Solved

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Posted on 2010-11-26
3
9,547 Views
Last Modified: 2012-05-10
I am trying to migrate users from Exchange 2003 to Exchange 2010. I have both servers up and connected. They can see and talk to one another as well as the DC.

I was able to move three accounts, our Admin Account, A User account. However the rest of our users about 60-65 I get an error message below



Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:17
John Doe
Failed
Error:
Active Directory operation failed on DC01.MYDOMAIN.LOCAL. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.1.218.11&t=exchgf1&e=ms.exch.err.Ex6AE46B
Exchange Management Shell command attempted:
'MYDOMAIN.local/MDX Users/John Doe' | New-MoveRequest -TargetDatabase 'Mailbox Database'
Elapsed Time: 00:00:17
0
Comment
Question by:janusnetworks
  • 2
3 Comments
 

Accepted Solution

by:
janusnetworks earned 0 total points
ID: 34217987
Nevermind I figured it out.

The Solution
Inherited Permissions on the User Object. I ensured that the Administrator User Account has FULL Rights on the OU, then Allowed Inherited permissions apply then it worked.
0
 

Author Closing Comment

by:janusnetworks
ID: 34217988
Inherited Permissions on the User Object. I ensured that the Administrator User Account has FULL Rights on the OU, then Allowed Inherited permissions apply then it worked.
0
 

Expert Comment

by:Pfaelzer
ID: 34348263
1. Open Activie Directory Users and Computers
2. Make sure you can see the Advance Options by clicking View -> Advanced
Options
3. Find the user account for a mailbox that will not move
4. Right Click the User account and clikc Properties -> go to the Security Tab
5. Click Advanced and then check the box next to Include inheritable
permissions from this objects parents.
6. Go back to the Exchange Management Console and try to move the mailbox
again. You will get an error that states that there is already a move
request.
7. Copy the code under the section on how to remove the move request.
8. Paste this code into the Exchange Management Shell and click Yes to All
(A) when it asks you if you are sure.
9. Move the mailbox. This time it should work.

Regards
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now