Link to home
Start Free TrialLog in
Avatar of mptcmanage

asked on

Cannot disable mailbox in Exchange 2010

Hi.  I'm having a problem disabling a mailbox on Exchange 2010 SP1.  The mailbox is my own and I am a domain admin.  Other domain admins are not seeing this problem.  The error is:

Active Directory operation failed on <domain controller>.  This error is not retriable.  Additional information: In sufficient access rights to perform the operation.  Active Directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0.  The user has insufficient rights.  

I have already attempted to restore inherited rights to the AD account.  Other advice?
Avatar of JanStoops
Flag of Belgium image

Using adsi edit compare the administrator accounts?
Are you an Org Admin for Exchange 2010?
Avatar of jar3817

Just because you're a domain admin doesn't mean you can do anything you want to the exchange database. Check the permissions on the mailstore and add yourself if necessary.
Avatar of mptcmanage


I don't think this has anything to do with my administrative privileges.  I can do other administrative functions in Exchange, including disabling other mailboxes.  I just can't disable this one mailbox.
Using EMS: get-mailboxpermission -identity <mailboxname>
I implicitly added me to the mailbox.

Identity             User                 AccessRights                                                IsInherited Deny
--------             ----                 ------------                                                ----------- ---- COLLEGE\jloomans     {FullAccess}                                                False       False

Still cannot disable the mailbox.
Not sure if it matters....but does someone have this mailbox open currently?
Nope.  Mailbox is closed.
Avatar of Amit
Restart Exchange Server and see, if you are able to disable it
Did you try to run Management Shell in elevated mode?
Avatar of mptcmanage

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks for Sharing.
Found the answer ourselves.
I had a problem removing a user via the EMC & the solution was:
"Restore defaults" from Advanced Security Settings in the AD'S user object.