Solved

Exchange 2010 Permissions

Posted on 2014-02-20
9
123 Views
Last Modified: 2014-08-13
We recently upgraded from Exchange 2007 to Exchange 2010 and I am no longer able to add a distribution list and managers are not able to modify a distribution list in any OU other than the built-in "Users" OU. If I try to create one in any other OU I get "Access Denied, User has insufficient access rights". I've tried adding "Everyone" full control to the OU and I am able to both add and modify the list so I am sure it's a permission thing, but if I run an effective permissions on the OU for my account I have full control and nothing is denied. Any help would be greatly appreciated.
0
Comment
Question by:choupiqueliqueur
  • 4
  • 4
9 Comments
 

Expert Comment

by:ZepIT
ID: 39874890
What version of AD are you running? You may need to use a Domain Level Account (Rights) for server changes etc. Have you also tried to do in the EMC (Exchange Management Console) verses trying to change in AD?
0
 
LVL 3

Expert Comment

by:Winsoup
ID: 39874964
Do you have organizational management rights?
0
 

Expert Comment

by:ZepIT
ID: 39875146
Yes. We found that my Admin level rights were not sufficient so I had to have a Domain Level account created with all the elevated privleges. Hope this helps your situation.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:choupiqueliqueur
ID: 39876387
We are running in 2003 functional level with several Server 2008 R2 domain controllers and a few 2003 stragglers. I am using a domain account with Organization Management rights as well as Enterprise Admin, Schema Admin, and Exchange Organization Administrator. I have tried via EMC and EMS with the same results. The only way that seems to work is to give "Everyone" "Full control" on the object or OU.
0
 

Expert Comment

by:ZepIT
ID: 39876739
I believe this would fall under your enviroment being in Co-exist mode. Question: are you using AD on your local machine and or are you using AD on the actual server/RDP/Console? The reason why I ask is that your enviroment sounds similar as we have Exchange 2010 Server 2008 along with 2003 AD. For this purpose we had to create a seperate Domain Level (Top Level) in AD. For example: If my username is admin01 and I have admin level rights, that is good for my login to my machine and daily duties. However, if I am making changes, account creation, AD rights, etc.; I need to use my admin02 with Domain Level to perform these level attributes. Hope this helps. It just really appears that the level of rights are not sufficient to perform those Exchange level changes. Maybe look to up the rights for the Exchange Administrator Role.
0
 

Author Comment

by:choupiqueliqueur
ID: 39877796
The funny thing is that I can create any other object in the Exchange console, user, contact in the same OU. I can also create Distribution Groups in the Default Users OU. I can create a Distribution group via ADUC and then mail enable it via EMC, but once I do that I cannot add members to it via EMC, but can via add and remove members via ADUC with no problems, I am using the same account for both operations.
0
 

Expert Comment

by:ZepIT
ID: 39877925
Silly question.......on the Exchange 2010 box, is your account added to the User Accounts? It has to be something in the config of your Server 2008/Exchange box.
0
 

Accepted Solution

by:
choupiqueliqueur earned 0 total points
ID: 40249180
The user in question didn't have the correct rights.  I created the management role and assigned a group, but the user wasn't in that group.
0
 

Author Closing Comment

by:choupiqueliqueur
ID: 40257861
This was the solution that solved the problem.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need Free contact management program 9 111
internet traffic 2 113
Ping / Map Network Drive Issues 7 86
Need a Marquee for Windows 4 72
The biggest nightmare for any Exchange Server Administrator is to keep the server running without any issue. But the problems often come and they need to be resolved efficiently and timely. Here are important troubleshooting points: Define the Pr…
Microsoft Office Picture Manager was included in Office 2003, 2007, and 2010, but not in Office 2013. Users had hopes that it would be in Office 2016/Office 365, but it is not. Fortunately, the same zero-cost technique that works to install it with …
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question