Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Error when login into OWA

Posted on 2007-10-17
9
Medium Priority
?
627 Views
Last Modified: 2009-02-05
I have a user that when they try to log into OUlook Web they generate this erro after they login.

Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.

Call stack

Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on US-NJ-DC1.us.adler.corp. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Call stack

Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32& retries, Int32 maxRetries)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()

Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: The user has insufficient access rights.

Call stack

System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
0
Comment
Question by:zito2000
  • 4
  • 4
9 Comments
 
LVL 16

Expert Comment

by:2PiFL
ID: 20096039
what browser are they using?
0
 

Author Comment

by:zito2000
ID: 20096252
Internet Explorer 6.0
0
 
LVL 16

Expert Comment

by:2PiFL
ID: 20096401
Is the user Enabled for "Outlook Mobile Access" (on the Exchange Features tab in AD).

Also, does the user account have a non blank password?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:zito2000
ID: 20096508
The user is enabled for Outlook web access and the user does have a password for the account
0
 
LVL 16

Expert Comment

by:2PiFL
ID: 20096549

It's a rights issue - is this a new account?  Has it ever worked?
0
 

Author Comment

by:zito2000
ID: 20096588
This is not a new account.  It has worked before Exchange 2007 was put in place.
0
 
LVL 16

Accepted Solution

by:
2PiFL earned 1000 total points
ID: 20100737
Try this:

If your Exchange 2007 OWA is failing for a user after the mailbox is migrated from
Exchange 2003 to Exchange 2007, the user account should be checked on the security
tab under advanced to see if it has "Allow inheritable permissions from the parent
to propagate to this object and all child objects. Include these with entries explicitly
defined here."

   1.      Open up Active Directory Users and Computers
   2.      Go to the View menu, Advanced.
   3.   Locate the user in AD, right click, properties.  Jump to the security tab.
   4.  Click "Advanced" next to the "For special permissions or for advanced settings, click
     Advanced.
   5.      Click "Allow inheritable permissions from the parent to propagate to this object and
      all child objects. Include these with entries explicitly defined here." Check box
      and apply.
   6.      Click OK and OK again.

Once changed and replicated OWA works. This is checked by default but is turned off
for accounts with administrative privileges.
 
 
 
0
 

Author Comment

by:zito2000
ID: 20101219
Thanks for the info.  That worked right on the money.
0
 
LVL 1

Expert Comment

by:trivalent
ID: 23563114
Same issue for us - solution works.  Wierd!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question