Home > Microsoft, Security, Windows > Quickie: Lync Server 2010 has same problem Exchange does

Quickie: Lync Server 2010 has same problem Exchange does

When I wanted to Enable AD users in Lync Server 2010 which were members of Domain Administrators and Enterprise Administrators I received error:

Active Directory operations failed on “DC_server”.  You cannot retry this operation: “Insufficient access rights to perform the operation 00002098: SecErr: DSID-03150E8A, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0”

It’s same problem as Exchange has. You cannot be member of those two groups, because periodically all accounts in this groups have cleared Include inheritable permissions from this object’s parent and set explicit permissions by AD. But if you want to add members of those administrative groups into Lync you can check checkbox Include inheritable permissions from this object’s parent, enable user in Lync and uncheck checkbox Include inheritable permissions from this object’s parent after you are done.

Inheritance AD User

Exchange fixed this issue after couple year in Exchange 2010 SP3. Hopefully we will have some fix also for Lync Server.

  1. runco
    April 2nd, 2013 at 22:42 | #1

    Viac info prečo je tomu tak a čo sa deje vo vnútri AD http://technet.microsoft.com/sk-sk/magazine/2009.09.sdadminholder(en-us).aspx

  2. April 3rd, 2013 at 09:24 | #2

    Vdaka Runco 🙂

  1. No trackbacks yet.