Active Directory operation failed on lyncserver.lync.local, you cannot retry this operation "Insufficient access rights to perform the operations"

When i am enabling a domain administrator in the Lync control panel i am getting the following the following error:
-------------
Active Directory operation failed on “lyncserver.lync.local". You cannot retry this operation: “Insufficient access rights to perform the operation 00002098, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0″.
You do not have the appropriate permissions to perform this operation in Active Directory. One possible cause is that the Lync Server Control Panel and Remote Windows PowerShell cannot modify users who belong to protected security groups (for example, the Domain Admins group). To manage users in the Domain Admins group, use the Lync Server Management Shell and log on using a Domain Admins Account. There are other possible causes. For details, see Lync Server 2010 Help.
-------------

Solution:

  • Open Active Directory users and computers snap in.
  • Select advanced features from Veiw option.
  • Now go to the user properties and security tab.
  • Select advanced button and select check mark “Include Inheritable Permissions from this object’s parent".
  • Come back to Lync control panel and start enabling user, it will get enabled successfully.


    :-) :-)

1 comment: