Active Directory operation failed on "domain.local". You cannot retry this operation: "Insufficient access rights to perform the operation

Hi Folks,

Error:-
Active Directory operation failed on "ORLDC01.DRMAIN.local". You cannot retry this operation: "Insufficient access rights to perform the operation
00002098: SecErr: DSID-03150E49, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
".You do not have the appropriate permissions to perform this operation in Active Directory. One possible cause is that the Lync Server Control Panel and Remote Windows PowerShell cannot modify users who belong to protected security groups (for example, the Domain Admins group). To manage users in the Domain Admins group, use the Lync Server Management Shell and log on using a Domain Admins account. There are other possible causes. For details, see Lync Server 2010 Help.


** When user account belongs to the administrator group or domain admin group so you cannot modify the properties in special modifying external access policy getting above error.



In this case, you can perform changes from the active directory as well as the Lync management shell.

The Lync Management Shell :

Change the external access policy with below command:

Grant-CsExternalAccessPolicy -Identity "UserName" -PolicyName "Allow Federation Access + External Access"


Comments

Popular posts from this blog

Installation Prerequisite of SharePoint 2013 on Windows server 2012 R2

Server Error - 404 file or directory not found

OWA unable to login - Exception type: Microsoft.Exchange.Data.Storage.ConnectionFailedTransientException