sdawe70
asked on
Exchnage 2010 Installation Error
I am trying to transition from exchange 2003 to 2010
I have a Windows 2003 sp2 domain
Exchange 2003 is in native mode and my forest and domain are at 2003 level
from my new Exchange 2010 box (Windows 2008 R2)
I ran setup /prepareAD no problem
however When I come to actuall iinstall Exchange 2010 I get an AD permissions error
I am logged in as the domain administrator
He is the error from the exchange setup log file:
The following 1 error(s) occurred during task execution:
[04/16/2010 13:39:32.0440] [1] 0. ErrorRecord: Active Directory operation failed on lanier01.laniertech.edu. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
[04/16/2010 13:39:32.0440] [1] 0. ErrorRecord: Microsoft.Exchange.Data.Di
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
---> System.DirectoryServices.P
at System.DirectoryServices.P
at System.DirectoryServices.P
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
--- End of inner exception stack trace ---
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Managem
at Microsoft.Exchange.Configu
[04/16/2010 13:39:32.0440] [1] [ERROR] The following error was generated when "$error.Clear(); initialize-AdminGroupPermi
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
[04/16/2010 13:39:32.0440] [1] [ERROR] Active Directory operation failed on lanier01.laniertech.edu. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
[04/16/2010 13:39:32.0440] [1] [ERROR] The user has insufficient access rights.
Any ideas would be helpful
Steve
I have a Windows 2003 sp2 domain
Exchange 2003 is in native mode and my forest and domain are at 2003 level
from my new Exchange 2010 box (Windows 2008 R2)
I ran setup /prepareAD no problem
however When I come to actuall iinstall Exchange 2010 I get an AD permissions error
I am logged in as the domain administrator
He is the error from the exchange setup log file:
The following 1 error(s) occurred during task execution:
[04/16/2010 13:39:32.0440] [1] 0. ErrorRecord: Active Directory operation failed on lanier01.laniertech.edu. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
[04/16/2010 13:39:32.0440] [1] 0. ErrorRecord: Microsoft.Exchange.Data.Di
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
---> System.DirectoryServices.P
at System.DirectoryServices.P
at System.DirectoryServices.P
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
--- End of inner exception stack trace ---
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Data.Di
at Microsoft.Exchange.Managem
at Microsoft.Exchange.Configu
[04/16/2010 13:39:32.0440] [1] [ERROR] The following error was generated when "$error.Clear(); initialize-AdminGroupPermi
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".
[04/16/2010 13:39:32.0440] [1] [ERROR] Active Directory operation failed on lanier01.laniertech.edu. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
[04/16/2010 13:39:32.0440] [1] [ERROR] The user has insufficient access rights.
Any ideas would be helpful
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Is your user member of schema admins? Also make sure that your user be member of Exchange Organization Administration group.
ASKER
I am using the domain administrator account to do the install
I checked and it is a member of the exchange org admin group and the schema admin group
i am still getting the same error
I checked and it is a member of the exchange org admin group and the schema admin group
i am still getting the same error
go to the domain controller computer account, security tab, and give enterprise and domain admins full control (if they already have it post the result)
ASKER
they already have access to the domain controller computer account
Someone might of mucked with the AD permissions...you might want to run a reset to set back to default then run perpare again
http://www.windowsitpro.com/article/permissions/q-how-can-i-reset-the-default-permissions-on-an-active-directory-ad-object-100913.aspx
http://www.windowsitpro.com/article/permissions/q-how-can-i-reset-the-default-permissions-on-an-active-directory-ad-object-100913.aspx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have tried all this and it still did not work.
I have called MS tech support. The Exchange team went t hrough AD and nothhing has worked at this point. THey transfered me to the AD team and we are still working on it.
We have done everything from rebuilding the Exchange 2010 box to manual adding all permission throughout AD to creatong a new user with the installation permission.
setup /preparead still failing at 26%
I have called MS tech support. The Exchange team went t hrough AD and nothhing has worked at this point. THey transfered me to the AD team and we are still working on it.
We have done everything from rebuilding the Exchange 2010 box to manual adding all permission throughout AD to creatong a new user with the installation permission.
setup /preparead still failing at 26%
keep us posted! :)
ASKER
The Solution:
Apparently inthe actual public folders themseleves, a deny access had been placed on the administrator account. Becuase the public folder could not be read PrepareAD failed, even though the permissions in ADSI edit looked correct the explicit deny on the public folder itself stopped the process from working.
Apparently inthe actual public folders themseleves, a deny access had been placed on the administrator account. Becuase the public folder could not be read PrepareAD failed, even though the permissions in ADSI edit looked correct the explicit deny on the public folder itself stopped the process from working.
ASKER
THis solution was not complete but the permissions issue while not in AD was in the public folders.
A B was given because I want to award credit were due but none where fully correct because we were looking at permissions in the wrong place. See my last post for the solution from MS tech support.
A B was given because I want to award credit were due but none where fully correct because we were looking at permissions in the wrong place. See my last post for the solution from MS tech support.
ASKER
Now when i try tp run set /preparead I get the same error:
Configuring Microsoft Exchange Server
Organization Preparation ......................... FAILED
The following error was generated when "$error.Clear(); initialize-AdminGro
upPermissions -DomainController $RoleDomainController" was run: "Active Director
y operation failed on lanier01.laniertech.edu. This error is not retriable. Addi
tional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF
_ACCESS_RIGHTS), data 0
".
The Exchange Server setup operation did not complete. Visit http://support.micro
soft.com and enter the Error ID to find more information.
Exchange Server setup encountered an error.
E:\e2k10install>