jhaff
asked on
exchange powershell
I'm trying to delegate control of a distribution list... easily done in earlier version of exchange. The user has the "owner" rights on the DL properties page, but as i understand it i need to add specific AD privileges as well. i'm running the powershell as administrator with the following command:
Add-ADPermission -Identity "List Name" -user "user's name" -accessrights WriteProperty -Properties "Member"
each time i try, it errors out with the following:
Active Directory operation failed on "domain controller name". This error is not retriable. Additional info: access is denied.
AD Response ... insuff_access_rights
i've read numerous posts that i need the inherited privileges from parent object check box checked, but that does not solve the issue. any help is appreciated.
Add-ADPermission -Identity "List Name" -user "user's name" -accessrights WriteProperty -Properties "Member"
each time i try, it errors out with the following:
Active Directory operation failed on "domain controller name". This error is not retriable. Additional info: access is denied.
AD Response ... insuff_access_rights
i've read numerous posts that i need the inherited privileges from parent object check box checked, but that does not solve the issue. any help is appreciated.
Does the account you are using have the appropriate Exchange role Permissions? Organization Administrator role would for sure work...
Are you using Exchange 2010 or 2007? If you are using 2010 you need to use the -bypasssecuritygroupmanage rcheck to be able to add a managedby person on the list. The managedby users should be able to manage the members of the list.
If you are using 2007 you need to run something like this:
add-adpermission -identity 'group' -User 'group manager' -AccessRights WriteProperty -Properties "Member"
Hope this helps.
If you are using 2007 you need to run something like this:
add-adpermission -identity 'group' -User 'group manager' -AccessRights WriteProperty -Properties "Member"
Hope this helps.
ASKER
i'm in 2010 - the cmdlet you entered is exactly what i have in my post. do i simply add the -bypasssecuritygroupmanage
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.