The GID and UID numbers Cygwin uses may change after a computer is joined to Active Directory.
Also, depending on the version of Cygwin the format of the resulting output from mkpasswd -l and mkgroup -l may differ. As a result, the operations performed by update_cygwin.cmd may fail to allow the sshd service to work correctly. Example:
Cygwin 1.5, output the same whether or not computer is joined to AD:
Note: the UID 1000 corresponds to the Windows numeric identifier for the user account. GID 513 represents the None group.
Cygwin 2.2, computer not joined to AD:
Note: the UID and GID numbers changed. AFAIK, the 197152 GID is fixed and still corresponds to the None group.
Cygwin 2.8, computer joined to AD:
Note: the computer name is prepended to the beginning of the line. This is also the case for the line corresponding to the None group produced by the mkgroup command:
I also noticed problems caused by the way the vcld backend code configures computers prior to a reboot or capture. Each may add a startup scheduled task – VCL Update Cygwin and VCL Post Load respectively. These may run at the same time. Both call update_cygwin.cmd (post load does a few additional steps). Problems occur if multiple instances of update_cygwin.cmd runs at the same time. Contained in the script are commands to delete existing host key files and then regenerate them. The regenerate command hangs if the key file it is trying to create already exists. This causes that instance of update_cygwin.cmd to hang indefinitely.