Error: problem 4003 (INSUFF_ACCESS_RIGHTS)

Scenario:

User is not able to access Mailbox. Unable to open the recipient from EMC.

Running the Clean-Mailboxdatabase <Database Name> command resulted in the Mailbox on Disconnected Mailbox

Connect-Mailbox -Identity 'xxxxxxxxxxxxxxxxxxxx'-Database 'DBNAME' -User 'contoso\user' -Alias 'user'

Failed

Error:

Active Directory operation failed on <domain controller> ahis error is not retriable. Additional information: Insufficient access rights to perform the operation.

Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:

Connect-Mailbox -Identity 'xxxxxxxxxxxxxxxxxxxx'-Database 'DBNAME' -User 'contoso\user' -Alias 'user'

 

Resolution:

  • Open Active Directory Users and Computers.
  • Click View, and then click Advanced Features.
  • Right-click the OU that contains the user and then click Properties.
  • In the Security tab, click Advanced.
  • In the Permissions tab, click Add.
  • In the Enter object name to select box, type Exchange trusted subsystem, and then click OK.
  • In the Object tab, select This object and all descendant’s objects in the Apply onto list, locate Modify Permissions in the Permissions list, and then set it to Allow.
  • Click OK
  • Make sure above option is checked on all OU’S listed in the object path of the user object