Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2165
  • Last Modified:

MSExchangeAL : Event ID: 8315 & 8270


I am just implementing Exchange 2003 into our organisation. Our test install all worked fine but in our Live implementation we are getting these errors.

Event Type:      Warning
Event Source:      MSExchangeAL
Event Category:      Address List Synchronization
Event ID:      8315
Date:            11/18/2008
Time:            9:26:06 AM
User:            N/A
Computer:      SRV2
The service could not update the entry 'CN=James,OU=IT,OU=xxx,DC=xxx,DC=private' because inheritable permissions are not propagated to this object. The inheritable permissions may be disabled because the object belongs to a Windows 2000 administrative group or the inheritable permissions were disable explicitly by an administrator. DC=drpgroup,DC=private

For more information, click http://www.microsoft.com/contentredirect.asp.


Event Type:      Error
Event Source:      MSExchangeAL
Event Category:      LDAP Operations
Event ID:      8270
Date:            11/18/2008
Time:            9:26:06 AM
User:            N/A
Computer:      SRV2
LDAP returned the error [32] Insufficient Rights when importing the transaction
dn: <GUID=1F66A2DBBC2A114EBF16678D6C58295F>
changetype: Modify
textEncodedORAddress:c=US;a= ;p=xxx;o=Exchange;s=Hurley;g=James;
: X400:c=US;a= ;p=xxx;o=Exchange;s=Hurley;g=James;
: smtp:JHurley@domain.private

For more information, click http://www.microsoft.com/contentredirect.asp.

I have looked at the following link http://support.microsoft.com/kb/254030 but all of our inheritable permission are already checked...

What now? any help would be much apprecited.

Other Info - Server 1 is DC, DHCP, DNS & AD
Server 2 is Exchange 2003

James Hurley
James Hurley
1 Solution
James HurleyIT ManagerAuthor Commented:
On further investigation this is only happening for one user (me). What i wanted to do was only add 3 mailboxes to test integration into our domain. The other two mailboxes have created with no problems.
Corcoran SmithCommented:
If you turn on 'advanced features' in AD Users and Computers, click on the User properties that you're having an issue with - click the SECURITY tab - click on 'advanced' and check inherited permissions there.

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now