Some or all identity references could not be translated

[thesutex]

when using IIS, creating apppools and deleting these creates SIDs that cant be translated, so the entire DSC part of "user rights assignment" fails when one SID (i.e. deleted default apppool) remains in the security policies like local policies\user rights assignment\Generate security audits

before deletion of apppool:

after deletion of apppool (and after reboot):

then DSC config (user rights assignment portion) fails due to :

Error Message: Exception calling "Translate" with "1" argument(s): "Some or all identity references could not be translated." Message ID: IdentityNotMappedException

the values that contains these SIDs in local policy \ user rights assignment is -Adjust memory quotas for a process -Generate security audits -Log on as a service -Replace a process level token

And these values I dont set in my DSC policy, but as said all my policies fails because these ones has invalid / orphaned SIDs.

is there a way go get DSC module to ignore SIDs it cant translate? if not how are one suppose to use this with IIS?

[thesutex]

latest version of module fixed this