New-PublicFolderDatabase = Access is denied

by ucinfo, posted in Flaphead, MsExchange

Humm, so I tried to create a public folder store to on a server and got:

Summary: 2 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:01

New PUB01-PUB03
Failed

Error:
Active Directory operation failed on dc00003.mydom.local. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

The user has insufficient access rights.

Exchange Management Shell command attempted:
new-publicfolderdatabase -StorageGroup ‘CN=SG02-PUB03,CN=InformationStore,CN=PUB03,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=BarWealth,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=gbl,DC=barwealth,DC=net’ -Name ‘PUB01-PUB03’ -EdbFilePath ‘F:SG02SG02-DBPUB01-PUB03.edb’

Elapsed Time: 00:00:01

 

Turns out that if you delegate a group as server administrator they get an explicit deny on the server object for Create and Delete Public Information Store Objects.  Suppose it does make sense as a Public Folder is an org wide thing .. but hey, every day is a school day

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.