Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Exception message: Problem accessing Active Directory
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Exception message: Problem accessing Active Directory - 28.Feb.2008 6:19:46 AM
|
|
|
stevied
Posts: 20
Joined: 8.Sep.2004
From: England
Status: offline
|
A problem occurred while trying to use your mailbox. Please contact technical support for your organization
Request
Url: https://server:443/owa/lang.owa
User host address: xx.xx.xx.xx
Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.
Call stack
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on server-DC1.domain.com. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Call stack
Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: The user has insufficient access rights.
Call stack
System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
This is strange as some users can't access OWA, but others can. The NT Authority\Self and domain\exchange domain servers have full access to the mailbox.
Any ideas please?
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 29.Feb.2008 5:15:53 PM
|
|
|
loculi
Posts: 30
Joined: 15.Sep.2005
Status: offline
|
Hi Steve,
Have you tried checking the user properties for the individuals running into this problem?
1. In ADUC, right-click their user object and choose properties
2. Click on the security tab, then advanced
3. Ensure, "Allow inheritable permissions from the parent to propagate to this object..." is checked, if not, check it.
4. Wait for AD to replicate, then try logging into OWA as that user.
This fixed the problem for me, although your mileage may vary.
Cheers
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 7.Mar.2008 10:21:44 PM
|
|
|
sterlingblue
Posts: 1
Joined: 7.Mar.2008
Status: offline
|
I'm assuming that you're using exchange 2007 here.
Open Exchange management shell on the Mailbox server.
get-mailbox <alias> |fl *type*,*ver*
Replace <alias> with the users alias.
Your results will include the following fields:
Recipienttype: Usermailbox
and I suspect you'll see these one as well:
Recipienttypedetails: LegacyMailbox
ExchangeVersion: 0.0 (6.5.6500.0)
What that means is that exchange 2007 sees that as an exchange 2003 recipient object. OWA only likes current objects.
If that's the case, on the same mailbox server type:
set-mailbox <alias> -applymandatoryproperties
That'll tell exchange to apply the proper attribs to the object.
Then you should be able to access OWA.
Jamie
< Message edited by sterlingblue -- 7.Mar.2008 10:22:59 PM >
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 21.May2008 4:17:03 PM
|
|
|
romrunning
Posts: 35
Joined: 13.May2008
Status: offline
|
Just a note to say how helpful this was.
Loculi - you're exactly right. The key, I think, in the error message is the line where is says the "user has insufficient access rights." I had the exact same error message, and what you suggested fixed my problem.
Sterlingblue - I think you're referencing http://support.microsoft.com/kb/931747, which seems like a slightly different issue. Of course, we'll never know for sure as he didn't say if his problem was fixed.
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 25.Jun.2008 5:52:51 AM
|
|
|
milena@miciosoft.com
Posts: 1
Joined: 25.Jun.2008
Status: offline
|
quote:
ORIGINAL: loculi
1. In ADUC, right-click their user object and choose properties
2. Click on the security tab, then advanced
3. Ensure, "Allow inheritable permissions from the parent to propagate to this object..." is checked, if not, check it.
4. Wait for AD to replicate, then try logging into OWA as that user.
It works!
Thanks!
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
