Users not being resolved after identity cache refresh
kbt129986
PRODUCTIssue
After we added new users from new domains these specific users were not being resolved after the identity cache has refreshed.Symptoms
The users were part of multiple domains and these domains were part of the role in it and the domains all had a two-way trust. These users could also be resolved via the AD and UMuser smo's but only after manually refreshing each user. We noticed the following errors in the ADUM logs for these specific users when the K2 cache refreshed after 8 hours:
"2017-06-28 15:58:48::588", "Error", "ResolveNestedGroups", "Failed to translate name: DomainGroup", " at SourceCode.Security.ADManager.Secur32.TranslateNameToDN(String name) at SourceCode.Security.ADManager.K2UserManager2.ResolveNestedGroups(String name, ArrayList& parentGroupCollection)", "Additional Information: ", "ResolveNestedGroups(DomainGroup)"
The issue was due to how we resolve nested groups when users are part of groups from multiple domains.