Solved

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Posted on 2010-11-26
3
9,772 Views
Last Modified: 2012-05-10
I am trying to migrate users from Exchange 2003 to Exchange 2010. I have both servers up and connected. They can see and talk to one another as well as the DC.

I was able to move three accounts, our Admin Account, A User account. However the rest of our users about 60-65 I get an error message below



Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:17
John Doe
Failed
Error:
Active Directory operation failed on DC01.MYDOMAIN.LOCAL. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.218.11&t=exchgf1&e=ms.exch.err.Ex6AE46B
Exchange Management Shell command attempted:
'MYDOMAIN.local/MDX Users/John Doe' | New-MoveRequest -TargetDatabase 'Mailbox Database'
Elapsed Time: 00:00:17
0
Comment
Question by:janusnetworks
  • 2
3 Comments
 

Accepted Solution

by:
janusnetworks earned 0 total points
ID: 34217987
Nevermind I figured it out.

The Solution
Inherited Permissions on the User Object. I ensured that the Administrator User Account has FULL Rights on the OU, then Allowed Inherited permissions apply then it worked.
0
 

Author Closing Comment

by:janusnetworks
ID: 34217988
Inherited Permissions on the User Object. I ensured that the Administrator User Account has FULL Rights on the OU, then Allowed Inherited permissions apply then it worked.
0
 

Expert Comment

by:Pfaelzer
ID: 34348263
1. Open Activie Directory Users and Computers
2. Make sure you can see the Advance Options by clicking View -> Advanced
Options
3. Find the user account for a mailbox that will not move
4. Right Click the User account and clikc Properties -> go to the Security Tab
5. Click Advanced and then check the box next to Include inheritable
permissions from this objects parents.
6. Go back to the Exchange Management Console and try to move the mailbox
again. You will get an error that states that there is already a move
request.
7. Copy the code under the section on how to remove the move request.
8. Paste this code into the Exchange Management Shell and click Yes to All
(A) when it asks you if you are sure.
9. Move the mailbox. This time it should work.

Regards
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question