windows: failed to look up user from userid: No mapping between account names and security IDs was done. #869
Assignees
Labels
Comments
bradfitz
added a commit
that referenced
this issue
Oct 29, 2020
If we can't find the mapping from SID ("user ID") -> username, don't
treat that as a fatal. Apparently that happens in the wild for Reasons.
Ignore it for now. It's just a nice-to-have for error messages in the
rare multi-user case.
Updates #869
bradfitz
added a commit
that referenced
this issue
Oct 29, 2020
If we can't find the mapping from SID ("user ID") -> username, don't
treat that as a fatal. Apparently that happens in the wild for Reasons.
Ignore it for now. It's just a nice-to-have for error messages in the
rare multi-user case.
Updates #869
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
Sent #871 |
bradfitz
added a commit
that referenced
this issue
Oct 29, 2020
If we can't find the mapping from SID ("user ID") -> username, don't
treat that as a fatal. Apparently that happens in the wild for Reasons.
Ignore it for now. It's just a nice-to-have for error messages in the
rare multi-user case.
Updates #869
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz
added
T2 Visual Polish
|
Good enough for now. |
|
Does still happen in the wild: |
|
Reopening for @dblohm7 to investigate properly, as my earlier fix was a band-aid at best. |
|
For starters, I filed golang/go#49509 |
dblohm7
added a commit
that referenced
this issue
Feb 2, 2022
…ailures on Windows to reject SIDs from deleted/invalid security principals Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Feb 2, 2022
…ailures on Windows to reject SIDs from deleted/invalid security principals. Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Feb 2, 2022
…ailures on Windows to reject SIDs from deleted/invalid security principals. Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Feb 2, 2022
…ailures on Windows to reject SIDs from deleted/invalid security principals. Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Feb 2, 2022
…ailures on Windows to reject SIDs from deleted/invalid security principals. Our current workaround made the user check too lax, thus allowing deleted users. This patch adds a helper function to winutil that checks that the uid's SID represents a valid Windows security principal. Now if `lookupUserFromID` determines that the SID is invalid, we simply propagate the error. Updates #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 24, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 24, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 24, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 24, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Fixes #2894 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 25, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Fixes #2894 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
dblohm7
added a commit
that referenced
this issue
Nov 28, 2022
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes #869 Fixes #2894 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
coadler
pushed a commit
to coder/tailscale
that referenced
this issue
Feb 2, 2023
…to address os/user.LookupId errors on Windows I added util/winutil/LookupPseudoUser, which essentially consists of the bits that I am in the process of adding to Go's standard library. We check the provided SID for "S-1-5-x" where 17 <= x <= 20 (which are the known pseudo-users) and then manually populate a os/user.User struct with the correct information. Fixes tailscale#869 Fixes tailscale#2894 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
User reports, with 1.1.556:
Internet says:
/cc @alexbrainman
The text was updated successfully, but these errors were encountered: