allows for special cases (such as multiple domains) where the GIDs -might match otherwise. The -s +allow you to specify where the information comes from, the +local machine or the domain (default or given), or both. +With the -d option the program contacts the Domain +Controller, which my be unreachable or have restricted access. +An entry for the current domain user can then be created by using the +option -c together with -l, +but -c has no effect when used with -d. +The -o option allows for special cases +(such as multiple domains) where the GIDs might match otherwise. +The -s option omits the NT Security Identifier (SID). For more information on SIDs, see in the Cygwin User's Guide. The -u option causes mkgroup to enumerate the users for each group, placing the group members in the gr_mem (last) field. Note that this can greatly increase the time for mkgroup to run in a large domain. +Having gr_mem fields is helpful when a domain user logs in remotely +while the local machine is disconnected from the Domain Controller. @@ -431,6 +441,7 @@ This program prints a /etc/passwd file to stdout Options: -l,--local print local user accounts + -c,--current print current account, if a domain account -d,--domain print domain accounts (from current domain if no domain specified) -o,--id-offset offset change the default offset (10000) added to uids @@ -450,14 +461,17 @@ One of `-l', `-d' or `-g' must be given on NT/W2K. The mkpasswd program can be used to help configure your Windows system to be more UNIX-like by creating an -initial /etc/passwd substitute (some commands -need this file) from your system information. It only works on the NT series -(Windows NT, 2000, and XP). mkpasswd does not work on -the Win9x series (Windows 95, 98, and Me) because they lack the security model -to support it. To initially set up your machine, you'd do something like -this: - -Setting up the passwd file +initial /etc/passwd from your system information. +Its use is essential on the NT series (Windows NT, 2000, and XP) to +include Windows security information, but the actual passwords are +determined by Windows, not by the content of /etc/passwd. +On the Win9x series (Windows 95, 98, and Me) the password field must be +replaced by the output of crypt your_password +if remote access is desired. +To initially set up your machine if you are a local user, you'd do +something like this: + +Setting up the passwd file for local accounts $ mkdir /etc $ mkpasswd -l > /etc/passwd @@ -469,10 +483,16 @@ information in your system, you'll need to regenerate the passwd file for it to have the new information. The -d and -l options -allow you to specify where the information comes from, either the -local machine or the default (or given) domain. The -o -option allows for special cases (such as multiple domains) where the UIDs -might match otherwise. The -g option creates a local +allow you to specify where the information comes from, the +local machine or the domain (default or given), or both. +With the -d option the program contacts the Domain +Controller, which my be unreachable or have restricted access. +An entry for the current domain user can then be created by using the +option -c together with -l, +but -c has no effect when used with -d. +The -o option allows for special cases +(such as multiple domains) where the UIDs might match otherwise. +The -g option creates a local user that corresponds to each local group. This is because NT assigns groups file ownership. The -m option bypasses the current mount table so that, for example, two users who have a Windows home @@ -489,9 +509,9 @@ use a prefix other than /home/. For example, this command: would put local users' home directories in the Windows 'Profiles' directory. -The -u option allows mkpasswd to -search for a specific username, greatly reducing the amount of time it -takes in a large domain. +On Win9x machines the -u option creates an entry for +the specified user. On the NT series it restricts the output to that user, +greatly reducing the amount of time it takes in a large domain. -- cgit v1.1