Sharepoint 2010 Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint 2010       RSS Feeds

Error message of FAST Search 2010 post-installation: "Could not set access rights on certificat

  Asked By: Deepak    Date: May 16    Category: Sharepoint 2010    Views: 1992

I followed the TechNet article to setup a FAST Search 2010 for SharePoint

When I execute the following command on my SharePoint server
..\SecureFASTSearchConnector.ps1 -certPath "path of the
certificate\certificatename.pfx" -ssaName "name of your content
SSA" -username "domain\username"

An error message displayed.
Enter the certificate password: ************
Installed certificate.
Could not set access rights on certificates private keys. Script can be
rerun to only set access rights when reason for error is detected.
Some or all identity references could not be translated.
At C:\FASTCert\securefastsearchconnector.ps1:161 char:21
+ $acl.AddAccessRule <<<< ($accessrule)
+ CategoryInfo : NotSpecified: (:) [],
+ FullyQualifiedErrorId : DotNetMethodException

My testing environment is as follows:
1 AD server
1 SQL server
1 SPS 2010 WFE
1 SPS 2010 App (indexing, excel services... etc.)
1 FAST 2010

I've setup 2 AD accounts for running SPS and FAST services, these 2 accounts
also have admin right on each server (except AD server).
1 account is used for Central Admin App Pool and SPS Timer... (it should not
need local admin right). Another account is used for FAST search services
and SPS intranet site's app pool.

I also tried to use these 2 accounts' name to execute the
SecureFASTSearchConnector.ps1 command. However, I got the same error.



1 Answer Found

Answer #1    Answered By: Gurjit Singh     Answered On: Jun 03

You can put debug messages within the code using

I discovered that we were using $ symbol in the account id. And this is a special character in Powershell. precede all special characters in the SSAName and account name with ` and your command should work fine.

Hope this helps.