Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Exception message: Problem accessing Active Directory
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Exception message: Problem accessing Active Directory - 28.Feb.2008 6:19:46 AM
|
|
|
stevied
Posts: 20
Joined: 8.Sep.2004
From: England
Status: offline
|
A problem occurred while trying to use your mailbox. Please contact technical support for your organization
Request
Url: https://server:443/owa/lang.owa
User host address: xx.xx.xx.xx
Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.
Call stack
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on server-DC1.domain.com. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Call stack
Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties)
Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: The user has insufficient access rights.
Call stack
System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation)
Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
This is strange as some users can't access OWA, but others can. The NT Authority\Self and domain\exchange domain servers have full access to the mailbox.
Any ideas please?
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 29.Feb.2008 5:15:53 PM
|
|
|
loculi
Posts: 38
Joined: 15.Sep.2005
Status: offline
|
Hi Steve,
Have you tried checking the user properties for the individuals running into this problem?
1. In ADUC, right-click their user object and choose properties
2. Click on the security tab, then advanced
3. Ensure, "Allow inheritable permissions from the parent to propagate to this object..." is checked, if not, check it.
4. Wait for AD to replicate, then try logging into OWA as that user.
This fixed the problem for me, although your mileage may vary.
Cheers
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 7.Mar.2008 10:21:44 PM
|
|
|
sterlingblue
Posts: 1
Joined: 7.Mar.2008
Status: offline
|
I'm assuming that you're using exchange 2007 here.
Open Exchange management shell on the Mailbox server.
get-mailbox <alias> |fl *type*,*ver*
Replace <alias> with the users alias.
Your results will include the following fields:
Recipienttype: Usermailbox
and I suspect you'll see these one as well:
Recipienttypedetails: LegacyMailbox
ExchangeVersion: 0.0 (6.5.6500.0)
What that means is that exchange 2007 sees that as an exchange 2003 recipient object. OWA only likes current objects.
If that's the case, on the same mailbox server type:
set-mailbox <alias> -applymandatoryproperties
That'll tell exchange to apply the proper attribs to the object.
Then you should be able to access OWA.
Jamie
< Message edited by sterlingblue -- 7.Mar.2008 10:22:59 PM >
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 21.May2008 4:17:03 PM
|
|
|
romrunning
Posts: 50
Joined: 13.May2008
Status: offline
|
Just a note to say how helpful this was.
Loculi - you're exactly right. The key, I think, in the error message is the line where is says the "user has insufficient access rights." I had the exact same error message, and what you suggested fixed my problem.
Sterlingblue - I think you're referencing http://support.microsoft.com/kb/931747, which seems like a slightly different issue. Of course, we'll never know for sure as he didn't say if his problem was fixed.
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 25.Jun.2008 5:52:51 AM
|
|
|
milena@miciosoft.com
Posts: 1
Joined: 25.Jun.2008
Status: offline
|
quote:
ORIGINAL: loculi
1. In ADUC, right-click their user object and choose properties
2. Click on the security tab, then advanced
3. Ensure, "Allow inheritable permissions from the parent to propagate to this object..." is checked, if not, check it.
4. Wait for AD to replicate, then try logging into OWA as that user.
It works!
Thanks!
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 4.Jul.2010 6:17:49 AM
|
|
|
h.tavakkoli
Posts: 1
Joined: 4.Jul.2010
Status: offline
|
Dear stevied
Do you run "Exchange Domain Prepare" on that domain?
To check this go to active Directory Users and Computers and from "View" menu select "Advanced Features". Right click on domain name and select "Properties".
In "Security" tab check if these two groups are exist: - "Exchange Recipient Administrators" (Read Permission)
- "Exchange Servers" (without Permission)
If these groups were not existed, you should do "Domain Preparation" on this domain. Although it is useful to do this anyway.
To doing so do the following:
On Exchange Server run this command from command prompt:
setup /PrepareDomain:<DomainFQDN>
Example: setup /PrepareDomain:child1.domain.com
Please note that setup is located on Exchange 2007 DVD and you should be member of "Enterprise Admins" group.
Additionally you could prepare all of your domains by running this command:
setup /PrepareAllDomains
Good luck!
< Message edited by h.tavakkoli -- 5.Jul.2010 1:55:34 AM >
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 23.Jun.2011 5:02:04 AM
|
|
|
blisad1
Posts: 4
Joined: 23.Jun.2011
Status: offline
|
I think i have a solution for you try this
In ADUC, right-click their user object and choose properties
Click on the security tab, then advanced
Ensure, "Allow inheritable permissions from the parent to propagate to this object..." is checked, if not, check it. Wait for AD to replicate, then try logging into OWA as that user.
_____________________________
<a href="http://www.fabric-blinds.com">fabric blinds</a>
|
|
|
|
|
RE: Exception message: Problem accessing Active Directory - 25.Sep.2014 11:44:10 PM
|
|
|
jeffwllms
Posts: 1
Joined: 25.Sep.2014
Status: offline
|
I have a similar issue, i am receiving a similar message trying to log into owa, although it seems to be effecting all users (everything was working a couple hours ago). It also seems to effect phones from getting email.
the error message shows "Exception type: Microsoft.Exchange.Data.Storage.StorageTransientException
Exception message: There was a problem accessing Active Directory."
as apposed to "StoragePermanentException"
as far as checking the suers properties to make sure propagation check mark is selected it is on all users.
I can't seem to fins any info on the error, does anyone have any ideas.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
