Hi Guys, I am having an interesting issue where I cannot disable a mailbox account the following message gets displayed: Active Directory operation failed on <domain-controller>. This error is not retriable. Additional information: Insufficient access rights to perform the operation. Active directory response: 00002098: SecErr: DSID-03150BB9, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 + CategoryInfo : NotSpecified: (0:Int32) [Disable-Mailbox], ADOperationException + FullyQualifiedErrorId : 25FC97D4,Microsoft.Exchange.Management.RecipientTasks.DisableMailbox The user account I am using to run the command disable-mailbox is a member of Recipient Management, Server Management & Organization Management. Funny thing is I can successfully run the remove-mailbox command without issue. I am currently running Exchange 2010 SP1 with a 2008 R2 AD backend Things I have tried thus far but have not worked: Reset the security permissions on the user object in Active Directory and ensured its inherting permissions from its parent Ensured that the object is not protected from deletion Ensured the server is a member of the Exchange Trusted Subsystem security group Re-ran the /prepareAD command to re-apply exchange permissions Any help would be greatly appreciated. Aaron

Is the particular user happen to be in a priviledged AD group like Domain Admins or Enterprise Admins? Any other users having the same issues?Tim Harrington | MVP: Exchange | MCITP: EMA 2007/2010, MCITP: Lync 2010, MCITP: Server 2008, MCTS: OCS | Blog: http://HowDoUC.blogspot.com | Twitter: @twharrington

Where is the target mailbox? In the Exchange 2010 or en earlier version server? Give "Exchange Trusted Subsystem" full rights on the problem user account, wait for the replication and then try again to see if this works.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

This issue might be an know issue that is indicated in KB345785, which is expected to be fixed in RU5/6. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.