troubleshooting Question

Exchange 2013 New Mailbox Problem 4003

Avatar of MainStaySolutions
MainStaySolutions asked on
Exchange
15 Comments3 Solutions1392 ViewsLast Modified:
Having an issue attempting to create a new mailbox on Exchange 2013 with CU5.  It pops up The error listed below. I am able to create a user in AD then create a mailbox for the user with no problems.  Creating the user through exchange is a problem.  I have ran setup /prepareAD and setup /prepareDomain, restarted servers, ensured the license key was entered created new exchange Administrators and still am presented with the error below. Originally the server had no health monitoring mailboxes, I was able to get exchange to create those so they are no longer missing. Not really sure what to look at next.

Microsoft.Exchange.Data.Directory.ADOperationException: Active Directory operation failed on . This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-031A1256, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 ---> System.DirectoryServices.Protocols.DirectoryOperationException: The user has insufficient access rights. at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut) at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, Nullable`1 clientSideSearchTimeout, IActivityScope activityScope, String callerInfo) at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync) --- End of inner exception stack trace --- at Microsoft.Exchange.Data.Directory.ADDataSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer) at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync) at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException) at Microsoft.Exchange.Data.Directory.ADDataSession.Save(ADObject instanceToSave, IEnumerable`1 properties, Boolean bypassValidation) at Microsoft.Exchange.Configuration.Tasks.SetTaskBase`1.InternalProcessRecord() at Microsoft.Exchange.Configuration.Tasks.NewTaskBase`1.InternalProcessRecord() at Microsoft.Exchange.Configuration.Tasks.NewADTaskBase`1.InternalProcessRecord() at Microsoft.Exchange.Management.Common.NewUserBase.InternalProcessRecord() at Microsoft.Exchange.Management.RecipientTasks.NewMailboxBase.InternalProcessRecord() at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b() at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)
   ServerOperation
   System.DirectoryServices.Protocols.DirectoryOperationException: The user has insufficient access rights. at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut) at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) at Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation, Nullable`1 clientSideSearchTimeout, IActivityScope activityScope, String callerInfo) at Microsoft.Exchange.Data.Directory.ADDataSession.ExecuteModificationRequest(ADObject entry, DirectoryRequest request, ADObjectId originalId, Boolean emptyObjectSessionOnException, Boolean isSync)
   Ex6AE46B
   
   
   False
   
   0 objects execution has been proxied to remote server.
   
   
   0
   ActivityId: 274530e2-6a32-4294-a294-6690bfc99cd4
   ServicePlan:;IsAdmin:True;
   
   en-US
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 3 Answers and 15 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 15 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros