diff --git a/winsup/utils/utils.sgml b/winsup/utils/utils.sgml
index 131b0a56d..d4ffe7dc2 100644
--- a/winsup/utils/utils.sgml
+++ b/winsup/utils/utils.sgml
@@ -372,6 +372,7 @@ This program prints a /etc/group file to stdout
Options:
-l,--local print local group information
+ -c,--current print current group, if a domain account
-d,--domain print global group information from the domain
specified (or from the current domain if there is
no domain specified)
@@ -389,14 +390,15 @@ One of `-l' or `-d' must be given on NT/W2K.
The mkgroup program can be used to help
configure your Windows system to be more UNIX-like by creating an
-initial /etc/group substitute (some commands need this
-file) from your system information. It only works on the NT series
-(Windows NT, 2000, and XP). mkgroup does not work on
-the Win9x series (Windows 95, 98, and Me) because they lack the security model
-to support it. To initially set up your machine, you'd do something like
-this:
-
-Setting up the groups file
+initial /etc/group.
+Its use is essential on the NT series (Windows NT, 2000, and XP) to
+include Windows security information.
+It can also be used on the Win9x series (Windows 95, 98, and Me) to
+create a file with the correct format.
+To initially set up your machine if you are a local user, you'd do
+something like this:
+
+Setting up the groups file for local accounts
$ mkdir /etc
$ mkgroup -l > /etc/group
@@ -408,16 +410,24 @@ information in your system, you'll need to regenerate the group file
for it to have the new information.
The -d and -l options
-allow you to specify where the information comes from, either the
-local machine or the default (or given) domain. The -o
-option allows for special cases (such as multiple domains) where the GIDs
-might match otherwise. The -s
+allow you to specify where the information comes from, the
+local machine or the domain (default or given), or both.
+With the -d option the program contacts the Domain
+Controller, which my be unreachable or have restricted access.
+An entry for the current domain user can then be created by using the
+option -c together with -l,
+but -c has no effect when used with -d.
+The -o option allows for special cases
+(such as multiple domains) where the GIDs might match otherwise.
+The -s
option omits the NT Security Identifier (SID). For more information on
SIDs, see in the Cygwin User's Guide. The
-u option causes mkgroup to
enumerate the users for each group, placing the group members in the
gr_mem (last) field. Note that this can greatly increase
the time for mkgroup to run in a large domain.
+Having gr_mem fields is helpful when a domain user logs in remotely
+while the local machine is disconnected from the Domain Controller.
@@ -431,6 +441,7 @@ This program prints a /etc/passwd file to stdout
Options:
-l,--local print local user accounts
+ -c,--current print current account, if a domain account
-d,--domain print domain accounts (from current domain
if no domain specified)
-o,--id-offset offset change the default offset (10000) added to uids
@@ -450,14 +461,17 @@ One of `-l', `-d' or `-g' must be given on NT/W2K.
The mkpasswd program can be used to help
configure your Windows system to be more UNIX-like by creating an
-initial /etc/passwd substitute (some commands
-need this file) from your system information. It only works on the NT series
-(Windows NT, 2000, and XP). mkpasswd does not work on
-the Win9x series (Windows 95, 98, and Me) because they lack the security model
-to support it. To initially set up your machine, you'd do something like
-this:
-
-Setting up the passwd file
+initial /etc/passwd from your system information.
+Its use is essential on the NT series (Windows NT, 2000, and XP) to
+include Windows security information, but the actual passwords are
+determined by Windows, not by the content of /etc/passwd.
+On the Win9x series (Windows 95, 98, and Me) the password field must be
+replaced by the output of crypt your_password
+if remote access is desired.
+To initially set up your machine if you are a local user, you'd do
+something like this:
+
+Setting up the passwd file for local accounts
$ mkdir /etc
$ mkpasswd -l > /etc/passwd
@@ -469,10 +483,16 @@ information in your system, you'll need to regenerate the passwd file
for it to have the new information.
The -d and -l options
-allow you to specify where the information comes from, either the
-local machine or the default (or given) domain. The -o
-option allows for special cases (such as multiple domains) where the UIDs
-might match otherwise. The -g option creates a local
+allow you to specify where the information comes from, the
+local machine or the domain (default or given), or both.
+With the -d option the program contacts the Domain
+Controller, which my be unreachable or have restricted access.
+An entry for the current domain user can then be created by using the
+option -c together with -l,
+but -c has no effect when used with -d.
+The -o option allows for special cases
+(such as multiple domains) where the UIDs might match otherwise.
+The -g option creates a local
user that corresponds to each local group. This is because NT assigns groups
file ownership. The -m option bypasses the current
mount table so that, for example, two users who have a Windows home
@@ -489,9 +509,9 @@ use a prefix other than /home/. For example, this command:
would put local users' home directories in the Windows 'Profiles' directory.
-The -u option allows mkpasswd to
-search for a specific username, greatly reducing the amount of time it
-takes in a large domain.
+On Win9x machines the -u option creates an entry for
+the specified user. On the NT series it restricts the output to that user,
+greatly reducing the amount of time it takes in a large domain.