Many times I’ve ran into the following error :
(Error : unsufficient access rights to perform the operation) while moving Lync users of moving mailboxes in Exchange.
This is due to the following :
Include inheritable permissions MUST BE ENABLED. (Also for other tasks)
When this is one or a couple of users this is no problem. When you have >100 users then you don’t want to do this manually.
This is how to script this :
First check witch users are having this problem using the following command :
Get-QADUser -SizeLimit 0 | where {$_.DirectoryEntry.psbase.ObjectSecurity.AreAccessRulesProtected}
Example :
You see the accounts which are having this problem. Nothing is fixed yet. Therefore you need to run the following command :
Get-QADUser -SizeLimit 0 | where {$_.DirectoryEntry.psbase.ObjectSecurity.AreAccessRulesProtected} | Set-QADObjectSecurity -UnlockInheritance