Welcome: Guest!

Sharepoint 2010 Forum

 
Home » Forum » Sharepoint 2010       Ask a questionRSS Feeds

Error message of FAST Search 2010 post-installation: "Could not set access rights on certificat

  Asked By: Deepak Bharti         Date: May 16, 2010      Category: Sharepoint 2010      Views: 634
 

I followed the TechNet article to setup a FAST Search 2010 for SharePoint
2010
technet.microsoft.com/en-us/library/ff381261.aspx

When I execute the following command on my SharePoint server
..\SecureFASTSearchConnector.ps1 -certPath "path of the
certificate\certificatename.pfx" -ssaName "name of your content
SSA" -username "domain\username"

An error message displayed.
-----------------------------------------------------------------
Enter the certificate password: ************
Installed certificate.
Could not set access rights on certificates private keys. Script can be
rerun to only set access rights when reason for error is detected.
Some or all identity references could not be translated.
At C:\FASTCert\securefastsearchconnector.ps1:161 char:21
+ $acl.AddAccessRule <<<< ($accessrule)
+ CategoryInfo : NotSpecified: (:) [],
IdentityNotMappedException
+ FullyQualifiedErrorId : DotNetMethodException
-----------------------------------------------------------------

My testing environment is as follows:
1 AD server
1 SQL server
1 SPS 2010 WFE
1 SPS 2010 App (indexing, excel services... etc.)
1 FAST 2010

I've setup 2 AD accounts for running SPS and FAST services, these 2 accounts
also have admin right on each server (except AD server).
1 account is used for Central Admin App Pool and SPS Timer... (it should not
need local admin right). Another account is used for FAST search services
and SPS intranet site's app pool.

I also tried to use these 2 accounts' name to execute the
SecureFASTSearchConnector.ps1 command. However, I got the same error.

Tagged:                              

 

1 Answer Found

 
Answer #1       Answered By: Gurjit Singh          Answered On: Jun 03, 2011       

Hi,
You can put debug messages within the code using
Write-Host.

I discovered that we were using $ symbol in the account id. And this is a special character in Powershell. precede all special characters in the SSAName and account name with ` and your command should work fine.

Hope this helps.

 


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011