Active Directory operation failed on *DomainController*. This error is not retriable. Additional information: Insufficient access rights to perform the operation.

Hi;

We came across an error today when we were trying to move a mailbox from Exchange 2007 onto Exchange 2010 or Exchange 2010 mailbox delete which was stopping us moving the mailbox.

Error: 

Active Directory operation failed on *DomainController*. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150E8A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:
’*OUStructure*’ | New-MoveRequest -TargetDatabase ‘Mailbox Database 1985885663′ -BadItemLimit ‘-1′

 

Resolution 1

 Open Active Directory Users and Computers

  • Find the user of which the mailbox move caused the error
  • Open up the properties of this user and go to the security tab (if this is not available, choose view and then advanced features in the AD users and computers MMC)
  • Click on [Advanced]
  • Activate the checkbox “Include inheritable permissions from this object’s parent” and then click [OK] twice.

 

Resolution 2 : If you are using Office Communicator. The following actions will resolve your question

  • Open Run
  • Adsiedit.msc
  • User properties
  • RTC values check
  • Clear RTC Values
OCS RTC Active Directory operation failed on *DomainController*. This error is not retriable. Additional information: Insufficient access rights to perform the operation.