Logotype

Join our community!

Get everything you need to start developing EPiServer solutions.

Problems logging into the CMS

Adam Moxley
Adam Moxley
February 16 2009, 17:23

I've installed EPiServer CMS 5 R2 SP1 on my maching (running Windows XP).

The demo templated are running fine in IIS and through Visual Studio, but I'm getting errors when trying to log into the actual CMS. I'm using my windows account username and password and am getting the following error:

Some or all identity references could not be translated.Exception Details: System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated.
Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[IdentityNotMappedException: Some or all identity references could not be translated.]
System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess) +7606192
System.Security.Principal.SecurityIdentifier.Translate(Type targetType) +100
EPiServer.Security.WindowsMembershipProvider.GroupNamesFromIdentity(WindowsIdentity identity, String[] deletePrefix) +259
EPiServer.Security.WindowsMembershipProvider.ValidateUser(String username, String password) +190
System.Web.UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs e) +60
System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e) +119
System.Web.UI.WebControls.Login.AttemptLogin() +115
System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +101
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +37
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +118
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +166
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565
 Can anyone help?

 



  • John Walsh EPiServer Certified Developer
    John Walsh
    April 19 2012, 17:21

    Is there any solution to this? I am getting it on a CMS 6 R2 installation when trying to use ActiveDirectory.

     

    [IdentityNotMappedException: Some or all identity references could not be translated.]
       System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess) +450
       System.Security.Principal.SecurityIdentifier.Translate(Type targetType) +350
       EPiServer.Security.WindowsMembershipProvider.GroupNamesFromIdentity(WindowsIdentity identity, String[] deletePrefix) +310
       EPiServer.Security.WindowsRoleProvider.GetRolesForUser(String username) +190
       System.Web.Security.RolePrincipal.IsInRole(String role) +263
       EPiServer.Security.WindowsAdministratorsRole.IsInVirtualRole(IPrincipal principal, Object context) +40
       EPiServer.Security.VirtualRolePrincipal.IsInVirtualRole(String role, SecurityEntityType type) +168
       EPiServer.Security.VirtualRolePrincipal.IsInRole(String role, SecurityEntityType type) +579
       EPiServer.Security.WindowsAdministratorsRole.IsInVirtualRole(IPrincipal principal, Object context) +40
       EPiServer.Security.VirtualRolePrincipal.IsInVirtualRole(String role, SecurityEntityType type) +168
       EPiServer.Security.VirtualRolePrincipal.IsInRole(String role, SecurityEntityType type) +579
       EPiServer.Security.AccessControlList.QueryAccess(IPrincipal principal, AccessLevel maxAccess) +288
       EPiServer.Security.AccessControlList.QueryDistinctAccess(IPrincipal principal, AccessLevel access) +20
       EPiServer.PageBase.GetPage(PageReference pageLink, ILanguageSelector selector) +389
       EPiServer.Web.PageExtensions.SaveCurrentPage.get_CurrentPage() +375
       EPiServer.PageBase.InitializeCulture() +116
       ASP.default_aspx.__BuildControlTree(default_aspx __ctrl) in \default.aspx:1
       ASP.default_aspx.FrameworkInitialize() in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\470b9cc4\f65ffcf\App_Web_xtm4foch.1.cs:0
       System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +72
       System.Web.UI.Page.ProcessRequest() +269
       System.Web.UI.Page.ProcessRequest(HttpContext context) +167
       ASP.default_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\470b9cc4\f65ffcf\App_Web_xtm4foch.1.cs:0
       System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +625
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +270

  • Johan Johansson EPiServer Certified Developer
    Johan Johansson
    April 19 2012, 19:33

    AD can be a real pain sometimes.. Especially with domain prefixes.. My guess would be Windows can't authenticate the username, it's either non-existing or can't contact the domain controller or the username is truncated or something, try these things:

    Is your username very long?

    Try to prefix your logon name with the domain name..

    Make sure you have access to the domain controller..

    See if the user logon name and the legacy field (pre-windows 2000) match, try both (with/without domain prefix).

  • johano EPiServer employee
    johano
    April 20 2012, 11:22
    Content is edited

    Hi

    By looking at the stacktraces you both get, I believe its one of the groups that the user belongs that cannot be translated by Windows.

    The groups that belongs to a WindowsIdentity are all in the form "S-1-2-3-4-5-nnn", which is not very friendly to the user, so a call to Translate()
    is made to get the more human readible name, like "Everyone".

    One of the logged in user's groups fail this Translate call, and to find _which_ group that is would require some debugging on the machine, either hooking up the debugger and set a breakpoint onb the IdentityNotMappedException. One could also setup the debugger to dump a memory dump
    and then inspect it later if this is on a production server and the problem is not reproducable on development machine.

    I'd be happy to assist you in continuing troubleshooting if yo want.

    /johan

  • John Walsh EPiServer Certified Developer
    John Walsh
    April 20 2012, 14:46

    For me it was much simpler than that.  I had a mismatch in my web.config.

    I was also using Multiplexor with ActiveDirectoryProvider first and WindowsProvider second. Removing the WindowsProvider made it work.

    So I just changed from Multiplexor to only go with ActiveDirectoryProvider and now all is good.

  • Johan Johansson EPiServer Certified Developer
    Johan Johansson
    April 20 2012, 14:50

    Haha I'm glad you got it sorted :)

  • John Walsh EPiServer Certified Developer
    John Walsh
    April 20 2012, 15:00

    i still wonder why the windowsprovidor wouldnt work as a 2nd providor. I had a local windows user i had been using up until connecting to the AD.