In a recent task i struggled with that error when calling an AIF http service. It would work from visual studios internal casini browser but when the client was deployed to IIS the error “ Some or all identity references could not be translated.” would display in the AIF exception log.
It was not possible to set up proper debugging in a timely manner so a little fix was created in order to being able to see why the error was being thrown.
Analyzing the labelid’s it turned out that the error with that labelid would only be thrown from one single location data dictionary/tables/AifPortUser. From there a call to to AifUtil::getWindowsUserSid(windowsUser) would occur causing the exception to be thrown. So the interesting thing would be to analyze what windows user actually was submitted by the client. In order to do that the AifUtil::getWindowsUserSid was modified in order to write the domain, alias and usersid to a text file:
fileio = new FileIOPermission(@"C:\test\", #io_append);
textIo = new TextIo(@"C:\test\textIOtest.txt", #IO_WRITE);
textIo.write("domain: " + domain + "\n");
textIo.write("alias: " + alias + "\n");
textIo.write("userSid: " + userSid + "\n");
That little snipped showed that the identity of the default apppool was submitted and not the actual windows user. Changing the apppool identity fixed the problem.