Lync Server 2010: Enable Members of Protected Domain Security Groups

It goes without saying we all setup our environments with separate user and administrative accounts, but lets just say we wanted to enabled a member of a protected domain security group.

Using the Lync 2010 Server Control Panel you will receive the following error:

Active Directory operation failed on "dc01.exchangegeek.com". You cannot retry this operation: "Insufficient access rights to perform the operation"

We simply have to use PowerShell, which we are all using anyway, to administer members of protected domain security groups.

Enable-CsUser -Identity "daniel.noakes" -RegistrarPool "se01.exchangegeek.com" -SipAddressType EmailAddress  -SipDomain exchangegeek.com

Daniel Noakes