The account does not have permission to impersonate the requested user

Follow

Comments

13 comments

  • These directions don't make sense for Office 365. It is a web site, I don't have a Windows Start Button in Office 365

    -13
    Comment actions Permalink
  • Avatar
    robert najjar

    These directions make complete sense, as you are using Windows PowerShell to remotely connect to Office 365 services. Followed them completely, and worked w/o issue.

    7
    Comment actions Permalink
  • Avatar
    Mike Monks
    I'm still getting an ErrorImpersonateUserDenied message, even though I've given my service account management role assignments (with the instructions above) and also given it FullAccess to every destination mailbox with New-MailboxPermission.
    2
    Comment actions Permalink
  • Avatar
    Nicholas Humaciu

    Hello Mike,

    There is a bit of propagation that takes place once the permissions are applied. If you have waited 20-30 minutes after applying the permissions and the error is still happening, you would need to create a support ticket here. 

    Our technicians can investigate the matter further for you.

     

    Regards,

    Nicholas

    0
    Comment actions Permalink
  • Avatar
    Tahir Ahmed

    Followed the information above but get the following notice:
    Enable-OrganizationCustomization : The term 'Enable-OrganizationCustomization' is not recognized as the name of a
    cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify
    that the path is correct and try again.
    At line:1 char:1
    + Enable-OrganizationCustomization
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (Enable-OrganizationCustomization:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    0
    Comment actions Permalink
  • Avatar
    Nicholas Humaciu

    Hello Tahir,

    That error can mean that the admin account you are using to connect to the tenant does not have the proper permissions levels to make the ''Enable-OrganizationCustomization' change. Please make sure the admin you are connecting to the tenant with is a global admin and try again. Another factor that can cause this error would be the credentials being provided in the '$LiveCred = Get-Credential' command had a typo or are incorrect.

    If you have any further issues with these commands, please open a support ticket here.

    Regards,

    Nicholas

    0
    Comment actions Permalink
  • Avatar
    Cedric Shaw

    After running the final script, I receive the error -

    Multiple user objects match the identity "admin@domain.com". Please specify a unique value. And I did input my username in place of admin@domain.com. Any idea?

    I found this thread at Microsoft. https://support.microsoft.com/en-us/help/3001960/there-are-multiple-recipients-matching-the-identity-error-message-when

    So, it looks like I need to rename my global admin username to something else.

    Yep! That solved the issue.

    0
    Comment actions Permalink
  • Avatar
    Nicholas Humaciu

    Hello Cedric,

    Great! We are happy to hear that you were able to get the issue resolved on your end!

    If you get stumped by any other issues with your project, please reach out to our support team here and we will be happy to help you get back on track.

    Take care,

    Nicholas

    0
    Comment actions Permalink
  • Avatar
    Support KS

    Hi Support.

     

    I have followed the instructions and all worked fine. Although, its only giving me the option of importing 1 user from 365. And this is the account I have used to setup the endpoint.

     

    Any help with this?

    0
    Comment actions Permalink
  • Avatar
    Nicholas Humaciu

    Hello KS,

    There could be a few different issues happening here. I would encourage you to open up a support ticket here if you already haven't and letting our technicians assist you with investigating the problem!

    Regards,

    Nicholas

    0
    Comment actions Permalink
  • Avatar
    Nils Mariß

    The URL to connect stated is wrong.

    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection

    It should be https://outlook.office365.com/powershell-liveid/
    2
    Comment actions Permalink
  • Avatar
    Tim Gunter

    This is what I am getting I have I am at a loss for why the migration will not start

    can any one enlighten me? I have tried 3 GA accounts and verified that the globals have full access to the test emails. 

     

     

     

     

    I am confused and on a time crunch please help!

    0
    Comment actions Permalink
  • Avatar
    Kyle Rinner

    Tim,

    I see you opened a ticket for this issue and were able to resolve the issue. I would recommend removing the screenshots from your post.

    Thank you

    Kyle

    0
    Comment actions Permalink

Please sign in to leave a comment.