MSExchangeAL : Event ID: 8315 & 8270


I am just implementing Exchange 2003 into our organisation. Our test install all worked fine but in our Live implementation we are getting these errors.

Event Type:      Warning
Event Source:      MSExchangeAL
Event Category:      Address List Synchronization
Event ID:      8315
Date:            11/18/2008
Time:            9:26:06 AM
User:            N/A
Computer:      SRV2
The service could not update the entry 'CN=James,OU=IT,OU=xxx,DC=xxx,DC=private' because inheritable permissions are not propagated to this object. The inheritable permissions may be disabled because the object belongs to a Windows 2000 administrative group or the inheritable permissions were disable explicitly by an administrator. DC=drpgroup,DC=private

For more information, click


Event Type:      Error
Event Source:      MSExchangeAL
Event Category:      LDAP Operations
Event ID:      8270
Date:            11/18/2008
Time:            9:26:06 AM
User:            N/A
Computer:      SRV2
LDAP returned the error [32] Insufficient Rights when importing the transaction
dn: <GUID=1F66A2DBBC2A114EBF16678D6C58295F>
changetype: Modify
textEncodedORAddress:c=US;a= ;p=xxx;o=Exchange;s=Hurley;g=James;
: X400:c=US;a= ;p=xxx;o=Exchange;s=Hurley;g=James;
: smtp:JHurley@domain.private

For more information, click

I have looked at the following link but all of our inheritable permission are already checked...

What now? any help would be much apprecited.

Other Info - Server 1 is DC, DHCP, DNS & AD
Server 2 is Exchange 2003

James HurleyIT ManagerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

James HurleyIT ManagerAuthor Commented:
On further investigation this is only happening for one user (me). What i wanted to do was only add 3 mailboxes to test integration into our domain. The other two mailboxes have created with no problems.
Corcoran SmithCommented:
If you turn on 'advanced features' in AD Users and Computers, click on the User properties that you're having an issue with - click the SECURITY tab - click on 'advanced' and check inherited permissions there.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.