Open rkitover opened 2 years ago
@tgauth - please have a look.
@rkitover, could you run the following commands PowerShell?
$systemSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::LocalSystemSid)
$adminsSid = Get-UserSID -WellKnownSidType ([System.Security.Principal.WellKnownSidType]::BuiltinAdministratorsSid)
$currentUserSid = Get-UserSID -User "$($env:USERDOMAIN)\$($env:USERNAME)"
Based on that error message, it seems like one, or more, of the args ($systemSid, $adminsSid, $currentUserSid) being passed into Repair-FilePermission via the -Owners parameter is $null
@rkitover, disregard my previous comment - I was able to repro this issue.
Over SSH, I found that the env:USERDOMAIN was set to WORKGROUP, while the actual value, in my case, should be NULL (This discrepancy is what results in $currentUserSid = Get-UserSID -User "$($env:USERDOMAIN)\$($env:USERNAME)"
being $null
and leads to the PowerShell error).
To temporarily fix this and run the file permissions script, modify the $env:USERDOMAIN variable during the SSH session to the proper value (note, if the value is $null and USERDOMAIN no longer shows up in the list of environment variables, the script will still run). This value will only persist for the duration of that SSH session.
If a lasting fix is required, the Registry could be updated by adding a USERDOMAIN key under the user's Environment that is populated with the actual value. Going forward, when the user establishes an SSH session, the value from the Registry will populate that environment variable. I can provide more information on this, if necessary.
If the actual domain of the user is already known, it can be confirmed by running the following in PowerShell:
$user = [System.Security.Principal.NTAccount]"<actual domain>\$($env:USERNAME)"
$userSID = $user.Translate([System.Security.Principal.SecurityIdentifier])
$userSID.value
If not, the SIDs can be found in the Registry, under HKEY_USERS.
If opening the Registry GUI is not an option, run the following in Command Prompt: REG QUERY HKU
This will list all the SIDs on the machine. In PowerShell, translate from SID to Username until the correct one is found:
$SIDstr = 'from result of REG QUERY HKU'
$SID = New-Object System.Security.Principal.SecurityIdentifier($SIDstr)
$user = $objSID.Translate([System.Security.Principal.NTAccount])
$user.Value
Lastly, set the USERDOMAIN and execute the script:
$env:USERDOMAIN = "<actual domain>"
powershell -noprofile -file .\FixUserFilePermissions.ps1
Thank you for the detailed response, I don't personally need a fix for this, I was just reporting the issue.
Can we not fix the code to get the domain in a more reliable way?
"OpenSSH for Windows" version 8.0.0.0
Server OperatingSystem Windows 10 Pro
Client OperatingSystem Windows 10 Pro
What is failing
when connected to the computer over ssh, with the default shell set to:
Expected output
Actual output