Re: Some or all identity references could not be translated.

From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 5 Jun 2008 16:50:54 -0500

Don't use an NTAccount for the IdentityReference. Instead, use a
SecurityIdentifier type and build that based on reading the objectSid
attribute of the user or group you created previously. That way, you don't
have to worry about any replication lag causing the name translation to fail
since there is no name translation involved when you use the SID directly.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Darko Bazulj" <darko.bazulj@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E3FB40C5-DE83-43D9-8AED-26CE049F921B@xxxxxxxxxxxxxxxx

Hi,

what I try to do:

create user/group in AD(works fine).
set permissions on folder for created user/group(problems)

If I try that I get the following error:

System.Security.Principal.IdentityNotMappedException: Some or all identity
references could not be translated.
at
System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection
sourceAccounts, Type targetType, Boolean forceSuccess)
at System.Security.Principal.NTAccount.Translate(Type targetType)
at
System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification
modification, AccessRule rule, Boolean& modified)
at
System.Security.AccessControl.ObjectSecurity.ModifyAccessRule(AccessControlModification
modification, AccessRule rule, Boolean& modified)

If I try set permissions for same user/group about 30 seconds after
creation everything went fine.

CODE:

Dim identity As NTAccount

identity = New NTAccount(strUserName)

Dim dInfo As New DirectoryInfo(strFolderName)
Dim dSecurity As DirectorySecurity =
dInfo.GetAccessControl(AccessControlSections.Access)

dSecurity.AddAccessRule(New FileSystemAccessRule(identity, _
rights, _
iFlags, _
pFlags, _
acType))

dInfo.SetAccessControl(dSecurity)

Can someone help, suggest something??

Follow-Ups:
- Re: Some or all identity references could not be translated.
  - From: Darko Bazulj

References:
- Some or all identity references could not be translated.
  - From: Darko Bazulj

Prev by Date: Some or all identity references could not be translated.
Next by Date: Re: 2 connection strings, one SQL one network MDB
Previous by thread: Some or all identity references could not be translated.
Next by thread: Re: Some or all identity references could not be translated.
Index(es):
- Date
- Thread

Relevant Pages

Re: User account querry
... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... every user object and their security descriptor, ... Dim strDN, objACE, blnSelf, blnEveryone ...
(microsoft.public.windows.server.active_directory)
Re: LDAP problem
... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Dim oSearchResult As System.DirectoryServices.SearchResult ... if bindUser was 1 the user login and password were ok, ...
(microsoft.public.dotnet.security)
Re: Some or all identity references could not be translated.
... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Dim user As New UserPrincipal ... There is no such object on the server. ... strSamAccountName, String strPassword, String strOU, String ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Access Denied
... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Dim objADAM ' Binding object. ... ' Output error if bind fails. ...
(microsoft.public.windows.server.active_directory)