This is partially addressed in r1785. The "None" group is returned (with proper qualification), whether the user entity value is qualified or not (which is still not technically correct, but is backward-compatible).

As of this writing, in svn trunk, what is still not fixed is that group_test will claim that the group does not exist, even though it does. The reason for this has to do with strange windows API behavior. As far as I've been able to tell, the "None" group is local (it has SID <computer sid>-513), yet only the windows API variants for global groups will return any info about it. Because of the way the windows APIs work, you must first decide whether a given trustee is local or global, and then use that to decide whether to invoke the windows APIs for local or global groups. ovaldi correctly determines that "None" is a local trustee, so it invokes the APIs for local trustees, which indicate that the group doesn't exist. So the "None" group is an annoying special case, which ovaldi doesn't yet handle.

Fyi