Cybertronnh
asked on
Can't move mailboxes from Exchange 2003 to 2010
I am currently working on a network that has 2 domains within the forest. I recently implemented an Exchange 2010 server to replace the Exchange 2003 server. These servers hold the mailboxes for users on both domains.
I was able to move the mailboxes from 2003 to 2010 for all the users on the main domain. However, when I attempt to move the mailboxes from the sub-domain, I get the following error:
Active directory failed on server1. additional information: insufficient access rights to perform this operation:
Active directory response: 00002098: SecErr: DSID-03150A48. problem 4003 (INSUFF_ACCESS_RIGHTS). Data 0
the user has insufficient access rights
This occurs whether I am logged into the Exchange 2010 server as the administrator of the top domain or as the administrator of the sub domain.
What rights do I need to assign and to which administrator user?
I was able to move the mailboxes from 2003 to 2010 for all the users on the main domain. However, when I attempt to move the mailboxes from the sub-domain, I get the following error:
Active directory failed on server1. additional information: insufficient access rights to perform this operation:
Active directory response: 00002098: SecErr: DSID-03150A48. problem 4003 (INSUFF_ACCESS_RIGHTS). Data 0
the user has insufficient access rights
This occurs whether I am logged into the Exchange 2010 server as the administrator of the top domain or as the administrator of the sub domain.
What rights do I need to assign and to which administrator user?
Paul MacDonald
Make sure the user accounts in AD are set to inherit permissions.
What credentails are used to move ?
Does the Admin or whatever creds used for Sub-domain have appropriate rights on Exchange and Users to perform the move ?
- Rancy
Does the Admin or whatever creds used for Sub-domain have appropriate rights on Exchange and Users to perform the move ?
- Rancy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I saw the article about setting the user's security properties to inherit permissions and on the mailbox I am experimenting with I have "include inheritable permissions from this object's parert" checked. Still I am unable to move this mailbox
u need to prepare the domain run setup.com /preparedomain:fqdnofsubdo
Wait,
Did you check the box that said to allow inheritable permissions or was it already checked? If you just checked it then replication will have to take place before this setting will take effect. try forcing replication between all of your DC's if possible and restart the information store service in one location where a mailbox resides then try to move the mailbox again.
Did you check the box that said to allow inheritable permissions or was it already checked? If you just checked it then replication will have to take place before this setting will take effect. try forcing replication between all of your DC's if possible and restart the information store service in one location where a mailbox resides then try to move the mailbox again.
ASKER
I did the setup /perparedomain:fqdn and I was able to move the first mailbox. I will update this question after I have moved the remaining maiboxes. Thank you AKHater!