Lately i was asked to enable a user for Lync.
Well, this is peace of cake we would say, until i was surprised with an error that the user cannot be enabled for Lync.
It turns out if you are member of one of these protected groups you will get the error message when you try to enable user for Lync:
- Account Operators
- Server Operators
- Print Operators
- Backup Operators
- Domain Admins
- Schema Admins
- Enterprise Admins
- Cert Publishers
To sort this out you have 2 options:
- Enable Lync through the LMS ( Enable-CSUser )
- Open the user in ADUC and in the security permissions tab enable “Include inheritable permissions from this object’s parent”
And finally we are able to setup the user for Lync.