none
Exchange 2010 remove mailbox INSUFF_ACCESS_RIGHTS RRS feed

  • Question

  • Dear All

    We are using Exchange 2010.  We hold an domain and child-domain.  When today I tried to remove one of a mailbox from child domain.  It showed below message:-

     

    Active Directory operation failed on “child-domain controller”. This error is not retriable. Additional information: Access is denied.

    Active directory response: 00000005: SecErr: DSID-031520B2, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

    I searched several web-site about this error before.  They told me to find the user object. and at Security tab > abvance to inherit parent permission.   I checked that option is already applied.  I have no idea to solve this problem. Anyone can help?

    Wednesday, October 3, 2012 10:27 AM

Answers

  • Hi,

    The account you are using must have permissions in the child domain - I guess that account operator is the minimum permissions needed.

    Leif

    Wednesday, October 3, 2012 12:07 PM
  • I found the solution

    log on to your domain controller open ADUC , ( AD User snap in ) , click view and make sure Advance futures turned on. Locate the problem user, go to properties , click on object tab, clear the check mark where it says " Protect object from accidental
    deletion" close the user account , go back to your Exchange server try to delete it now.

    Thursday, October 4, 2012 2:40 AM

All replies

  • Hi,

    The account you are using must have permissions in the child domain - I guess that account operator is the minimum permissions needed.

    Leif

    Wednesday, October 3, 2012 12:07 PM
  • Hi Leif

    I am using parent domain administrator to execute the remove mailbox action. what minimum permission is needed at child domain, can you specify that? Many thanks.

    Thursday, October 4, 2012 2:30 AM
  • I found the solution

    log on to your domain controller open ADUC , ( AD User snap in ) , click view and make sure Advance futures turned on. Locate the problem user, go to properties , click on object tab, clear the check mark where it says " Protect object from accidental
    deletion" close the user account , go back to your Exchange server try to delete it now.

    Thursday, October 4, 2012 2:40 AM
  • I Have the same issue and getting error;

    Active Directory operation failed on GGN.VIVA.COM. This error is not retriable. Additional information: Access is denied.
    Active directory response: 00000005: SecErr: DSID-031520B2, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

    I have already check and clear the "Protect object from accidental deletion"  but still no able to remove user from exchange console.

    Please help to troubleshoot the issue.

    • Proposed as answer by Kapil_Vats Wednesday, October 1, 2014 11:50 AM
    Monday, September 15, 2014 10:26 AM