Puppet Version:6.11.1, 6.12, 6.13 Puppet Server Version: 6.7.1 OS Name/Version: Windows Server 2012 R2 Unable to manage windows users if a not resolvable SID exists in a group. Also, the command 'puppet resource group' fails if there is a not resolvable SID in any group on the server. We currently run Puppet 5.5.6 and this is not an issue. We are holding off on upgrading. Steps to reproduce:
- **Create a test user in Active Directory
- Add the test user to the local Administrators group on a windows server
- Delete the test user in Active Directory
- There are two tests
- Run puppet resource group command
- Run puppet apply -e "group {'Administrators': ensure => 'present', members => ['Administrator'], auth_membership => false }"
Desired Behavior: Puppet should ignore not resolvable SIDs so we can still manage windows users locally Actual Behavior: After running 'puppet resource group': Error: Could not run: Could not resolve name: S-1-5-21-994416979-1451695006-1560425512-1327 (unresolvable) After running puppet apply -e "group {'Administrators': ensure => 'present', members => ['Administrator'], auth_membership => false }": Error: /Stage[main]/Main/Group[Administrators]: Could not evaluate: Could not resolve name: S-1-5-21-994416979-1451695006-1560425512-1327 (unresolvable) |