Re: /dev/ptmx fails with Azure accounts

[Achim Gratz]

Thomas Wolff writes:
> OK, so a solution for users having both is irrelevant but still a
> solution (for standalone packages) that works alike with either XP
> users or Azure users would be useful, to avoid this conflict just for
> the timing of a few weeks that this issue got resolved after preparing
> 2.6. Just pondering for consideration...

Anyone still using XP really shouldn't be connected in any way to the
internet, so that'd rule out Azure as well.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

SD adaptation for Waldorf microQ V2.22R2:
http://Synth.Stromeko.net/Downloads.html#WaldorfSDada

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[cyg Simple]

On 8/21/2016 7:33 PM, Thomas Wolff wrote:
> Am 19.08.2016 um 22:24 schrieb Erik Soderquist:
>> On Fri, Aug 19, 2016 at 3:02 PM, Thomas Wolff wrote:
>> ... Azure users that happen to be still running XP.
>>
>> Is that actually possible?  I thought Azure's minimum requirements
>> would not accept XP...
> OK, so a solution for users having both is irrelevant but still a
> solution (for standalone packages) that works alike with either XP users
> or Azure users would be useful, to avoid this conflict just for the
> timing of a few weeks that this issue got resolved after preparing 2.6.
> Just pondering for consideration...

This topic has been exhaustively discussed.  XP is dead for future work.
 Let's move on and let it die.  If someone wants to maintain a fork for
XP users then perhaps Corinna would be willing for a git branch to
exist, maybe?  But someone has to be responsible for maintaining it and
it will not be the maintainers of the official release branches.  So
Thomas are you volunteering to do that if Corinna allows it?

-- 
cyg Simple

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Thomas Wolff]

Am 19.08.2016 um 22:24 schrieb Erik Soderquist:

On Fri, Aug 19, 2016 at 3:02 PM, Thomas Wolff wrote:
... Azure users that happen to be still running XP.

Is that actually possible?  I thought Azure's minimum requirements
would not accept XP...
OK, so a solution for users having both is irrelevant but still a 
solution (for standalone packages) that works alike with either XP users 
or Azure users would be useful, to avoid this conflict just for the 
timing of a few weeks that this issue got resolved after preparing 2.6. 
Just pondering for consideration...

--
Thomas

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Erik Soderquist]

On Fri, Aug 19, 2016 at 3:02 PM, Thomas Wolff wrote:
... Azure users that happen to be still running XP.

Is that actually possible?  I thought Azure's minimum requirements
would not accept XP...

--- Erik

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Thomas Wolff]

Am 19.08.2016 um 11:09 schrieb Corinna Vinschen:

On Aug 18 21:52, Thomas Wolff wrote:

Am 18.08.2016 um 11:35 schrieb Corinna Vinschen:

On Aug 16 17:45, Corinna Vinschen wrote:

On Aug 16 11:27, rm...@aboutgolf.com wrote:

Hi Corinna

On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
 said:


Hi Russell,

This is as bad as I feared.  Apart from the username and the Windows
home dir, there are no other information which could be fetched by
the usual means.  Quite apart from the fact that there are no means to
*store* this information somewhere, other than creating an explicit
/etc/passwd and matching /etc/group entry.

But, anyway, I prepared some code for the Cygwin DLL to handle these
accounts even if no /etc/passwd and /etc/group entries are present.  It
still needs some work, though, and for that I'd ask you to perform a
last test.
[...]

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ gcc -W azure-check5.c -l Netapi32 -o azure-check5

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check5
Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
Reverse Sid (RussellMora): S-1-12-1-2043906341-1249388050-2635137163-399631282
Reverse Sid (AzureAD\RussellMora): 
S-1-12-1-2043906341-1249388050-2635137163-399631282

Good to know, thank you.  Give me a bit and I'll come up with a Cygwin
DLL for testing.

FTR, this has been kinked out off-list.  The resulting patch is in git master 
now.

Sounds great. Would it be an option to release this fix in a 2.5.3 version
to have a final XP release for all users?

I'm not planning to release a 2.5.3.
I didn't think so. I meant to kindly attempt to nag you to modify the 
plan and add such a release so that cygwin or standalone packages based 
on cygwin would work for Azure users that happen to be still running XP.

--
Thomas

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug 18 21:52, Thomas Wolff wrote:
> Am 18.08.2016 um 11:35 schrieb Corinna Vinschen:
> > On Aug 16 17:45, Corinna Vinschen wrote:
> > > On Aug 16 11:27, rm...@aboutgolf.com wrote:
> > > > Hi Corinna
> > > > 
> > > > On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
> > > >  said:
> > > > 
> > > > > Hi Russell,
> > > > > 
> > > > > This is as bad as I feared.  Apart from the username and the Windows
> > > > > home dir, there are no other information which could be fetched by
> > > > > the usual means.  Quite apart from the fact that there are no means to
> > > > > *store* this information somewhere, other than creating an explicit
> > > > > /etc/passwd and matching /etc/group entry.
> > > > > 
> > > > > But, anyway, I prepared some code for the Cygwin DLL to handle these
> > > > > accounts even if no /etc/passwd and /etc/group entries are present.  
> > > > > It
> > > > > still needs some work, though, and for that I'd ask you to perform a
> > > > > last test.
> > > > > [...]
> > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > $ gcc -W azure-check5.c -l Netapi32 -o azure-check5
> > > > 
> > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > $ ./azure-check5
> > > > Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > > Dom\Name: AzureAD\RussellMora
> > > > Reverse Sid (RussellMora): 
> > > > S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > > Reverse Sid (AzureAD\RussellMora): 
> > > > S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > Good to know, thank you.  Give me a bit and I'll come up with a Cygwin
> > > DLL for testing.
> > FTR, this has been kinked out off-list.  The resulting patch is in git 
> > master now.
> Sounds great. Would it be an option to release this fix in a 2.5.3 version
> to have a final XP release for all users?

I'm not planning to release a 2.5.3.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Thomas Wolff]

Am 18.08.2016 um 11:35 schrieb Corinna Vinschen:

On Aug 16 17:45, Corinna Vinschen wrote:

On Aug 16 11:27, rm...@aboutgolf.com wrote:

Hi Corinna

On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
 said:


Hi Russell,

This is as bad as I feared.  Apart from the username and the Windows
home dir, there are no other information which could be fetched by
the usual means.  Quite apart from the fact that there are no means to
*store* this information somewhere, other than creating an explicit
/etc/passwd and matching /etc/group entry.

But, anyway, I prepared some code for the Cygwin DLL to handle these
accounts even if no /etc/passwd and /etc/group entries are present.  It
still needs some work, though, and for that I'd ask you to perform a
last test.
[...]

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ gcc -W azure-check5.c -l Netapi32 -o azure-check5

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check5
Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
Reverse Sid (RussellMora): S-1-12-1-2043906341-1249388050-2635137163-399631282
Reverse Sid (AzureAD\RussellMora): 
S-1-12-1-2043906341-1249388050-2635137163-399631282

Good to know, thank you.  Give me a bit and I'll come up with a Cygwin
DLL for testing.

FTR, this has been kinked out off-list.  The resulting patch is in git master 
now.
Sounds great. Would it be an option to release this fix in a 2.5.3 
version to have a final XP release for all users?

Thomas

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug 16 17:45, Corinna Vinschen wrote:
> On Aug 16 11:27, rm...@aboutgolf.com wrote:
> > Hi Corinna
> > 
> > On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
> >  said:
> > 
> > > Hi Russell,
> > > 
> > > This is as bad as I feared.  Apart from the username and the Windows
> > > home dir, there are no other information which could be fetched by
> > > the usual means.  Quite apart from the fact that there are no means to
> > > *store* this information somewhere, other than creating an explicit
> > > /etc/passwd and matching /etc/group entry.
> > > 
> > > But, anyway, I prepared some code for the Cygwin DLL to handle these
> > > accounts even if no /etc/passwd and /etc/group entries are present.  It
> > > still needs some work, though, and for that I'd ask you to perform a
> > > last test.
> > > [...]
> > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > $ gcc -W azure-check5.c -l Netapi32 -o azure-check5
> > 
> > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > $ ./azure-check5
> > Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > Dom\Name: AzureAD\RussellMora
> > Reverse Sid (RussellMora): 
> > S-1-12-1-2043906341-1249388050-2635137163-399631282
> > Reverse Sid (AzureAD\RussellMora): 
> > S-1-12-1-2043906341-1249388050-2635137163-399631282
> 
> Good to know, thank you.  Give me a bit and I'll come up with a Cygwin
> DLL for testing.

FTR, this has been kinked out off-list.  The resulting patch is in git
master now.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

Hi Russell,

On Aug 16 11:27, rm...@aboutgolf.com wrote:
> Hi Corinna
> 
> On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
>  said:
> 
> > Hi Russell,
> > 
> > This is as bad as I feared.  Apart from the username and the Windows
> > home dir, there are no other information which could be fetched by
> > the usual means.  Quite apart from the fact that there are no means to
> > *store* this information somewhere, other than creating an explicit
> > /etc/passwd and matching /etc/group entry.
> > 
> > But, anyway, I prepared some code for the Cygwin DLL to handle these
> > accounts even if no /etc/passwd and /etc/group entries are present.  It
> > still needs some work, though, and for that I'd ask you to perform a
> > last test.
> > 
> > I attached a short testcase.  We know that LookupAccountSid from the
> > user SID in the user token returns a name (RussellMora) and a domain
> > (AzureAD).  However, the open question is if the reverse operation
> > LookupAccountName works as desired when feeding it the domain name
> > and the user name.  Actually, for completeness the testcase tries it
> > two ways:  Once only with the username, once with dom\username.
> > 
> > The reason for testing this is, if the reverse lookup works with only
> > the name we *could* go ahead and omit the domain from the Cygwin
> > username.  I'm not yet sure if that's feasible, but it's certainly worth
> > a try.
> > 
> 
> Both seem to work. I guess what you are proposing makes sense - the
> AzureAD domain is like a single domain with multiple tenants (yeah, I
> don't really know what I'm talking about with respect to AD).
> Anyway, let me know if you want me to do any more testing, I'm still
> very willing to be a Guinea Pig (squeek squeek) - thanks for figuring
> this out for me!
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $ gcc -W azure-check5.c -l Netapi32 -o azure-check5
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $ ./azure-check5
> Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> Dom\Name: AzureAD\RussellMora
> Reverse Sid (RussellMora): S-1-12-1-2043906341-1249388050-2635137163-399631282
> Reverse Sid (AzureAD\RussellMora): 
> S-1-12-1-2043906341-1249388050-2635137163-399631282

Good to know, thank you.  Give me a bit and I'll come up with a Cygwin
DLL for testing.


Stay tuned,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

Hi Corinna

On Tuesday, August 16, 2016 05:12, "Corinna Vinschen" 
 said:

> Hi Russell,
> 
> This is as bad as I feared.  Apart from the username and the Windows
> home dir, there are no other information which could be fetched by
> the usual means.  Quite apart from the fact that there are no means to
> *store* this information somewhere, other than creating an explicit
> /etc/passwd and matching /etc/group entry.
> 
> But, anyway, I prepared some code for the Cygwin DLL to handle these
> accounts even if no /etc/passwd and /etc/group entries are present.  It
> still needs some work, though, and for that I'd ask you to perform a
> last test.
> 
> I attached a short testcase.  We know that LookupAccountSid from the
> user SID in the user token returns a name (RussellMora) and a domain
> (AzureAD).  However, the open question is if the reverse operation
> LookupAccountName works as desired when feeding it the domain name
> and the user name.  Actually, for completeness the testcase tries it
> two ways:  Once only with the username, once with dom\username.
> 
> The reason for testing this is, if the reverse lookup works with only
> the name we *could* go ahead and omit the domain from the Cygwin
> username.  I'm not yet sure if that's feasible, but it's certainly worth
> a try.
> 

Both seem to work. I guess what you are proposing makes sense - the AzureAD 
domain is like a single domain with multiple tenants (yeah, I don't really know 
what I'm talking about with respect to AD). Anyway, let me know if you want 
me to do any more testing, I'm still very willing to be a Guinea Pig (squeek 
squeek) - thanks for figuring this out for me!

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ gcc -W azure-check5.c -l Netapi32 -o azure-check5

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check5
Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
Reverse Sid (RussellMora): S-1-12-1-2043906341-1249388050-2635137163-399631282
Reverse Sid (AzureAD\RussellMora): 
S-1-12-1-2043906341-1249388050-2635137163-399631282

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$

HTH

Cheers,
Russell.



--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

Hi Russell,

On Aug 15 12:48, rm...@aboutgolf.com wrote:
> $ ./azure-check3
>  Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> Dom\Name: AzureAD\RussellMora
> DsGetDcNameW: 1355
> NetUserGetInfo(NULL, 3): 2221
> NetUserGetInfo(NULL, 24): 2221

This is as bad as I feared.  Apart from the username and the Windows
home dir, there are no other information which could be fetched by
the usual means.  Quite apart from the fact that there are no means to
*store* this information somewhere, other than creating an explicit
/etc/passwd and matching /etc/group entry.

But, anyway, I prepared some code for the Cygwin DLL to handle these
accounts even if no /etc/passwd and /etc/group entries are present.  It
still needs some work, though, and for that I'd ask you to perform a
last test.

I attached a short testcase.  We know that LookupAccountSid from the
user SID in the user token returns a name (RussellMora) and a domain
(AzureAD).  However, the open question is if the reverse operation
LookupAccountName works as desired when feeding it the domain name
and the user name.  Actually, for completeness the testcase tries it
two ways:  Once only with the username, once with dom\username.

The reason for testing this is, if the reverse lookup works with only
the name we *could* go ahead and omit the domain from the Cygwin
username.  I'm not yet sure if that's feasible, but it's certainly worth
a try.


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  WCHAR aname[513];
  PSID rsid = (PSID) malloc (128);
  DWORD nlen, dlen, rlen;
  SID_NAME_USE type;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());

  rlen = 128;
  dlen = 256;
  if (LookupAccountNameW (NULL, name, rsid, , dom, , ))
{
  ConvertSidToStringSidA (rsid, );
  printf ("Reverse Sid (%ls): %s\n", name, str);
  LocalFree (str);
}
  else
printf ("LookupAccountNameW (%ls): %u\n", name, GetLastError ());

  wcpcpy (wcpcpy (wcpcpy (aname, dom), L"\\"), name);
  rlen = 128;
  dlen = 256;
  if (LookupAccountNameW (NULL, aname, rsid, , dom, , ))
{
  ConvertSidToStringSidA (rsid, );
  printf ("Reverse Sid (%ls): %s\n", aname, str);
  LocalFree (str);
}
  else
printf ("LookupAccountNameW (%ls): %u\n", aname, GetLastError ());

  return 0;
}


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

On Monday, August 15, 2016 12:29, "rm...@aboutgolf.com"  
said:

> 
> 
> Hi
> 
> Sorry for the delay in getting back to this. Here is the output I get:
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $ gcc -W azure-check3.c -l Netapi32 -o azure-check3
> azure-check3.c: In function ‘main’:
> azure-check3.c:50:1: warning: ‘status’ may be used uninitialized in
> this function [-Wmaybe-uninitialized]
>  printf ("DsGetDcNameW: %u\n", status);
>  ^
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $ ./azure-check3
>  Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> Dom\Name: AzureAD\RussellMora
> DsGetDcNameW: 0
> NetUserGetInfo(NULL, 3): 2221
> NetUserGetInfo(NULL, 24): 2221
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $
> 

Oops - I fixed the warning. Now I get this:

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ diff -u azure-check3.c__ORIG  azure-check3.c
--- azure-check3.c__ORIG2016-08-15 12:48:06.682783600 -0400
+++ azure-check3.c  2016-08-15 12:45:57.266928000 -0400
@@ -42,8 +42,8 @@
else
printf ("LookupAccountSidW: %u\n", GetLastError ());

-   ret = DsGetDcNameW (NULL, dom, NULL, NULL, DS_IS_FLAT_NAME | 
DS_RETURN_DNS_NAME, );
-   if (ret != ERROR_SUCCESS)
+   status = DsGetDcNameW (NULL, dom, NULL, NULL, DS_IS_FLAT_NAME | 
DS_RETURN_DNS_NAME, );
+   if (status != ERROR_SUCCESS)
{
printf ("DsGetDcNameW: %u\n", status);
pci = NULL;

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check3
 Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
DsGetDcNameW: 1355
NetUserGetInfo(NULL, 3): 2221
NetUserGetInfo(NULL, 24): 2221

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$



--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

On Friday, August 5, 2016 11:34, "Corinna Vinschen"  
said:

> On Aug  5 12:27, Corinna Vinschen wrote:
>> On Aug  4 09:00, Corinna Vinschen wrote:
>> > On Aug  3 15:05, rm...@aboutgolf.com wrote:
>> > > [...]
>> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
>> > > $ ./azure-check2
>> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
>> > > Dom\Name: AzureAD\RussellMora
>> > > Primary Group:
>> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
>> > >   Dom\Name: AzureAD\RussellMora
>> > > NetUserGetInfo: 53
>> > >
>> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
>> > > $
>> > >
>> > > (As an aside, I assume that the fact that the permissions on the
>> > > compiled executable are totally messed up, and thus the executable
>> > > won't run until I fix them via Windows, is incidental to the fact that
>> > > I am running under "Unknown+User" and thus you don't want any
>> > > information on that as well.)
>> >
>> > Good thinking :)
>> >
>> > Can you please try the attached testcase?  Probably my last straw.  If
>> > that doesn't work as desired, support for AzureAD accounts will be very
>> > limited.
>>
>> I guess you're already on vacation, but never mind.
>>
>> I improved my testcase a bit and attached it to this mail.  Can you please
>> try this one when you're back?
> 
> Oh, and while you're at it, can you please check your registry for a key
> 
>  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
> NT\CurrentVersion\ProfileList\S-1-12-1-2043906341-1249388050-2635137163-399631282
> 
> It should have a value called "ProfileImagePath" which contains something
> along the lines of "C:\Users\RussellMora".
> 

Yes it does, exactly as you described.

Cheers,
Russell.




--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

On Monday, August 8, 2016 07:58, "Corinna Vinschen"  
said:

> On Aug  8 21:48, Duncan Roe wrote:
>> On Mon, Aug 08, 2016 at 09:05:27AM +0200, Corinna Vinschen wrote:
>> > On Aug  7 13:27, Duncan Roe wrote:
>> > > I've been trying your tests out of interest (no Axure accounts here), and
>> they all worked except this last one which segfaults:
>> >
>> > That you, I think I see where I made the mistake.  Can you try the
>> > attached?
>> >[...]
>>
>> Runs to completion again,
>>
>> Cheers ... Duncan.
> 
> Thanks for testing!
> 

Hi

Sorry for the delay in getting back to this. Here is the output I get:

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ gcc -W azure-check3.c -l Netapi32 -o azure-check3
azure-check3.c: In function ‘main’:
azure-check3.c:50:1: warning: ‘status’ may be used uninitialized in this 
function [-Wmaybe-uninitialized]
 printf ("DsGetDcNameW: %u\n", status);
 ^

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check3
 Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
DsGetDcNameW: 0
NetUserGetInfo(NULL, 3): 2221
NetUserGetInfo(NULL, 24): 2221

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$

Does that help at all?

Cheers,
Russell.


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  8 21:48, Duncan Roe wrote:
> On Mon, Aug 08, 2016 at 09:05:27AM +0200, Corinna Vinschen wrote:
> > On Aug  7 13:27, Duncan Roe wrote:
> > > I've been trying your tests out of interest (no Axure accounts here), and 
> > > they all worked except this last one which segfaults:
> >
> > That you, I think I see where I made the mistake.  Can you try the
> > attached?
> >[...]
> 
> Runs to completion again,
> 
> Cheers ... Duncan.

Thanks for testing!


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Duncan Roe]

On Mon, Aug 08, 2016 at 09:05:27AM +0200, Corinna Vinschen wrote:
> On Aug  7 13:27, Duncan Roe wrote:
> > On Fri, Aug 05, 2016 at 12:27:51PM +0200, Corinna Vinschen wrote:
> > > On Aug  4 09:00, Corinna Vinschen wrote:
> > > > On Aug  3 15:05, rm...@aboutgolf.com wrote:
> > > > > [...]
> > > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > > $ ./azure-check2
> > > > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > > > Dom\Name: AzureAD\RussellMora
> > > > > Primary Group:
> > > > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > > >   Dom\Name: AzureAD\RussellMora
> > > > > NetUserGetInfo: 53
> > > > >
> > > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > > $
> > > > >
> > > > > (As an aside, I assume that the fact that the permissions on the
> > > > > compiled executable are totally messed up, and thus the executable
> > > > > won't run until I fix them via Windows, is incidental to the fact that
> > > > > I am running under "Unknown+User" and thus you don't want any
> > > > > information on that as well.)
> > > >
> > > > Good thinking :)
> > > >
> > > > Can you please try the attached testcase?  Probably my last straw.  If
> > > > that doesn't work as desired, support for AzureAD accounts will be very
> > > > limited.
> > >
> > > I guess you're already on vacation, but never mind.
> > >
> > > I improved my testcase a bit and attached it to this mail.  Can you please
> > > try this one when you're back?
> > >[...]
> > Hi Corrina,
>
> s/rr/in/rinn/ :)
>
> > I've been trying your tests out of interest (no Axure accounts here), and 
> > they all worked except this last one which segfaults:
>
> That you, I think I see where I made the mistake.  Can you try the
> attached?
>
>
> Thanks,
> Corinna
>
> --
> Corinna Vinschen  Please, send mails regarding Cygwin to
> Cygwin Maintainer cygwin AT cygwin DOT com
> Red Hat

> #include 
> #include 
> #define _WIN32_WINNT 0x0a00
> #define WINVER 0x0a00
> #include 
> #include 
> #include 
> #include 
>
> int
> main ()
> {
>   HANDLE tok;
>   PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
>   DWORD ret;
>   LPSTR str;
>   WCHAR name[256];
>   WCHAR dom[256];
>   DWORD nlen, dlen;
>   SID_NAME_USE type;
>   PDOMAIN_CONTROLLER_INFOW pci;
>   NET_API_STATUS status;
>   PUSER_INFO_3 ui3;
>   PUSER_INFO_24 ui24;
>
>   if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
> {
>   printf ("OpenProcessToken: %u\n", GetLastError ());
>   return 1;
> }
>   if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
> {
>   printf ("GetTokenInformation(user): %u\n", GetLastError ());
>   return 1;
> }
>   ConvertSidToStringSidA (tp->User.Sid, );
>   printf ("  Sid: %s\n", str);
>   LocalFree (str);
>   nlen = dlen = 256;
>   if (LookupAccountSidW (NULL, tp->User.Sid, name, ,
>dom, , ))
> printf ("Dom\\Name: %ls\\%ls\n", dom, name);
>   else
> printf ("LookupAccountSidW: %u\n", GetLastError ());
>
>   ret = DsGetDcNameW (NULL, dom, NULL, NULL,
> DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, );
>   if (ret != ERROR_SUCCESS)
> {
>   printf ("DsGetDcNameW: %u\n", status);
>   pci = NULL;
> }
>
>   status = NetUserGetInfo (NULL, name, 3, (PBYTE *) );
>   if (status != NERR_Success)
> printf ("NetUserGetInfo(NULL, 3): %u\n", status);
>   else
> {
>   printf ("UserInfo NULL, 3:\n");
>   printf ("  Name: %ls\n", ui3->usri3_name);
>   NetApiBufferFree (ui3);
> }
>   status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
>   if (status != NERR_Success)
> printf ("NetUserGetInfo(NULL, 24): %u\n", status);
>   else
> {
>   printf ("UserInfo NULL, 24:\n");
>   printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
>   printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
>   printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
>   printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
>   ConvertSidToStringSidA (ui24->usri24_user_sid, );
>   printf ("  Sid: %s\n", str);
>   LocalFree (str);
>   NetApiBufferFree (ui24);
> }
>
>   if (pci)
> {
>   status = NetUserGetInfo (pci->DomainControllerName, name,
>  3, (PBYTE *) );
>   if (status != NERR_Success)
>   printf ("NetUserGetInfo(%ls, 3): %u\n", pci->DomainControllerName, 
> status);
>   else
>   {
> printf ("UserInfo %ls, 3:\n", pci->DomainControllerName);
> printf ("  Name: %ls\n", ui3->usri3_name);
> NetApiBufferFree (ui3);
>   }
>
>   status = NetUserGetInfo (pci->DomainControllerName, name,
>  24, (PBYTE *) );
>   if (status != NERR_Success)
>   printf ("NetUserGetInfo(%ls, 24): %u\n",
>   pci->DomainControllerName, status);
>   else
>   {
> printf ("UserInfo %ls, 24:\n", pci->DomainControllerName);
> 

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  7 13:27, Duncan Roe wrote:
> On Fri, Aug 05, 2016 at 12:27:51PM +0200, Corinna Vinschen wrote:
> > On Aug  4 09:00, Corinna Vinschen wrote:
> > > On Aug  3 15:05, rm...@aboutgolf.com wrote:
> > > > [...]
> > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > $ ./azure-check2
> > > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > > Dom\Name: AzureAD\RussellMora
> > > > Primary Group:
> > > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > >   Dom\Name: AzureAD\RussellMora
> > > > NetUserGetInfo: 53
> > > >
> > > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > > $
> > > >
> > > > (As an aside, I assume that the fact that the permissions on the
> > > > compiled executable are totally messed up, and thus the executable
> > > > won't run until I fix them via Windows, is incidental to the fact that
> > > > I am running under "Unknown+User" and thus you don't want any
> > > > information on that as well.)
> > >
> > > Good thinking :)
> > >
> > > Can you please try the attached testcase?  Probably my last straw.  If
> > > that doesn't work as desired, support for AzureAD accounts will be very
> > > limited.
> >
> > I guess you're already on vacation, but never mind.
> >
> > I improved my testcase a bit and attached it to this mail.  Can you please
> > try this one when you're back?
> >[...]
> Hi Corrina,

s/rr/in/rinn/ :)

> I've been trying your tests out of interest (no Axure accounts here), and 
> they all worked except this last one which segfaults:

That you, I think I see where I made the mistake.  Can you try the 
attached?


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;
  PDOMAIN_CONTROLLER_INFOW pci;
  NET_API_STATUS status;
  PUSER_INFO_3 ui3;
  PUSER_INFO_24 ui24;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());

  ret = DsGetDcNameW (NULL, dom, NULL, NULL,
  DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, );
  if (ret != ERROR_SUCCESS)
{
  printf ("DsGetDcNameW: %u\n", status);
  pci = NULL;
}

  status = NetUserGetInfo (NULL, name, 3, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(NULL, 3): %u\n", status);
  else
{
  printf ("UserInfo NULL, 3:\n");
  printf ("  Name: %ls\n", ui3->usri3_name);
  NetApiBufferFree (ui3);
}
  status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(NULL, 24): %u\n", status);
  else
{
  printf ("UserInfo NULL, 24:\n");
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  NetApiBufferFree (ui24);
}

  if (pci)
{
  status = NetUserGetInfo (pci->DomainControllerName, name,
   3, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(%ls, 3): %u\n", pci->DomainControllerName, 
status);
  else
{
  printf ("UserInfo %ls, 3:\n", pci->DomainControllerName);
  printf ("  Name: %ls\n", ui3->usri3_name);
  NetApiBufferFree (ui3);
}

  status = NetUserGetInfo (pci->DomainControllerName, name,
   24, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(%ls, 24): %u\n",
pci->DomainControllerName, status);
  else
{
  printf ("UserInfo %ls, 24:\n", pci->DomainControllerName);
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", 
ui24->usri24_internet_principal_name);
  

Re: /dev/ptmx fails with Azure accounts

[Duncan Roe]

On Fri, Aug 05, 2016 at 12:27:51PM +0200, Corinna Vinschen wrote:
> On Aug  4 09:00, Corinna Vinschen wrote:
> > On Aug  3 15:05, rm...@aboutgolf.com wrote:
> > > [...]
> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > $ ./azure-check2
> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > Dom\Name: AzureAD\RussellMora
> > > Primary Group:
> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > >   Dom\Name: AzureAD\RussellMora
> > > NetUserGetInfo: 53
> > >
> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > $
> > >
> > > (As an aside, I assume that the fact that the permissions on the
> > > compiled executable are totally messed up, and thus the executable
> > > won't run until I fix them via Windows, is incidental to the fact that
> > > I am running under "Unknown+User" and thus you don't want any
> > > information on that as well.)
> >
> > Good thinking :)
> >
> > Can you please try the attached testcase?  Probably my last straw.  If
> > that doesn't work as desired, support for AzureAD accounts will be very
> > limited.
>
> I guess you're already on vacation, but never mind.
>
> I improved my testcase a bit and attached it to this mail.  Can you please
> try this one when you're back?
>
>
> Thanks a lot,
> Corinna
>
> --
> Corinna Vinschen  Please, send mails regarding Cygwin to
> Cygwin Maintainer cygwin AT cygwin DOT com
> Red Hat

> #include 
> #include 
> #define _WIN32_WINNT 0x0a00
> #define WINVER 0x0a00
> #include 
> #include 
> #include 
> #include 
>
> int
> main ()
> {
>   HANDLE tok;
>   PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
>   DWORD ret;
>   LPSTR str;
>   WCHAR name[256];
>   WCHAR dom[256];
>   DWORD nlen, dlen;
>   SID_NAME_USE type;
>   PDOMAIN_CONTROLLER_INFOW pci;
>   NET_API_STATUS status;
>   PUSER_INFO_3 ui3;
>   PUSER_INFO_24 ui24;
>
>   if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
> {
>   printf ("OpenProcessToken: %u\n", GetLastError ());
>   return 1;
> }
>   if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
> {
>   printf ("GetTokenInformation(user): %u\n", GetLastError ());
>   return 1;
> }
>   ConvertSidToStringSidA (tp->User.Sid, );
>   printf ("  Sid: %s\n", str);
>   LocalFree (str);
>   nlen = dlen = 256;
>   if (LookupAccountSidW (NULL, tp->User.Sid, name, ,
>dom, , ))
> printf ("Dom\\Name: %ls\\%ls\n", dom, name);
>   else
> printf ("LookupAccountSidW: %u\n", GetLastError ());
>
>   ret = DsGetDcNameW (NULL, dom, NULL, NULL,
> DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, );
>   if (ret != ERROR_SUCCESS)
> {
>   printf ("DsGetDcNameW: %u\n", status);
>   pci->DomainControllerName = NULL;
> }
>
>   status = NetUserGetInfo (NULL, name, 3, (PBYTE *) );
>   if (status != NERR_Success)
> printf ("NetUserGetInfo(NULL, 3): %u\n", status);
>   else
> {
>   printf ("UserInfo NULL, 3:\n");
>   printf ("  Name: %ls\n", ui3->usri3_name);
>   NetApiBufferFree (ui3);
> }
>   status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
>   if (status != NERR_Success)
> printf ("NetUserGetInfo(NULL, 24): %u\n", status);
>   else
> {
>   printf ("UserInfo NULL, 24:\n");
>   printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
>   printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
>   printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
>   printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
>   ConvertSidToStringSidA (ui24->usri24_user_sid, );
>   printf ("  Sid: %s\n", str);
>   LocalFree (str);
>   NetApiBufferFree (ui24);
> }
>
>   if (pci->DomainControllerName)
> {
>   status = NetUserGetInfo (pci->DomainControllerName, name,
>  3, (PBYTE *) );
>   if (status != NERR_Success)
>   printf ("NetUserGetInfo(%ls, 3): %u\n", pci->DomainControllerName, 
> status);
>   else
>   {
> printf ("UserInfo %ls, 3:\n", pci->DomainControllerName);
> printf ("  Name: %ls\n", ui3->usri3_name);
> NetApiBufferFree (ui3);
>   }
>
>   status = NetUserGetInfo (pci->DomainControllerName, name,
>  24, (PBYTE *) );
>   if (status != NERR_Success)
>   printf ("NetUserGetInfo(%ls, 24): %u\n",
>   pci->DomainControllerName, status);
>   else
>   {
> printf ("UserInfo %ls, 24:\n", pci->DomainControllerName);
> printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
> printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
> printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
> printf ("  PrincipalName: %ls\n", 
> ui24->usri24_internet_principal_name);
> ConvertSidToStringSidA (ui24->usri24_user_sid, );
> printf ("  Sid: %s\n", str);
> LocalFree (str);
> 

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  5 12:27, Corinna Vinschen wrote:
> On Aug  4 09:00, Corinna Vinschen wrote:
> > On Aug  3 15:05, rm...@aboutgolf.com wrote:
> > > [...]
> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > $ ./azure-check2
> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > > Dom\Name: AzureAD\RussellMora
> > > Primary Group:
> > >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > >   Dom\Name: AzureAD\RussellMora
> > > NetUserGetInfo: 53
> > > 
> > > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > > $
> > > 
> > > (As an aside, I assume that the fact that the permissions on the
> > > compiled executable are totally messed up, and thus the executable
> > > won't run until I fix them via Windows, is incidental to the fact that
> > > I am running under "Unknown+User" and thus you don't want any
> > > information on that as well.)
> > 
> > Good thinking :)
> > 
> > Can you please try the attached testcase?  Probably my last straw.  If
> > that doesn't work as desired, support for AzureAD accounts will be very
> > limited.
> 
> I guess you're already on vacation, but never mind.
> 
> I improved my testcase a bit and attached it to this mail.  Can you please
> try this one when you're back?

Oh, and while you're at it, can you please check your registry for a key

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows 
NT\CurrentVersion\ProfileList\S-1-12-1-2043906341-1249388050-2635137163-399631282

It should have a value called "ProfileImagePath" which contains something
along the lines of "C:\Users\RussellMora".


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  4 09:00, Corinna Vinschen wrote:
> On Aug  3 15:05, rm...@aboutgolf.com wrote:
> > [...]
> > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > $ ./azure-check2
> >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> > Dom\Name: AzureAD\RussellMora
> > Primary Group:
> >   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> >   Dom\Name: AzureAD\RussellMora
> > NetUserGetInfo: 53
> > 
> > Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> > $
> > 
> > (As an aside, I assume that the fact that the permissions on the
> > compiled executable are totally messed up, and thus the executable
> > won't run until I fix them via Windows, is incidental to the fact that
> > I am running under "Unknown+User" and thus you don't want any
> > information on that as well.)
> 
> Good thinking :)
> 
> Can you please try the attached testcase?  Probably my last straw.  If
> that doesn't work as desired, support for AzureAD accounts will be very
> limited.

I guess you're already on vacation, but never mind.

I improved my testcase a bit and attached it to this mail.  Can you please
try this one when you're back?


Thanks a lot,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;
  PDOMAIN_CONTROLLER_INFOW pci;
  NET_API_STATUS status;
  PUSER_INFO_3 ui3;
  PUSER_INFO_24 ui24;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());

  ret = DsGetDcNameW (NULL, dom, NULL, NULL,
  DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, );
  if (ret != ERROR_SUCCESS)
{
  printf ("DsGetDcNameW: %u\n", status);
  pci->DomainControllerName = NULL;
}

  status = NetUserGetInfo (NULL, name, 3, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(NULL, 3): %u\n", status);
  else
{
  printf ("UserInfo NULL, 3:\n");
  printf ("  Name: %ls\n", ui3->usri3_name);
  NetApiBufferFree (ui3);
}
  status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(NULL, 24): %u\n", status);
  else
{
  printf ("UserInfo NULL, 24:\n");
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  NetApiBufferFree (ui24);
}

  if (pci->DomainControllerName)
{
  status = NetUserGetInfo (pci->DomainControllerName, name,
   3, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(%ls, 3): %u\n", pci->DomainControllerName, 
status);
  else
{
  printf ("UserInfo %ls, 3:\n", pci->DomainControllerName);
  printf ("  Name: %ls\n", ui3->usri3_name);
  NetApiBufferFree (ui3);
}

  status = NetUserGetInfo (pci->DomainControllerName, name,
   24, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(%ls, 24): %u\n",
pci->DomainControllerName, status);
  else
{
  printf ("UserInfo %ls, 24:\n", pci->DomainControllerName);
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", 
ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  NetApiBufferFree (ui24);
}
}

  return 0;
}


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  3 15:05, rm...@aboutgolf.com wrote:
> On Wednesday, August 3, 2016 14:16, "Corinna Vinschen" 
>  said:
> 
> > On Aug  3 20:00, Corinna Vinschen wrote:
> >> On Aug  3 12:53, rm...@aboutgolf.com wrote:
> >> >
> >> >
> >> > The output is as below. This was without Run As Administrator - with
> >> > it the Group 0 Sid changed to S-1-16-12288/High Mandatory Level, which
> >> > *seems* appropriate
> >>
> >> It is.  Thanks for this test, the result is as horrifying as I imagined.
> >> Can you please try the testcase attached to this mail, too?  It should
> >> be built and run the same way:
> >>
> >>   $ gcc -g -o azure-check2 azure-check2.c -lnetapi32
> >>   $ ./azure-check2
> > 
> > Pleae use the one attached in this mail.  I noticed I forgot to print
> > primary group info.  It's not unimportant to see it as well.
> > 
> 
> Here it is:
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $ ./azure-check2
>   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
> Dom\Name: AzureAD\RussellMora
> Primary Group:
>   Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
>   Dom\Name: AzureAD\RussellMora
> NetUserGetInfo: 53
> 
> Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
> $
> 
> (As an aside, I assume that the fact that the permissions on the
> compiled executable are totally messed up, and thus the executable
> won't run until I fix them via Windows, is incidental to the fact that
> I am running under "Unknown+User" and thus you don't want any
> information on that as well.)

Good thinking :)

Can you please try the attached testcase?  Probably my last straw.  If
that doesn't work as desired, support for AzureAD accounts will be very
limited.


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;
  PDOMAIN_CONTROLLER_INFOW pci;
  NET_API_STATUS status;
  PUSER_INFO_3 ui3;
  PUSER_INFO_24 ui24;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());

  ret = DsGetDcNameW (NULL, dom, NULL, NULL,
  DS_IS_FLAT_NAME | DS_RETURN_DNS_NAME, );
  if (ret != ERROR_SUCCESS)
{
  printf ("DsGetDcNameW: %u\n", status);
  return 1;
}
  printf ("domain controller: %ls\n", pci->DomainControllerName);

  status = NetUserGetInfo (pci->DomainControllerName, name,
   3, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(3): %u\n", status);
  else
{
  printf ("UserInfo 3:\n");
  printf ("  Name: %ls\n", ui3->usri3_name);
}

  status = NetUserGetInfo (pci->DomainControllerName, name,
   24, (PBYTE *) );
  if (status != NERR_Success)
printf ("NetUserGetInfo(24): %u\n", status);
  else
{
  printf ("UserInfo 24:\n");
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
}

  return 0;
}


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

On Wednesday, August 3, 2016 14:16, "Corinna Vinschen" 
 said:

> On Aug  3 20:00, Corinna Vinschen wrote:
>> On Aug  3 12:53, rm...@aboutgolf.com wrote:
>> >
>> >
>> > The output is as below. This was without Run As Administrator - with
>> > it the Group 0 Sid changed to S-1-16-12288/High Mandatory Level, which
>> > *seems* appropriate
>>
>> It is.  Thanks for this test, the result is as horrifying as I imagined.
>> Can you please try the testcase attached to this mail, too?  It should
>> be built and run the same way:
>>
>>   $ gcc -g -o azure-check2 azure-check2.c -lnetapi32
>>   $ ./azure-check2
> 
> Pleae use the one attached in this mail.  I noticed I forgot to print
> primary group info.  It's not unimportant to see it as well.
> 

Here it is:

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check2
  Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
Dom\Name: AzureAD\RussellMora
Primary Group:
  Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
  Dom\Name: AzureAD\RussellMora
NetUserGetInfo: 53

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$

(As an aside, I assume that the fact that the permissions on the compiled 
executable are totally messed up, and thus the executable won't run until I fix 
them via Windows, is incidental to the fact that I am running under 
"Unknown+User" and thus you don't want any information on that as well.)

Cheers,
Russell.


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  3 20:00, Corinna Vinschen wrote:
> On Aug  3 12:53, rm...@aboutgolf.com wrote:
> > 
> > 
> > On Wednesday, August 3, 2016 10:32, "Corinna Vinschen" 
> >  said:
> > > 
> > > In the meantime I prepared my test application.  Can you please fetch
> > > the attached source and store it as, e.g., azure-check.c.  Then build
> > > and run it like this:
> > > 
> > >   $ gcc -g -o azure-check azure-check.c -lnetapi32
> > >   $ ./azure-check
> > > 
> > > Then run it and paste the complete output into your reply.
> > > 
> > > I have an idea for an extension of this testcase, but I think I have
> > > to see the output of this one first.
> > 
> > The output is as below. This was without Run As Administrator - with
> > it the Group 0 Sid changed to S-1-16-12288/High Mandatory Level, which
> > *seems* appropriate
> 
> It is.  Thanks for this test, the result is as horrifying as I imagined.
> Can you please try the testcase attached to this mail, too?  It should
> be built and run the same way:
> 
>   $ gcc -g -o azure-check2 azure-check2.c -lnetapi32
>   $ ./azure-check2

Pleae use the one attached in this mail.  I noticed I forgot to print
primary group info.  It's not unimportant to see it as well.


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;
  NET_API_STATUS status;
  PUSER_INFO_24 ui24;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());

  PTOKEN_PRIMARY_GROUP tpg = (PTOKEN_PRIMARY_GROUP) malloc (65536);
  if (GetTokenInformation (tok, TokenPrimaryGroup, tpg, 65536, ))
{
  printf ("Primary Group:\n");
  ConvertSidToStringSidA (tpg->PrimaryGroup, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);

  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tpg->PrimaryGroup, name, , 
 dom, , ))
printf ("  Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("  LookupAccountSidW: %u\n", GetLastError ());
}
  else
printf ("GetTokenInformation(primary): %u\n", GetLastError ());
  free (tpg);

  status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
  if (status != NERR_Success)
{
  status = NetUserGetInfo (dom, name, 24, (PBYTE *) );
  if (status != NERR_Success)
{
  printf ("NetUserGetInfo: %u\n", status);
  return 1;
}
}
  printf ("UserInfo:\n");
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);

  return 0;
}


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  3 12:53, rm...@aboutgolf.com wrote:
> 
> 
> On Wednesday, August 3, 2016 10:32, "Corinna Vinschen" 
>  said:
> > 
> > In the meantime I prepared my test application.  Can you please fetch
> > the attached source and store it as, e.g., azure-check.c.  Then build
> > and run it like this:
> > 
> >   $ gcc -g -o azure-check azure-check.c -lnetapi32
> >   $ ./azure-check
> > 
> > Then run it and paste the complete output into your reply.
> > 
> > I have an idea for an extension of this testcase, but I think I have
> > to see the output of this one first.
> 
> The output is as below. This was without Run As Administrator - with
> it the Group 0 Sid changed to S-1-16-12288/High Mandatory Level, which
> *seems* appropriate

It is.  Thanks for this test, the result is as horrifying as I imagined.
Can you please try the testcase attached to this mail, too?  It should
be built and run the same way:

  $ gcc -g -o azure-check2 azure-check2.c -lnetapi32
  $ ./azure-check2


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 

int
main ()
{
  HANDLE tok;
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  DWORD ret;
  LPSTR str;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;
  NET_API_STATUS status;
  PUSER_INFO_24 ui24;

  if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  printf ("OpenProcessToken: %u\n", GetLastError ());
  return 1;
}
  if (!GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("GetTokenInformation(user): %u\n", GetLastError ());
  return 1;
}
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);
  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("LookupAccountSidW: %u\n", GetLastError ());
  printf ("Attributes: 0x%08x\n", tp->User.Attributes);

  status = NetUserGetInfo (NULL, name, 24, (PBYTE *) );
  if (status != NERR_Success)
{
  status = NetUserGetInfo (dom, name, 24, (PBYTE *) );
  if (status != NERR_Success)
{
  printf ("NetUserGetInfo: %u\n", status);
  return 1;
}
}
  printf ("UserInfo:\n");
  printf ("  InternetIdentity: %d\n", ui24->usri24_internet_identity);
  printf ("  Flags: 0x%08x\n", ui24->usri24_flags);
  printf ("  ProviderName: %ls\n", ui24->usri24_internet_provider_name);
  printf ("  PrincipalName: %ls\n", ui24->usri24_internet_principal_name);
  ConvertSidToStringSidA (ui24->usri24_user_sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);

  return 0;
}


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

On Wednesday, August 3, 2016 10:32, "Corinna Vinschen" 
 said:
> 
> In the meantime I prepared my test application.  Can you please fetch
> the attached source and store it as, e.g., azure-check.c.  Then build
> and run it like this:
> 
>   $ gcc -g -o azure-check azure-check.c -lnetapi32
>   $ ./azure-check
> 
> Then run it and paste the complete output into your reply.
> 
> I have an idea for an extension of this testcase, but I think I have
> to see the output of this one first.

The output is as below. This was without Run As Administrator - with it the 
Group 0 Sid changed to S-1-16-12288/High Mandatory Level, which *seems* 
appropriate

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$ ./azure-check
PDom.Name: WORKGROUP
ADom.DomainName: Lenovo-PC
ADom.DomainSid: S-1-5-21-1836915194-3548948870-2562531131
DsEnumerateDomainTrustsW: 1722
User:
  Sid: S-1-12-1-2043906341-1249388050-2635137163-399631282
  Dom\Name: AzureAD\RussellMora
  Attributes: 0x
Group 0
  Sid: S-1-16-8192
  Dom\Name: Mandatory Label\Medium Mandatory Level
  Attributes: 0x0060
Group 1
  Sid: S-1-1-0
  Dom\Name: \Everyone
  Attributes: 0x0007
Group 2
  Sid: S-1-5-32-544
  Dom\Name: BUILTIN\Administrators
  Attributes: 0x0010
Group 3
  Sid: S-1-5-32-545
  Dom\Name: BUILTIN\Users
  Attributes: 0x0007
Group 4
  Sid: S-1-5-4
  Dom\Name: NT AUTHORITY\INTERACTIVE
  Attributes: 0x0007
Group 5
  Sid: S-1-2-1
  Dom\Name: \CONSOLE LOGON
  Attributes: 0x0007
Group 6
  Sid: S-1-5-11
  Dom\Name: NT AUTHORITY\Authenticated Users
  Attributes: 0x0007
Group 7
  Sid: S-1-5-15
  Dom\Name: NT AUTHORITY\This Organization
  Attributes: 0x0007
Group 8
  Sid: S-1-5-5-0-852920
  Dom\Name: NT AUTHORITY\LogonSessionId_0_852920
  Attributes: 0xc007
Group 9
  Sid: S-1-2-0
  Dom\Name: \LOCAL
  Attributes: 0x0007
Group 10
  Sid: S-1-12-1-2741946010-1181797680-2322883994-3292483823
  LookupAccountSidW: 1332
  Attributes: 0x0007
Group 11
  Sid: S-1-5-64-36
  Dom\Name: NT AUTHORITY\Cloud Account Authentication
  Attributes: 0x0007

Unknown+User@Lenovo-PC /cygdrive/c/cygwin64
$

HTH!

Cheers,
Russell


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  2 12:54, rm...@aboutgolf.com wrote:
> [I'm so sorry I'm messing up the mailing list by not replying to the proper 
> email I only just got it through my thick skull now to subscribe to the 
> mailing list. I think my brain is on vacation already]
> 
> 
> Unfortunately your prediction was correct - RunAs Administrator CMD gives 
> this:

Thanks!

In the meantime I prepared my test application.  Can you please fetch
the attached source and store it as, e.g., azure-check.c.  Then build
and run it like this:

  $ gcc -g -o azure-check azure-check.c -lnetapi32
  $ ./azure-check

Then run it and paste the complete output into your reply.

I have an idea for an extension of this testcase, but I think I have
to see the output of this one first.


Thanks in advance,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
#include 
#define _WIN32_WINNT 0x0a00
#define WINVER 0x0a00
#include 
#include 
#include 
#include 
#include 

int
main ()
{
  HANDLE lsa;
  NTSTATUS status;
  ULONG ret;
  PPOLICY_DNS_DOMAIN_INFO pdom;
  PPOLICY_ACCOUNT_DOMAIN_INFO adom;
  PDS_DOMAIN_TRUSTSW td;
  ULONG tdom_cnt;
  static LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
  LPSTR str;
  BOOL has_dom;
  HANDLE tok;
  WCHAR name[256];
  WCHAR dom[256];
  DWORD nlen, dlen;
  SID_NAME_USE type;

  status = LsaOpenPolicy (NULL, , POLICY_VIEW_LOCAL_INFORMATION, );
  if (!NT_SUCCESS (status))
{
  printf ("LsaOpenPolicy: 0x%08x\n", status);
  return 1;
}
  status = LsaQueryInformationPolicy (lsa, PolicyDnsDomainInformation,
  (PVOID *) );
  if (NT_SUCCESS (status))
{
  if (pdom->Name.Length)
printf ("PDom.Name: %ls\n", pdom->Name.Buffer);
  if (pdom->DnsDomainName.Length)
printf ("PDom.DnsDomainName: %ls\n", pdom->DnsDomainName.Buffer);
  if (pdom->DnsForestName.Length)
printf ("PDom.DnsForestName: %ls\n", pdom->DnsForestName.Buffer);
  has_dom = !!pdom->Sid;
  if (has_dom)
{
  ConvertSidToStringSidA (pdom->Sid, );
  printf ("PDom.Sid: %s\n", str);
  LocalFree (str);
}
  LsaFreeMemory (pdom);
}
  else
printf ("LsaQueryInformationPolicy (PDOM): 0x%08x\n", status);

  status = LsaQueryInformationPolicy (lsa, PolicyAccountDomainInformation,
  (PVOID *) );
  if (NT_SUCCESS (status))
{
  if (adom->DomainName.Length)
  printf ("ADom.DomainName: %ls\n", adom->DomainName.Buffer);
  ConvertSidToStringSidA (adom->DomainSid, );
  printf ("ADom.DomainSid: %s\n", str);
  LocalFree (str);
  LsaFreeMemory (adom);
}
  else
printf ("LsaQueryInformationPolicy (ADOM): 0x%08x\n", status);
  if (dom)
{
  ret = DsEnumerateDomainTrustsW (NULL, DS_DOMAIN_DIRECT_INBOUND
| DS_DOMAIN_DIRECT_OUTBOUND
| DS_DOMAIN_IN_FOREST,
   , _cnt);
  if (ret == ERROR_SUCCESS)
for (ULONG idx = 0; idx < tdom_cnt; ++idx)
  {
printf ("Trusted Domain %u:\n", idx);
printf ("  NetbiosDomainName: %ls\n", td[idx].NetbiosDomainName);
if (td[idx].DnsDomainName)
  printf ("  DnsDomainName: %ls\n", td[idx].DnsDomainName);
printf ("  Flags: 0x%08x\n", td[idx].Flags);
printf ("  TrustType: 0x%08x\n", td[idx].TrustType);
printf ("  TrustAttributes: 0x%08x\n", td[idx].TrustAttributes);
if (td[idx].DomainSid)
  {
ConvertSidToStringSidA (td[idx].DomainSid, );
printf ("DomainSid: %s\n", str);
LocalFree (str);
  }
  }
  else
printf ("DsEnumerateDomainTrustsW: %u\n", ret);
}
  LsaClose (lsa);
  if (OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, ))
{
  PTOKEN_USER tp = (PTOKEN_USER) malloc (65536);
  if (GetTokenInformation (tok, TokenUser, tp, 65536, ))
{
  printf ("User:\n");
  ConvertSidToStringSidA (tp->User.Sid, );
  printf ("  Sid: %s\n", str);
  LocalFree (str);

  nlen = dlen = 256;
  if (LookupAccountSidW (NULL, tp->User.Sid, name, , 
 dom, , ))
printf ("  Dom\\Name: %ls\\%ls\n", dom, name);
  else
printf ("  LookupAccountSidW: %u\n", GetLastError ());
  printf ("  Attributes: 0x%08x\n", tp->User.Attributes);
}
  else
printf ("GetTokenInformation(user): %u\n", GetLastError ());
  free (tp);

  PTOKEN_GROUPS tg = (PTOKEN_GROUPS) malloc (65536);
  if (GetTokenInformation (tok, TokenGroups, tg, 65536, ))
for (ULONG idx = 0; idx < tg->GroupCount; ++idx)
  {
printf ("Group %u\n", idx);
ConvertSidToStringSidA 

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

olf.com>
Sent: Tuesday, August 2, 2016 11:44
To: corinna-cyg...@cygwin.com, cygwin@cygwin.com
Cc: t...@towo.net
Subject: Re: /dev/ptmx fails with Azure accounts



Though I am going on vacation in a couple of days until the 15th

C:\Users\RussellMora>whoami
azuread\russellmora

C:\Users\RussellMora>whoami /fqdn
ERROR: Unable to get Fully Qualified Distinguished Name (FQDN) as the current
   logged-on user is not a domain user.

C:\Users\RussellMora>whoami /all

USER INFORMATION


User Name   SID
=== ===
azuread\russellmora S-1-12-1-2043906341-1249388050-2635137163-399631282


GROUP INFORMATION
-

Group NameType SID  
Attributes
=  
 
==
Mandatory Label\Medium Mandatory LevelLabelS-1-16-8192
Everyone  Well-known group S-1-1-0  
Mandatory group, Enabled by default, Enabled 
group
BUILTIN\AdministratorsAliasS-1-5-32-544 
Group used for deny only
BUILTIN\Users AliasS-1-5-32-545 
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\INTERACTIVE  Well-known group S-1-5-4  
Mandatory group, Enabled by default, Enabled 
group
CONSOLE LOGON Well-known group S-1-2-1  
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\Authenticated Users  Well-known group S-1-5-11 
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\This OrganizationWell-known group S-1-5-15 
Mandatory group, Enabled by default, Enabled 
group
LOCAL Well-known group S-1-2-0  
Mandatory group, Enabled by default, Enabled 
group
  Unknown SID type 
S-1-12-1-2741946010-1181797680-2322883994-3292483823 Mandatory group, Enabled 
by default, Enabled group
NT AUTHORITY\Cloud Account Authentication Well-known group S-1-5-64-36  
Mandatory group, Enabled by default, Enabled 
group


PRIVILEGES INFORMATION
--

Privilege NameDescription  State
=  
SeShutdownPrivilege   Shut down the system Disabled
SeChangeNotifyPrivilege   Bypass traverse checking Enabled
SeUndockPrivilege Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set   Disabled
SeTimeZonePrivilege   Change the time zone Disabled


C:\Users\RussellMora>



On Aug  1 22:24, Thomas Wolff wrote:
> For Azure Domain users (and I do not really know what that means),
> pts handling does not seem to work, at least not for mintty, where forkpt=
y()
> fails.
> Please check https://github.com/mintty/mintty/issues/563 for a discussion,
> and my comment
> https://github.com/mintty/mintty/issues/563#issuecomment-235310199
>=20
> Also, there has been a similar report here:
> https://sourceware.org/ml/cygwin/2016-02/msg00046.html
>=20
> I have no idea how to establish a working startup of mintty for those use=
rs.

The problem here is that it's impossible to generate access
permissions for the pty with those weird accounts.  I like it
how Microsoft screws up otherwise working software with this
strange domain handling.

To fix this we have to be able to come up with a working user and group
account for these cases.  For that I need at least output from `whoami
/all'.  I wonder why supposedly nobody tried that after /fqdn didn't
work.

This may be fixable by somebody with such an account and willing to hack
on the Cygwin function pwdgrp::fetch_account_from_windows().  There's
already some code for the so-called "Windows accounts" which seem to
work in a similar fashion (albeit in this case the user has a local
account SID).

Alternatively I need at least a guinea pig with such an account,


Corinna






--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

Hi,

On Aug  2 11:44, rm...@aboutgolf.com wrote:
> 

Thank you!  Just a small request, please don't cc the corinna-cygwin
account, just send to the list.  Thank you.

> C:\Users\RussellMora>whoami /all
> 
> USER INFORMATION
> 
> 
> User Name   SID
> === ===
> azuread\russellmora S-1-12-1-2043906341-1249388050-2635137163-399631282
> 
> 
> GROUP INFORMATION
> -
> 
> Group NameType SID
>   Attributes
> =  
>  
> ==
> Mandatory Label\Medium Mandatory LevelLabelS-1-16-8192
> Everyone  Well-known group S-1-1-0
>   Mandatory group, Enabled by default, 
> Enabled group
> BUILTIN\AdministratorsAliasS-1-5-32-544   
>   Group used for deny only
> BUILTIN\Users AliasS-1-5-32-545   
>   Mandatory group, Enabled by default, 
> Enabled group
> NT AUTHORITY\INTERACTIVE  Well-known group S-1-5-4
>   Mandatory group, Enabled by default, 
> Enabled group
> CONSOLE LOGON Well-known group S-1-2-1
>   Mandatory group, Enabled by default, 
> Enabled group
> NT AUTHORITY\Authenticated Users  Well-known group S-1-5-11   
>   Mandatory group, Enabled by default, 
> Enabled group
> NT AUTHORITY\This OrganizationWell-known group S-1-5-15   
>   Mandatory group, Enabled by default, 
> Enabled group
> LOCAL Well-known group S-1-2-0
>   Mandatory group, Enabled by default, 
> Enabled group
>   Unknown SID type 
> S-1-12-1-2741946010-1181797680-2322883994-3292483823 Mandatory group, Enabled 
> by default, Enabled group

^^
Yuk!

This is not nice.  Can you try to repeat this call to `whoami /all'
in an elevated shell?  I doubt it will chnage the outcome in terms
of this "Unknown SID", but let's at least try...

I think I will have to come up with a test application as well,
but this might take a day or two...


Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[rm...@aboutgolf.com]

Though I am going on vacation in a couple of days until the 15th

C:\Users\RussellMora>whoami
azuread\russellmora

C:\Users\RussellMora>whoami /fqdn
ERROR: Unable to get Fully Qualified Distinguished Name (FQDN) as the current
   logged-on user is not a domain user.

C:\Users\RussellMora>whoami /all

USER INFORMATION


User Name   SID
=== ===
azuread\russellmora S-1-12-1-2043906341-1249388050-2635137163-399631282


GROUP INFORMATION
-

Group NameType SID  
Attributes
=  
 
==
Mandatory Label\Medium Mandatory LevelLabelS-1-16-8192
Everyone  Well-known group S-1-1-0  
Mandatory group, Enabled by default, Enabled 
group
BUILTIN\AdministratorsAliasS-1-5-32-544 
Group used for deny only
BUILTIN\Users AliasS-1-5-32-545 
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\INTERACTIVE  Well-known group S-1-5-4  
Mandatory group, Enabled by default, Enabled 
group
CONSOLE LOGON Well-known group S-1-2-1  
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\Authenticated Users  Well-known group S-1-5-11 
Mandatory group, Enabled by default, Enabled 
group
NT AUTHORITY\This OrganizationWell-known group S-1-5-15 
Mandatory group, Enabled by default, Enabled 
group
LOCAL Well-known group S-1-2-0  
Mandatory group, Enabled by default, Enabled 
group
  Unknown SID type 
S-1-12-1-2741946010-1181797680-2322883994-3292483823 Mandatory group, Enabled 
by default, Enabled group
NT AUTHORITY\Cloud Account Authentication Well-known group S-1-5-64-36  
Mandatory group, Enabled by default, Enabled 
group


PRIVILEGES INFORMATION
--

Privilege NameDescription  State
=  
SeShutdownPrivilege   Shut down the system Disabled
SeChangeNotifyPrivilege   Bypass traverse checking Enabled
SeUndockPrivilege Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set   Disabled
SeTimeZonePrivilege   Change the time zone Disabled


C:\Users\RussellMora>



On Aug  1 22:24, Thomas Wolff wrote:
> For Azure Domain users (and I do not really know what that means),
> pts handling does not seem to work, at least not for mintty, where forkpt=
y()
> fails.
> Please check https://github.com/mintty/mintty/issues/563 for a discussion,
> and my comment
> https://github.com/mintty/mintty/issues/563#issuecomment-235310199
>=20
> Also, there has been a similar report here:
> https://sourceware.org/ml/cygwin/2016-02/msg00046.html
>=20
> I have no idea how to establish a working startup of mintty for those use=
rs.

The problem here is that it's impossible to generate access
permissions for the pty with those weird accounts.  I like it
how Microsoft screws up otherwise working software with this
strange domain handling.

To fix this we have to be able to come up with a working user and group
account for these cases.  For that I need at least output from `whoami
/all'.  I wonder why supposedly nobody tried that after /fqdn didn't
work.

This may be fixable by somebody with such an account and willing to hack
on the Cygwin function pwdgrp::fetch_account_from_windows().  There's
already some code for the so-called "Windows accounts" which seem to
work in a similar fashion (albeit in this case the user has a local
account SID).

Alternatively I need at least a guinea pig with such an account,


Corinna





--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  2 11:54, Corinna Vinschen wrote:
> On Aug  1 22:24, Thomas Wolff wrote:
> > For Azure Domain users (and I do not really know what that means),
> > pts handling does not seem to work, at least not for mintty, where forkpty()
> > fails.
> > Please check https://github.com/mintty/mintty/issues/563 for a discussion,
> > and my comment
> > https://github.com/mintty/mintty/issues/563#issuecomment-235310199
> > 
> > Also, there has been a similar report here:
> > https://sourceware.org/ml/cygwin/2016-02/msg00046.html
> > 
> > I have no idea how to establish a working startup of mintty for those users.
> 
> The problem here is that it's impossible to generate access
> permissions for the pty with those weird accounts.  I like it
> how Microsoft screws up otherwise working software with this
> strange domain handling.
> 
> To fix this we have to be able to come up with a working user and group
> account for these cases.  For that I need at least output from `whoami
> /all'.  I wonder why supposedly nobody tried that after /fqdn didn't
> work.
> 
> This may be fixable by somebody with such an account and willing to hack
> on the Cygwin function pwdgrp::fetch_account_from_windows().  There's
> already some code for the so-called "Windows accounts" which seem to
> work in a similar fashion (albeit in this case the user has a local
> account SID).
> 
> Alternatively I need at least a guinea pig with such an account,

There's another problem with those accounts.  If they act like a domain
account, but there's no valid domain info on the machine (*), then who
should Cygwin ask for shell and home dir?

(*) That's the cause of the "Unknown domain AzureAD".  Usually the local
machine has a list of domains which is refreshed once in a while.
Even the local machine SAM is a domain in this view.

However, while the LookupAccountSid function seems to return
"AzureAD" as the domain name for this account, the domain list on
the local machine does not contain this domain.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

Re: /dev/ptmx fails with Azure accounts

[Corinna Vinschen]

On Aug  1 22:24, Thomas Wolff wrote:
> For Azure Domain users (and I do not really know what that means),
> pts handling does not seem to work, at least not for mintty, where forkpty()
> fails.
> Please check https://github.com/mintty/mintty/issues/563 for a discussion,
> and my comment
> https://github.com/mintty/mintty/issues/563#issuecomment-235310199
> 
> Also, there has been a similar report here:
> https://sourceware.org/ml/cygwin/2016-02/msg00046.html
> 
> I have no idea how to establish a working startup of mintty for those users.

The problem here is that it's impossible to generate access
permissions for the pty with those weird accounts.  I like it
how Microsoft screws up otherwise working software with this
strange domain handling.

To fix this we have to be able to come up with a working user and group
account for these cases.  For that I need at least output from `whoami
/all'.  I wonder why supposedly nobody tried that after /fqdn didn't
work.

This may be fixable by somebody with such an account and willing to hack
on the Cygwin function pwdgrp::fetch_account_from_windows().  There's
already some code for the so-called "Windows accounts" which seem to
work in a similar fashion (albeit in this case the user has a local
account SID).

Alternatively I need at least a guinea pig with such an account,


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


signature.asc
Description: PGP signature

/dev/ptmx fails with Azure accounts

[Thomas Wolff]

For Azure Domain users (and I do not really know what that means),
pts handling does not seem to work, at least not for mintty, where 
forkpty() fails.

Please check https://github.com/mintty/mintty/issues/563 for a discussion,
and my comment 
https://github.com/mintty/mintty/issues/563#issuecomment-235310199


Also, there has been a similar report here: 
https://sourceware.org/ml/cygwin/2016-02/msg00046.html


I have no idea how to establish a working startup of mintty for those users.
--
Thomas

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple