locked
Adding New Mailbox failing in Exchange 2010 RRS feed

  • Question

  • I am attempting to add a new mailbox using a script generated by Cisco Unity. When I run the script I receive:

    Active Directory operation failed on hobbes.rockwall.genesta.com. This error is not retriable. Additional information:

    Access is denied.

    Active directory response: 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

        + CategoryInfo          : NotSpecified: (0:Int32) [New-Mailbox], ADOperationException

        + FullyQualifiedErrorId : 1F5ED462,Microsoft.Exchange.Management.RecipientTasks.NewMailbox

    I have double and triple-checked the Inherit permissions check box on my account and all is there. I am at my wits end and I have a non-functioning phone system now because I cannot add a certain user to finish setup of Cisco Unity.

    Please help!!!!

    Sunday, May 15, 2011 3:24 PM

Answers

  • Hi,

    Before you new a mailbox, the account should be added to the Exchange 2010 Organization Management role group.

    Add-RoleGroupMember -Identity "Organization Management" -Member "AccountName"

    please refer to Recipient Provisioning Permissions in the link: http://technet.microsoft.com/en-us/library/dd638132.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Novak Wu Friday, May 27, 2011 9:06 AM
    Tuesday, May 17, 2011 8:03 AM

All replies

  • cmdlet used for administer Exchange 2010 dont use AD permissons, they go through the RBAC filter. http://technet.microsoft.com/en-us/library/dd298183.aspx

    What group is the account member of that is used when creating mailboxes?

     


    lasse at humandata dot se, http://anewmessagehasarrived.blogspot.com
    Sunday, May 15, 2011 5:40 PM
  • Also try running your script or the shell it's running in whether powershell or cmd as administrator or specify your account.
    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
    Monday, May 16, 2011 5:09 PM
  • Hi,

    Before you new a mailbox, the account should be added to the Exchange 2010 Organization Management role group.

    Add-RoleGroupMember -Identity "Organization Management" -Member "AccountName"

    please refer to Recipient Provisioning Permissions in the link: http://technet.microsoft.com/en-us/library/dd638132.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Novak Wu Friday, May 27, 2011 9:06 AM
    Tuesday, May 17, 2011 8:03 AM