We had no test environment to work with, so my first half-usable install of Lync was on our production network. Now I think I have my topology correct after removing everything from within AD per this article: http://blog.armgasys.com/?p=320
When I add users, I get the error: "Active Directory operation failed on server.lss.local. You cannot retry this operation: "Insufficient access rights to perform the operation"
I think I am missing a user attribute that needs to be cleared? How would I be able to find this out?