Powershell ACL failing

0

Errors when running my code below to add Modify access to a folder. I've seen that a common solution is ensuring the AD user exists. I have double check all users I use exists, but continue to get the error below.

Set-Acl : Some or all identity references could not be translated.
At line:113 char:12
+     $acl | Set-Acl -Path $folder  -Verbose
+            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (\\DEFRNETCLU001...ta\Projects\ABC:String) [Set-Acl], IdentityNotMappedException
    + FullyQualifiedErrorId : System.Security.Principal.IdentityNotMappedException,Microsoft.PowerShell.Commands.SetAclCommand

Param ( 
        [Parameter (Mandatory=$true)] [STRING] $region,
        [Parameter (Mandatory=$true)] [STRING] $ProjectCode
        )

#----------------------------
    #Configuring the new Modify Access Rule to the ACL
    $Rights = [System.Security.AccessControl.FileSystemRights]"Modify"

    #Define the ACL Inheritance and Propagation arguments
    $InheritFlag = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"

    $PropFlag = [System.Security.AccessControl.PropagationFlags]::None

    # Define the ACL Type
    $AccessCntlType = [System.Security.AccessControl.AccessControlType]::Allow

    # Define the ACL User argument
    $DataGrp = New-Object System.Security.Principal.NTAccount("GP_" + $ProjectName + "_COG_ADMN_LCL")

$folder = "\\"+$region+"NETCLU001_data.aws.example.com\Cognos_Analytics_Prod\Project_Data\Projects\"+$ProjectName
if(Test-Path -Path $folder){
     Write-Host ("Folder security changes will be apply to " + $ProjectName)


    Write-Output($folder)
    #Retrieve the current ACL of the $ProjectFolder 
    $acl = Get-Acl -Path $folder

    #$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ($DataGrp, $Rights, $InheritFlag, $PropFlag, $AccessCntlType)
    $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ($DataGrp, $Rights, $InheritFlag, $PropFlag, $AccessCntlType)


    #Setting the new access rule to the ACL
    $acl.AddAccessRule($AccessRule)    #AddAccessRule

    #Save changes defining the $ProjectFolder ACL
    $acl | Set-Acl -Path $folder  -Verbose

    #Check if new entry was added 
    Write-Host("Below you can see the permission list for folder " + $ProjectName)

    Get-Acl $folder | fl 
     }
else{
     Write-Host ("Project folder " + $ProjectName +"does not exists in " + $Projects)
   }

Jess Torres

Posted 2019-11-27T03:35:03.803

Reputation: 13

Which version of Windows are you running? – user1173240 – 2019-11-27T03:48:37.523

@user1173240 Windows 10 – Jess Torres – 2019-11-27T03:53:57.120

No answers

Asked: 2019-11-27T03:35:03.803

Viewed: 48 times

Active: 2019-11-27T12:16:45.323