Came across an interesting issue whereby I was unable to delete certain mailboxes even though I’d verified all the normal access. The error being produced was as below –
Active Directory operation failed on SVRGL1191.gloscc.gov.uk. This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-031529F8, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Luckily the fix for this proved to be very simple.
- Access Active Directory users and Computers on a domain controller or remotely.
- Enabled ‘Advanced Features’ by navigating to the View tab.
- Search for the effected user.
- Double-click the result and navigate to the Security tab.
- Click ‘Advanced’.
- Select ‘Enable inheritance’ and then click OK to apply changes.
Once these steps are complete, wait for any required syncing to happen and then retry deleting the mailbox, if you still encounter the same issue then follow the steps above and then add the current user with full rights to the users account in AD.