“Some or all identity references could not be translated” error when creating managed account in SharePoint

Symptoms

You are trying to create a new managed account and what you get is either:

  • New-SPManagedAccount : Some or all identity references could not be translated error when you try to do it with New-SPManagedAccount PowerShell cmdlet
  • The specified user <AccountName> could not be found. Some or all identity references could not be translated when you try to do it in Central Administration GUI

What to check to pinpoint the issue

  • If the account name you are adding as managed is longer than 20 symbols

The reason why it doesn’t work

In this post I describe the case when an account has a name longer than 20 symbols (however, there might be other reasons for that error, such as deleted AD account). This easily can happen if you use descriptive account names, ruled by naming conventions or common sense.

Keep reading if you want to know what’s going on here or skip description right to the solutions part.

Continue reading

SharePoint performance issues caused by high amount of unique permissions

Every SharePoint admin have heard or read at least once that it is a bad practice to assign unique permissions to individual items in SharePoint. Yes, it is not good for content manageability, but why else it can be bad?

Working on it

As the title says it harms performance of your SharePoint. So if you have performance issues keep reading to know if it is related to permissions.

Continue reading

Incoming emails are stuck in SharePoint 2010 server Drop folder

First symptoms

  • Emails sent to SharePoint library address don’t reach destination.
  • No error message returns to sender

What to check to identify the issue

  • Incoming email “Drop” folder on SharePoint WFE – all missing emails should be there, awaiting to be picked up by SharePoint
  • ULS logs has the following error with “E-mail” category:

    The Incoming E-Mail service has completed a batch. The elapsed time was 00:00:00.0156241. The service processed 4 message(s) in total. Errors occurred processing 4 message(s): Message ID: Message ID: Message ID: Message ID:

Resolution

It was hard to find it because of misleading info, so I post it here.

Update: the issue was fixed in May 2015 CU. Keep reading if you cannot install this CU, need temporary workaround or you are just naturally curious.

Continue reading

SharePoint 2010 Administration service fails to start

Symptoms

  • SharePoint 2010 Administration service cannot start after the server boot-up.
  • Windows event log contains the following error:

The service did not respond to the start or control request in a timely fashion. Error (7000, 7009)

  • SharePoint 2010 Administration service cannot be started manually in this case

Root cause

The issue is caused by automatic check for revoked certificates on the start of any .Net executable (SharePoint 2010 Administration service executable WSSAdmin.exe in this case). This check is performed by download an untrusted and trusted certificate trust lists (CTLs) from the Windows Update web service. If this download is not possible for some reason, service can fail to start because of the timeout. You can find some additional details in the KB2677070

Continue reading

File access issue after updating to Windows 8.1 with data deduplication enabled

Today I’ve updated my home PC to Windows 8.1. Windows setup gave me option to update saving all my software, documents and so on, so I took the easiest way.

Never expected trouble here, but after several reboots (OMG, here is the Start button! How to remove it again?!) I found that some shortcuts on my desktop lost their icons. Moreover, I couldn’t launch them! Actually, I couldn’t launch any program installed on my secondary disk drive. And my multimedia library located there is not accessible too! What’s going on?!!

All right, first of all I’ve checked NTFS permissions: my own user had retained all permissions, it’s still owner of all files and a member of Administrators group. Just in case, I’ve added CREATOR-OWNER user to ACL of the drive’s root, but it didn’t help. Also I’ve set the owner of the drive’s root to Administrators group (It was set to System and I wasn’t sure this is correct), but nothing helped. So what is the problem?
After some research I found the cause: this was the data deduplication which I enabled on my secondary drive couple of months ago! Unfortunately, I’ve lost link to the forum which helped me to identify this issue…

So the solution was to re-enable data deduplication feature (which is normally not available on the desktop Windows). You can easily find detailed instructions how to do this over the Internet (I used this post, thanks to weikingteh for this).

I hope this will help someone.