On Fri, Jun 3, 2022 at 6:23 AM Brent Epp wrote: I would think so too, but that doesn't appear to be happening. If it > makes a difference, the SID actually starts with S-1-5-21. I have to > manually take ownership in order to even access the files at all. >
Explained another way: According to https://docs.microsoft.com/en-us/windows/win32/secauthz/well-known-sids - Constant: SECURITY_NT_NON_UNIQUE String Value: S-1-5-21 Identifies: SIDS are not unique. SIDs starting with S-1-5-21 are non-unique, which means basically the SID is made unique by the addition of a RID (relative identifier). If the SID starts with S-1-5-21 and ends in 500, it is the local "Administrator" account of some computer (or domain). In other words, S-1-5-21 SIDs are computer or domain accounts that the system couldn't resolve when it enumerated the ACL. You can see SIDs for local accounts on a machine from PowerShell (all one line): Get-WmiObject -Query "SELECT * FROM Win32_UserAccount WHERE LocalAccount='TRUE'" | Select-Object Name,SID Note that in the output, these SIDs will start with S-1-5-21 and end with various RIDs. Bill -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple