Article ID: 2644264 - View products that this article applies to.
Consider the following scenario. You have Microsoft Office Communications Server 2007, Microsoft Office Communications Server 2007 R2 or Microsoft Lync Server 2010 deployed in a Microsoft Exchange Server 2010 environment. You try to disable or remove a mailbox on an Exchange Server 2010 server. In this scenario, the operation fails, and you receive the following error message:
Action 'Disable' could not be performed on object 'FirstName, LastName'.
Active Directory operation failed on Server.domain.com. This error is not retriable. Additional information: Insufficient access rights to perform the operation.
Active directory response: 00002098: SecErr: DSID-XXXXXXXX, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
This issue occurs because the Exchange Server 2010 Mailbox server cannot clear the value of the msRTCSIP-Line attribute. Therefore, access is denied when you try to disable or remove a mailbox.
To resolve this issue, install the following update rollup:
(http://support.microsoft.com/kb/2645995/ )Description of Update Rollup 1 for Exchange Server 2010 Service Pack 2
To work around this issue, manually clear the value from the msRTCSIP-Line attribute by using the Active Directory Service Interfaces Editor (ADSI Edit).
Note This is also known as AdsiEdit.msc.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about the msRTCSIP-Line attribute, visit the following Microsoft website, and then scroll down to the "Primary Phone Number" term:
General information about the msRTCSIP-Line attributeFor more information about how to edit Active Directory attributes by using the ADSI Edit tool, visit the following Microsoft website:
How to edit Active Directory attributes by using the ADSI Edit tool
Article ID: 2644264 - Last Review: February 27, 2012 - Revision: 2.0
Contact us for more help
Connect with Answer Desk for expert help.