SQL Server 2005 Setting up a 2 node cluster troubleshooting
在Windows Server 2008上做Exchange 2007 SCC无法创建OAB的临时解决办法
There is one user that cannot get logged into OWA. When he tries to login, it tells
him that he does not have permission to do so.
log
Request
Url: https://exchangesrv.ht17.c...
User host address: 10.13.30.200
Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.
Call stack
在 Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save() 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext) 在 System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() 在 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on DC89-jd1497.ht17.com. This error is not retriable. Additional information: 访问权不够,不能执行该操作。. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Call stack
在 Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer) 在 Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId) 在 Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties) 在 Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: 用户没有足够的访问权限。
Call stack
在 System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut) 在 System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) 在 Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation) 在 Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
1. Open Active Directory Users and Computers.
2. Click View, and then click Advanced Features.
Note To make the Security tab available at both the user level and the
organizational unit level, you must enable the Advanced Features option in Active
Directory Users and Computers.
This option is available under the View menu.
3. Open the properties for both the user level and the organizational unit
level that the users are located in, and then locate the Security tab.
4. Click Advanced.
5. Make sure that the following check box is selected: Allow inheritable
permissions from the parent to propagate to this object and all child objects.
Include these with entries explicitly defined here.
6. Force Active Directory replication
him that he does not have permission to do so.
log
Request
Url: https://exchangesrv.ht17.c...
User host address: 10.13.30.200
Exception
Exception type: Microsoft.Exchange.Data.Storage.StoragePermanentException
Exception message: There was a problem accessing Active Directory.
Call stack
在 Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save() 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostLocally(OwaContext owaContext, OwaIdentity logonIdentity, CultureInfo culture, String timeZoneKeyName, Boolean isOptimized) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchLanguagePostRequest(OwaContext owaContext) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext) 在 Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext) 在 System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() 在 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADOperationException
Exception message: Active Directory operation failed on DC89-jd1497.ht17.com. This error is not retriable. Additional information: 访问权不够,不能执行该操作。. Active directory response: 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Call stack
在 Microsoft.Exchange.Data.Directory.ADSession.AnalyzeDirectoryError(PooledLdapConnection connection, DirectoryRequest request, DirectoryException de, Int32 totalRetries, Int32 retriesOnServer) 在 Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId) 在 Microsoft.Exchange.Data.Directory.ADSession.Save(ADObject instanceToSave, IEnumerable`1 properties) 在 Microsoft.Exchange.Data.Storage.ExchangePrincipal.Save()
Inner Exception
Exception type: System.DirectoryServices.Protocols.DirectoryOperationException
Exception message: 用户没有足够的访问权限。
Call stack
在 System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut) 在 System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) 在 Microsoft.Exchange.Data.Directory.PooledLdapConnection.SendRequest(DirectoryRequest request, LdapOperation ldapOperation) 在 Microsoft.Exchange.Data.Directory.ADSession.ExecuteModificationRequest(ADRawEntry entry, DirectoryRequest request, ADObjectId originalId)
1. Open Active Directory Users and Computers.
2. Click View, and then click Advanced Features.
Note To make the Security tab available at both the user level and the
organizational unit level, you must enable the Advanced Features option in Active
Directory Users and Computers.
This option is available under the View menu.
3. Open the properties for both the user level and the organizational unit
level that the users are located in, and then locate the Security tab.
4. Click Advanced.
5. Make sure that the following check box is selected: Allow inheritable
permissions from the parent to propagate to this object and all child objects.
Include these with entries explicitly defined here.
6. Force Active Directory replication
Reader Comments