`FixHostFilePermissions.ps1` is failing when running as the SYSTEM user

[iAmPedestrian]

Prerequisites

• Write a descriptive title.
• Make sure you are able to repro it on the latest version
• Search the existing issues.

Steps to reproduce

• run the script as the SYSTEM user (we are running as SYSTEM because of automation via Puppet)
• have profile of non-existing (deleted) domain user on the server, that has the key file in the homedir

so basically like this

PS C:\Windows\system32> psexec -s powershell.exe
PsExec v2.2 - Execute processes remotely
Copyright (C) 2001-2016 Mark Russinovich
Sysinternals - www.sysinternals.com

Windows PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> whoami
nt authority\system

PS C:\program files\openssh> PS C:\program files\openssh> fixhostfilepermissions.ps1

Expected behavior

skip or correct the key of non-existing user so that script won't fail, or not emit the exception that throws Puppet off

Actual behavior

PS C:\program files\openssh> fixhostfilepermissions.ps1
  [*] C:\ProgramData\ssh\sshd_config
      looks good

  [*] C:\ProgramData\ssh\ssh_host_dsa_key
      looks good

  [*] C:\ProgramData\ssh\ssh_host_dsa_key.pub
      looks good

  [*] C:\ProgramData\ssh\ssh_host_ecdsa_key
      looks good

  [*] C:\ProgramData\ssh\ssh_host_ecdsa_key.pub
      looks good

  [*] C:\ProgramData\ssh\ssh_host_ed25519_key
      looks good

  [*] C:\ProgramData\ssh\ssh_host_ed25519_key.pub
      looks good

  [*] C:\ProgramData\ssh\ssh_host_rsa_key
      looks good

  [*] C:\ProgramData\ssh\ssh_host_rsa_key.pub
      looks good

  [*] C:\Users\_non_existing_domain_user\.ssh\authorized_keys

Exception calling "SetOwner" with "1" argument(s): "Value cannot be null.
Parameter name: identity"
At C:\Program Files\OpenSSH\OpenSSHUtils.psm1:397 char:13
+             $acl.SetOwner($newOwner)
+             ~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : ArgumentNullException

      looks good

   Done.

Error details

Environment data

PS C:\program files\openssh> $psversiontable
$psversiontable
Name                           Value
----                           -----
PSVersion                      5.1.14393.8592
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.14393.8592
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Version

OpenSSH_for_Windows_10.0p2 Win32-OpenSSH-GitHub, LibreSSL 4.2.0

Visuals

No response

[matsmcp]

I took a quick look.

looks like Get-UserAccount -User $Owners[0] returns null when the account has been removed.

I do not have a propper environment to test this in but I think that changing

if($pscmdlet.ShouldProcess($description, $prompt, $caption))

to
if($pscmdlet.ShouldProcess($description, $prompt, $caption) -and $newOwner -ne $null )
may handle the condition

Edit: I have just looked at this error. Not at the entire script so there may be more instances where this could occour