New Exchange 2010 server in Exchange 2003 network - Access Denied when trying to create EX2010 Mailbox

Status
Not open for further replies.
C

Cary Fields



Hello,

I just finished creating my first EX2010 server (CAS/HUB/MB) in my existing EX2003 environment. Setup went pretty smooth. The first thing I did once I got it up is tried to create a mailbox from the EX2010 EMC. I did some searching, and a few people have something similar, but with no solutions that I could find. I have 3 domain controllers, all Win2008. The Dom/Forrest is Win2008 level.

Here are the errors. First is the EMC error, the next is the event log error. The test user I tried to create was called "Exchange Test". The user I am logged in as is the domain admin account, "Administrator". Anyone have any ideas?

Summary: 1 item(s). 0 succeeded, 1 failed.

Elapsed time: 00:00:10

Exchange Test

Failed

Error:

Active Directory operation failed on DC2.cityofcorona.net . This error is not retriable. Additional information: Access is denied.

Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:

New-Mailbox -Name 'Exchange Test' -Alias 'ExchangeTest' -OrganizationalUnit 'cityofcorona.net/IT ' -UserPrincipalName 'ExchangeTest@cityofcorona.net ' -SamAccountName 'ExchangeTest' -FirstName 'Exchange' -Initials '' -LastName 'Test' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false

Elapsed Time: 00:00:10

Application Event Log:

Log Name: Application
Source: MSExchange Configuration Cmdlet - Remote Management
Date: 8/2/2010 4:43:39 PM
Event ID: 4
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: EXWEB.cityofcorona.net
Description:
(PID 3436, Thread 13) Task New-Mailbox writing error when processing record of index 0. Error: Microsoft.Exchange.Data.

Directory.ADOperationException: Active Directory operation failed on DC2.cityofcorona.net . This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
---> System.DirectoryServices.Protocols.DirectoryOperationException: The user has insufficient access rights.
at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, IAccountingObject budget)
at Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException)
--- End of inner exception stack trace - at Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
at Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException)
at Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
at Microsoft.Exchange.Data.Directory.Recipient.ADRecipientSession.Microsoft.Exchange.Data.IConfigDataProvider.Save(IConfigurable instance)
at Microsoft.Exchange.Management.RecipientTasks.NewUserBase.InternalProcessRecord()
at Microsoft.Exchange.Management.RecipientTasks.NewMailboxBase.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.ProcessRecord()
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event ">
<System>
<Provider Name="MSExchange Configuration Cmdlet - Remote Management" />
<EventID Qualifiers="49152">4</EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2010-08-02T23:43:39.000000000Z" />
<EventRecordID>1662</EventRecordID>
<Channel>Application</Channel>
<Computer>EXWEB.cityofcorona.net </Computer>
<Security />
</System>
<EventData>
<Data>3436</Data>
<Data>13</Data>
<Data>New-Mailbox</Data>
<Data>0</Data>
<Data>Microsoft.Exchange.Data.Directory.ADOperationException: Active Directory operation failed on DC2.cityofcorona.net . This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
---&gt; System.DirectoryServices.Protocols.DirectoryOperationException: The user has insufficient access rights.
at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, IAccountingObject budget)
at Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException)
--- End of inner exception stack trace - at Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
at Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException)
at Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
at Microsoft.Exchange.Data.Directory.Recipient.ADRecipientSession.Microsoft.Exchange.Data.IConfigDataProvider.Save(IConfigurable instance)
at Microsoft.Exchange.Management.RecipientTasks.NewUserBase.InternalProcessRecord()
at Microsoft.Exchange.Management.RecipientTasks.NewMailboxBase.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.ProcessRecord()</Data>
<Data>{80701c82-74fb-4b5a-89a3-f06cd62dad28}</Data>
</EventData>
</Event>
 
Status
Not open for further replies.
Top