Insufficient access rights to perform the operation, when executing cmdlet Enable-RemoteMailbox.
Use the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service for an existing user in the on-premises Active Directory.
During an installation and configuration of Exchange 2016 with Hybrid deployment, I come across the below Error message when running the cmdlet “Enable-RemoteMailbox“.
Error: “Active Directory operation failed on Rock.solid.local. This error is not retriable. Additional information: Insufficient access rights to perform the operation.”
To resolve the issue we ned to modify the current Active Directory permission for the user object who is having this issue. The following steps will assist in resolving this issue.
- Open the user’s AD object and select the Security tab. This will show the current security configuration on the object.
If we examine the list and compare to a user that does work properly we will notice that certain Exchange permissions are either missing or different. In order to fix this, click on the Advanced button. Then select the check box that reads “Include inheritable permissions from this object’s parent”.
By having a look at the advanced Permission i see that the “Inherit Permissions ” was not “Enabled”
After “Enabling” Inheritance I ran the same command “Enable-RemoteMailbox” and it completed with out any errors.