Applies to: Cayosoft Administrator 3.x or later
Symptoms: Assume that you create a Distribution Group on one Microsoft Exchange Server. In this situation, you cannot grant users the send-as or receive-as permission to the Distribution Group by using the Add-ADPermission cmdlet from other Exchange Servers. You can receive one of the following messages:
Active Directory operation failed on <computer.domain.com>. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException
+ FullyQualifiedErrorId : 5557AD82,Microsoft.Exchange.Management.RecipientTasks.AddADPermission
Active Directory operation failed on <DC name>. This error is not retriable. Additional information: Access is denied. Active directory response: 00000005: SecErr: DSID-03152857, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
- After you added the new domain to existing AD with Exchange Organization, you need to run the command that is described in this MS article, section "Choose the Active Directory domains to prepare": https://docs.microsoft.com/en-us/exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019#choose-the-active-directory-domains-to-prepare
- After you run the command, you also will need to restart the Cayosoft Administrator service.
This resolution is valid both for the on-premises Exchange 2010 and 2013.