I currently have the below code to set an ACL permissions on a folder.
$Acl = Get-Acl $TextBox2.text
$Ar = New-Object System.Security.AccessControl.FileSystemAccessRule("domainname\$NameofgroupLCLM", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $TextBox2.text $Acl
$Textbox2.text has the network path of the folder in. I am currently trying to set it to the group stored in the variable $nameofgrouplclM but I get an error:
Exception calling "SetAccessRule" with "1" argument(s): "Some or all identity
references could not be translated."
At line:177 char:2
+ $Acl.SetAccessRule($Ar)
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
If I have "domainname\groupexample" in the code with no variable it goes through fine. I was wondering how I would use a variable in this bit of code?
Related
I want to add list items inside a SharePoint online list, so i run this command:-
$SiteUrl = "https://***.sharepoint.com/sites/t"
$ListName= "Child2"
Connect-PnPOnline -Url $SiteUrl -UseWebLogin
$Ctx = Get-PnPContext
#Get the list Item
$List=$Ctx.Web.Lists.GetByTitle($ListName)
$Import = Import-Csv -Path "C:\CSV\finaldelta3.csv"
for ($counter=0; $counter -lt $Import.Length; $counter++){
$ListItemInfo = New-Object Microsoft.SharePoint.Client.ListItemCreationInformation
$ListItem = $List.AddItem($ListItemInfo)
#Set Column Values
$ListItem["Title"] = "Hello World!"
#Apply changes to list
$ListItem.Update()
$Ctx.ExecuteQuery()
}
now on one tenant, i will not get any error, but the list item will not get created, while on another tenant i got this exception and also the item will not get created as well:-
Cannot convert argument "parameters", with value:
"Microsoft.SharePoint.Client.ListItemCreationInformation", for
"AddItem" to type
"Microsoft.SharePoint.Client.ListItemCreationInformation": "Cannot
convert the "Microsoft.SharePoint.Client.ListItemCreationInformation"
value of type
"Microsoft.SharePoint.Client.ListItemCreationInformation" to type
"Microsoft.SharePoint.Client.ListItemCreationInformation"." At line:4
char:1 + $ListItem = $List.AddItem($ListItemInfo) +
+ CategoryInfo : NotSpecified: (:) [], MethodException
+ FullyQualifiedErrorId : MethodArgumentConversionInvalidCastArgument
Cannot index into a null array. At line:7 char:1 + $ListItem["Title"] = "Hello World!"#$Import[$counter].'Caller Info' #
... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
You cannot call a method on a null-valued expression. At line:10 char:1 + $ListItem.Update() + ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
so any idea what is going on?
Thanks
Have you tried updating your SPO Management Shell:
https://www.microsoft.com/en-in/download/details.aspx?id=35588
And/or the SPO Client Component SDK:
https://www.microsoft.com/en-us/download/details.aspx?id=42038
I'm not sure if it is required by PnPOnline, but with SPOServices you need to load the assembly as well:
Add-Type -Path "$Env:ProgramFiles\Common Files\microsoft shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "$Env:ProgramFiles\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
Add-Type -Path "$Env:ProgramFiles\SharePoint Client Components\16.0\Assemblies\Microsoft.Online.SharePoint.Client.Tenant.dll"
Or alternatively:
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Client.Runtime") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.Online.SharePoint.Client.Tenant") | Out-Null
Personally, I start my script with
#Requires -Module Microsoft.Online.SharePoint.PowerShell
$sharepath = "C:\foldername"
$Acl = Get-ACL $SharePath
$AccessRule= New-Object System.Security.AccessControl.FileSystemAccessRule("everyone","full","ContainerInherit,Objectinherit","none","Allow")
$Acl.AddAccessRule($AccessRule)
Set-Acl $SharePath $Acl
This is the code I found when searching for answers however it did not work for me.
The error message I am getting:
At line:1 char:28
+$sharepath = "C:\Pictures" $Acl = Get-Acl $Sharepath $AccessRule= New ...
+ ~~~~~
Unexpected token '$Ac1' in expression or statement.
+ CategoryInfo :ParserError: (:) [], ParentContainsErrorRecordException
+FullyQualifiedErrorId : UnexpectedToken
Hi I am trying to connect to sharepoint online and publish calender using the data from a SQL Table and I am getting the following exception , please advise.The same code works fine with slight modification on a on prem sharepoint server I have added sharepointonline for the authentication but it is failing with the error.
[System.Reflection.Assembly]::LoadFile ("C:\MOSSLibrary\Microsoft.SharePoint.Client.dll") | Out-Null
[System.Reflection.Assembly]::LoadFile("C:\MOSSLibrary\Microsoft.SharePoint.Client.Runtime.dll") | Out-Null
$username = "XXXXXX"
$url = "XXXXXX"
$pass= cat C:\text.txt | ConvertTo-SecureString
$Context = New-Object Microsoft.SharePoint.Client.ClientContext($siteUrl)
$Creds = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($username,$Pass)
$Context.Credentials = $Creds
$web = $Context.Web
$Context.Load($web)
$Context.Load($splist)
$splist = $Context.web.Lists.GetByTitle("XXXX")
$ItemCreateInfo = New-Object Microsoft.SharePoint.Client.ListItemCreationInformation
####Some Data coming from SQL Server DB into $table########
$table = $result.Tables[0];
foreach ($row in $table)
{
Write-Host $row.Item("changetitle") $row.Item("status");
$Item1 = $splist.AddItem($ItemCreateInfo)
$Item1["Title"] = "test"
Write-host $date
$Item1.Update()
$Context.ExecuteQuery()
}
Exception
New-Object : A constructor was not found. Cannot find an appropriate
constructor for type Microsoft.SharePoint.Client.ClientContext. At
C:\MOSSLibrary\testingpublish.ps1:15 char:12 + $Context = New-Object
Microsoft.SharePoint.Client.ClientContext($site ... +
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [New-Object], PSArgumentException
+ FullyQualifiedErrorId : CannotFindAppropriateCtor,Microsoft.PowerShell.Commands.NewObjectCommand
The property 'Credentials' cannot be found on this object. Verify
that the property exists and can be set. At
C:\MOSSLibrary\testingpublish.ps1:17 char:1 + $Context.Credentials =
$Creds + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound You cannot call a method on a null-valued expression. At
C:\MOSSLibrary\testingpublish.ps1:20 char:1 + $Context.Load($web) +
~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull You cannot call a method on a null-valued expression. At
C:\MOSSLibrary\testingpublish.ps1:21 char:1 + $Context.Load($splist)
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull You cannot call a method on a null-valued expression. At
C:\MOSSLibrary\testingpublish.ps1:22 char:1 + $splist =
$Context.web.Lists.GetByTitle("XXXXXXX") +
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
It seems Assemblies are not loading correctly.
[System.Reflection.Assembly]::LoadFile ("C:\MOSSLibrary\Microsoft.SharePoint.Client.dll") | Out-Null
[System.Reflection.Assembly]::LoadFile("C:\MOSSLibrary\Microsoft.SharePoint.Client.Runtime.dll") | Out-Null
Instead of above, try following
Add-Type -Path "C:\MOSSLibrary\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\MOSSLibrary\Microsoft.SharePoint.Client.Runtime.dll"
PS: Make sure that C:\MOSSLibrary\ contains following two .dll's
Microsoft.SharePoint.Client.dll
Microsoft.SharePoint.Client.Runtime.dll
I try to set NTFS permissions for domainlocal groups via powershell.
therefore, I followed this tutorial:
https://technet.microsoft.com/en-us/library/ff730951.aspx
I adapt that code to create the code snippet below:
function set_NTFS_permissions ($group,$folder){
$rule = "" # Just to make sure its empty
$user_read = "gfo\"+$group+"_read"
#$read_permissions = #("ReadAndExecute","Synchronize")
$read_permissions = "ReadAndExecute,Synchronize"
$user_write = "gfo\"+$group+"_edit"
$write_permissions = "DeleteSubdirectoriesAndFiles,Write,ReadAndExecute,Synchronize"
$acl = get-acl $folder # Calls for current permissions
$acl.SetAccessRuleProtection($True,$True) # Protects inherit permissions (superior | inferior)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($user_read,$read_permissions,'ContainerInherit,ObjectInherit','None','Allow')
$acl.AddAccessRule($rule)
Set-Acl $folder $acl
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($user_write,$write_permissions,'ContainerInherit,ObjectInherit','None','Allow')
$acl.AddAccessRule($rule)
Set-Acl $folder $acl
}
$folder = '\\domain.local\path\path\path'
$group = 'DL_fs_path'
set_NTFS_permissions $group $folder
Get-Acl $folder | Format-List
This one works just fine.
My problem starts, when I use that function in another funtion.
There, I create several folders and groups (which works) and then I want to permit the groups to the folders.
To do this, I call the above funktion with some variables (which are transfered correctly ... Write-host them just before passing them to the function and then again at the beginning of the function.)
Ausnahme beim Aufrufen von "AddAccessRule" mit 1 Argument(en): "Some or all identity references could not be translated."
In C:\Scripts\filestruct.ps1:20 Zeichen:5
+ $acl.AddAccessRule($rule)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
Has anyone an idea, why it works when statics are passed, but not with variables?
I have a powershell script that can create multiple Active Directory users in one run. My issue is assigning ACL rights to the home directory. It seems to always work if there is only one user to create. When there are multiple, however, any account after the first may fail or may work. It's a very intermittent issue, although they seem to fail more than work.
Here is the code generating the ACL's:
Function CreateHomeDirectory{
$global:samAccountName = "myaccount"
$global:homeDirectory = "\\path\to\myaccount"
New-Item -Path $global:homeDirectory -Type Directory -Force
$Rights = [System.Security.AccessControl.FileSystemRights]::Read -bor [System.Security.AccessControl.FileSystemRights]::Write -bor [System.Security.AccessControl.FileSystemRights]::Modify -bor [System.Security.AccessControl.FileSystemRights]::FullControl
$Inherit = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [System.Security.AccessControl.InheritanceFlags]::ObjectInherit
$Propogation = [System.Security.AccessControl.PropagationFlags]::None
$Access = [System.Security.AccessControl.AccessControlType]::Allow
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($global:samAccountName,$Rights,$Inherit,$Propogation,$Access)
$ACL = Get-Acl $global:homeDirectory
$ACL.AddAccessRule($AccessRule)
$Account = new-object system.security.principal.NTAccount($global:samAccountName)
$ACL.setowner($Account)
$ACL.SetAccessRule($AccessRule)
Set-Acl $global:homeDirectory $ACL
Return
Here are the errors I am currently getting. They seem to change up from time to time, but I'd say these are pretty consistant:
Exception calling "AddAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
At H:\Scripts\Create.ps1:274 char:10
+ $ACL.AddAccessRule($AccessRule)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
Exception calling "SetOwner" with "1" argument(s): "Some or all identity references could not be translated."
At H:\Scripts\Create.ps1:276 char:10
+ $ACL.setowner($Account)
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
Exception calling "SetAccessRule" with "1" argument(s): "Some or all identity references could not be translated."
At H:\Scripts\Create.ps1:277 char:10
+ $ACL.SetAccessRule($AccessRule)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : IdentityNotMappedException
Spent hours on this and have gotten nowhere. Any suggestions would be appreciated.
According to the error "Some or all identity references could not be translated.", it looks like the user with such still not exist in the Directory (or in the Directory the computer is connected to) when you try to use it.
I would try to first look for the user in the directory before trying to use it. Check the value of $Account before using it.