Add-NTFSAccess after creating new user

Feb 22, 2016 at 3:09 PM
Is there any way to force Add-NTFSAccess to look at a particular domain controller for account translation? I encountered an issue where after creating a new user, and then trying to create a home directory and add an access rule for the user, the account cannot be found:
Cannot bind parameter 'Account'. Cannot convert value '[domain\username]' to type 'Security2.IdentityReference2'. Error: 'Some or all identity references could not be translated.'
My guess is that it looks at a "wrong" domain controller. I create the user targeting DC-A, and I cannot tell which DC Security2 targets. Or perhaps I need to add a Start-Sleep to my script to give it a bit of time? The script runs and targets a particular DC in the same AD site.

Thank you for such a great module!
Feb 26, 2016 at 3:34 AM
I resolved my issue by using the SID value returned from my New-ADUser -PassThru command.
$user = New-ADUser -PassThru
Add-NTFSAccess -Account $user.SID.Value
Marked as answer by claussen on 2/25/2016 at 8:34 PM
Feb 26, 2016 at 8:41 AM
Sorry for not replying earlier. As far as I remember the API that I am using internally does not provide an option for defining a domain controller. The solution that you have found sounds perfect to me.