Hi Fabio,

Coukd you please check KB26990 and KB30343,it might help you.

Thanks

Jyothi

Hi Fabio,

The problem was caused by this account has never been presented to usrmapper for a UID assignment . It attempts to resolve through usrmapper because it fails to map a UID through the Data Mover's passwd file which is a "by name" resolution.  Since the user was never presented to usrmapper for UID assignment, resolution to an existing record fails.  Usrmapper cannot assign a new UID because the account no longer exists in the domain.  When the Data Mover goes to rewrite an ACL that has been modified, the unresolvable ace is seen as invalid.  This prevents the update of the ACL and presents to the user as "Unable to save permission changes on XXXXXX.  The security ID structure is invalid." error dialog box.

There are three distinct solutions:

• Recover the deleted account using an Active Directory tree restore operation.  See Microsoft documentation for how to perform a selective Active Directory restore.

• Use a third-party tool to clean up the orphaned SID from the affected Access Control Lists (ACLs).

• A special "setacl" process can be run against the affected file system.  Several parameters need to be set and the Data Mover rebooted prior to running the "setacl" process.  It may also be necessary to unmount/remount the file system involved.  This method is more disruptive than the above resolutions.  Contact the EMC Customer Support Center or your EMC Customer Service representative for technical assistance.