Some or all identity references could not be translated.


What is the Managed Accounts feature? What are Managed Accounts? A TechNet article on SharePoint 2013 Managed Accounts describes what managed accounts are/is: “Automatic password change enables SharePoint 2013 to automatically generate long, cryptographically-strong passwords on a schedule that you can determine.” In essence, the Managed Account feature enables SharePoint to modify the password(s) of a domain service account(s) that is being used by SharePoint before the password expires.

 

Symptoms
You get the error “Some or all identity references could not be translated” when trying to browse to Configure Service Accounts in Central Administration.

 

Some or all identity references could not be translated

 

From the ULS logs, you can see the following:

System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated

 

Cause
In our case, for some reason, SharePoint was unable to resolve one or more managed accounts with Active Directory. A good percentage of the time, the associated AD account has been deleted or modified, but the managed account is not.

 

Resolution
Open SharePoint 2010 Management Shell with administrative privileges. To identify the affected account, run:

Get-SPManagedAccount

You should see one or more accounts without an entry in the “PasswordExpiration” column. I found two of them. To get things moving again, you have to remove the account(s) off of SharePoint so it doesn’t try to manage them.

$ma = Get-SPManagedAccount <account>
$ma.Delete()

Have Fun SharePoint-ing!


Comments (0)

Skip to main content