LDAP returned the error [32] Insufficient Rights when importing the transaction  Event ID 8270

Posted on 2009-04-21
Last Modified: 2012-05-06
I am getting this error below and I do not know how to stop it. I am running an Exchange Server 2003 SP1 and I can't see my default address list.

Event Type:      Error
Event Source:      MSExchangeAL
Event Category:      LDAP Operations
Event ID:      8270
Date:            4/21/2009
Time:            11:35:33 PM
User:            N/A
Computer:      MAIL
LDAP returned the error [32] Insufficient Rights when importing the transaction
dn: <GUID=B7A190D25FBA0B4387B8B5035130EE8F>
changetype: Modify
showInAddressBook:add:CN=Default Address List,CN=All Global Address Lists,CN=Address Lists Container,C...

For more information, click
Question by:janusnetworks

    Author Comment

    Outlook cleitns are also getting an error where they can't post directly to contacts or calender items
    LVL 17

    Expert Comment

    Right-click the user account, ->Properties -> Security tab-> check if Allow inheritable permissions from parent to propagate to this object check box is checkd or not

    Author Comment

    Sam that has been done already
    LVL 17

    Expert Comment

    go to Active Directory Users and Computers -  Click View , and then ensure that the Advanced Features check box is checked.  -->Right-click the domain object and click Properties-->Click the Security tab-->In the Name box, click the Exchange Enterprise Servers group.-Clik the Advanced buttn-> Scroll down and click the entry for the Exchange Enterprise Servers group that has Special permissions which apply to group objects=>View/Edit button=>locate the Modify Permissions attribute and click to select the check box in the Allow column=>Click OK until all the windows are closed.  
    LVL 2

    Expert Comment

    Try re-running setup /DomainPrep on the domain giving you trouble using your Exchange CD or installation files.

    If you have any Exchange 2007 servers in your organization, you will have to follow the instructions here:

    Make sure you have a Recipient Update Service for the domain in the Exchange System Manager (under Recipients --> Recipient Update Services), and that it is configured properly.

    Accepted Solution

    I moved users into a updated domain.

    Featured Post

    Want to promote your upcoming event?

    Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

    Join & Write a Comment

    Easy CSR creation in Exchange 2007,2010 and 2013
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now