OWA Problems "There was a problem accessing Active Directory."

Hello everybody

We have problems by some users. When they want to connect to OWA. they become this error.

Exchange: 2007
Clients: Windows XP
AD function level 2003 with Windows Server 2008 DC

Thanks for your help.

Request
Url: https://webmail.XXX.com:443/OWA/lang.owa
User host address: XXXXX

Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.

Call stack

Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on SGUR10001.gemurdom.ch. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150E8A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Call stack

Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()

Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: The user has insufficient access rights.

Call stack

System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
axegaAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
e_aravindConnect With a Mentor Commented:
1. Open Active Directory Users and Computers.
2. Click “View”->”Advanced Features” to enable advanced features.
3. Right click the problematic Exchange 2007 account and click “Properties”.
4. Click “Security” tab, click “Advanced” button.
5. Please enable the option “Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here”. Click “OK”.
0
 
v_9mhdrfCommented:
Please give the Authenticated Users NTFS permission to CLient access folder, and also in IIS 7 in the Website level and inherit to the sub foders.

And still you face the issue, please perform the removal and recreation of the OWA virtual Directories by follownig the kb- 941201.

Please check out and revert back if you have any issues.
0
 
e_aravindCommented:
Check if this user-account is missing the inheritance permission
If yes, we need to configure the same
0
 
axegaAuthor Commented:
Thanks for your help!
0
All Courses

From novice to tech pro — start learning today.