In one of my projects I have recently ran into interesting issue.
We have number of services configured and running without issues. All at once, one day, we cannot access Central Admin > Manage Service Applications page and our Performance Point service stopped working.
We get “The specified user or domain group was not found”.
In logs, I found:
SPAce PrincipalName XXXuser cannot be resolved. This ACE will not be effective. System.Security.Principal.IdentityNotMappedException: Some or all identity references could not be translated. at System.Security.Principal.SecurityIdentifier.Translate(IdentityReferenceCollection sourceSids, Type targetType, Boolean forceSuccess) at System.Security.Principal.SecurityIdentifier.Translate(Type targetType) at Microsoft.SharePoint.Administration.SPAce`1.get_PrincipalName()
And yes, this AD user was recently removed from Active Directory,
To resolve the issue I found this post very usefull: http://architectevangelist.wordpress.com/2010/12/07/sharepoint-2010-the-specified-user-or-domain-group-was-not-found/
The only problem was that in my case running Get-SPServiceApplication was erroring, I could not figure which service is causing the problem.
Then I used this query
SELECT [Name], [Version],CAST([Properties] asxml)as ‘xml2′ From [sharepoint_configuration][dbo].[Objects] with (nolock) where Properties like ‘%user%’
This way, I found that this user is administrator of secure store service. But there is no way to remove him from being administrator if I cannot access service properties (because of this error)
So the only way is to bring back deleted account, then delete it from any service Administrators lists.