Send as Permissions automatically disappear from specific users.

I had an case  where the send as permissions for one user cannot be set in ECP. he gets error in ECP and Shell:

Active Directory-Antwort: 00000005: SecErr: DSID-03152612, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

After giving full control on Exchange trusted subsiste over the account we are able to grand send as permissions, but after 20 minutes the permissions are gone and we are again not able to grant them because of the same error.


Disappearing of permissions let me in direction Protected Groups. There is an Artikel form Microsoft regarding this issue:

it turns out that the customer is member of administrators group, which is a protected Group. It was nested in one other made by customer security group.

This is causing the AdminCount to be increased to 1


This is causing the permissions reset and also the inheritance for this account is disabled.


this is causing the insufficient permissions error.

After removing the user form the administrator group, deleted, the admin count and enabled the inheritance the issue got resolved.


Other Protected groups are :

  • Enterprise Admins
  • Schema Admins
  • Domain Admins
  • Administrators
  • Account Operators
  • Server Operators
  • Print Operators
  • Backup Operators
  • Domain Admins
  • Schema Admins
  • Enterprise Admins
  • Cert Publishers




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s