Solved

Add mail enabled public folder to email distro list in Exchange 2010

Posted on 2014-01-10
5
757 Views
Last Modified: 2014-01-10
I am trying to add an email enabled public folder as a member of an email distro list.
Enviroment is Exchange 2010 sp2 and AD 2008 R2.

I am using EMC then going to Recipient Configuration container and then Distribution Group container, then modifying the distro group and adding the mail enabled public folder.  However, I receive the following error:

Active directory response: 00002098: SecErr: problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

I am logged in to the Exchange server with an account that is a member of the following groups:
Domain Admin
Exchange Admins
Public Folder Management

I am not following the correct steps, or am I missing some unkown permission rights?
0
Comment
Question by:AManoux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39772027
Did you just recently do a migration? This is definetly a permission issue based on the error.

Do the following...
- open adsiedit
- connect to the "default naming context"
- Expand DC=domainname,DC=domain,DC=com>CN=Microsoft Exchange System Objects
- right click on the PF>select properties
- click Advanced Tab, Ownership

Take a look at the permissions and make sure they are correct.

Will.
0
 
LVL 41

Expert Comment

by:Adam Brown
ID: 39772173
Exchange Admins isn't one of the default groups you have that grant access to what you want to do. You would need to be either an Organization Management or Recipient Management group member to do this. Make sure your name or a group you are a part of is in either of those groups and it should then allow you to do what you want.
0
 
LVL 1

Author Comment

by:AManoux
ID: 39772200
@Spec01: I tried taking ownership of the public folder but that didn't seem to help.  We did do a recent migration use Quest Migration tools to move the public folders from 2003 to 2010.

@acborwn2010:  My account is already a member of both the Org Mgmt and Recipient Mgmt groups.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39772253
Have you verified the permissions using ADSIEdit? Does this happen with any other Public Folders or just this one? I would first compare the permissions with a Mail Public Folder that is working and try to replicate the security.

If New mail public folders are working fine I would create a new one move the mail items to it from the current one, delete the current mail public folder and enable the new one with the same email as the one that you deleted.


Will.
0
 
LVL 1

Author Comment

by:AManoux
ID: 39772290
It looks like the DL was no longer inheriting all permissions from the root. I reenabled permissions inheritance and I was able to then add the PF as a member.

Thanks Will.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question