Solved

NTAccount Translation seconds after account has been created c#

Posted on 2010-08-17
2
745 Views
Last Modified: 2012-05-10
Hey all I am getting the following error, what I am doing is creating an account in the AD then a split second later creating their home folder. Another split second later I am assigning the permissions to the folder but for some reason I can not translate the account. Do I need to wait a set time?

17/08/2010 09:00:43: Permissions: EB0849758 FAILED - System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at System.Security.AccessControl.FileSystemSecurity.AddAccessRule(FileSystemAccessRule rule)
   at KazooSoft.FolderPermissions.AddFolderSecurity(String folderName, String account, FileSystemRights rights, AccessControlType controlType) in \\ncs-srv09\staffhomes$\schurch\My Documents\Visual Studio 2010\Projects\KazooADIntegrationUtility\KS-FolderPermission.cs:line 68
0
Comment
Question by:KazooSoft
2 Comments
 
LVL 12

Accepted Solution

by:
Rant32 earned 500 total points
ID: 33454551
Yes, it is possible that the domaincontroller that authenticated your fileserver has not received the update for the new user account yet. This is normal behaviour.

Within a 2003 AD site, any domain controller waits 15 seconds before sending an update notification to its replication partners, with a maximum of 3 hops. Reference: http://technet.microsoft.com/en-us/library/cc728010%28WS.10%29.aspx

Instead of waiting for a random interval, you may catch the specific exception and retry after 15 seconds.
0
 
LVL 4

Author Comment

by:KazooSoft
ID: 33454815
Cheers Rant, that's what I ended up doing.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS forwarders "unable to resolve" 1 65
global Variable - 2 functions in powershell 1 21
AD Tool/Script Populate Security Groups Automatically 8 40
Return array 3 20
This article runs through the process of deploying a single EXE application selectively to a group of user.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question