Hello,
I have some C# code that creates a MailContact in Exchange 2010 using PowerShell remotely connecting to a CAS server. It works fine and the MailContact is created. However, when I run the command Add-ADPermission from the Exchange Management Shell (EMS), I get the following error:
Active Directory operation failed on {DC}. This error is not retriable. Additional information: Ac
cess is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException
+ FullyQualifiedErrorId : 87543ECC,Microsoft.Exchange.Management.RecipientTasks.AddADPermission
What is interesting is that is I create the MailContact from the EMS using the exact same command I used in code, everything works fine when adding the AD permission.
I compared the AD permissions on each object and they look identical. Form what I can tell the AD properties all look consistent with the exception of dSCorePropagationData which shows 0x0 for the one that does not work (created in code).
Any ideas on why there would be a difference in the MailContact created through code?
Thank you!
Karl