problem 4003 (INSUFF_ACCESS_RIGHTS) error when deleting Active Directory objects
search cancel

problem 4003 (INSUFF_ACCESS_RIGHTS) error when deleting Active Directory objects


Article ID: 326165


Updated On:


VMware Aria Suite


  • Out of the box VMware Aria Automation Orchestrator (formerly vRealize Orchestrator) content fails to delete Active Directory objects when using the Active Directory plug-in for Automation Orchestrator.
Example: destroyElementRecursive action or Destroy a computer workflow fails with an error similar to:
ERROR( Error in (Dynamic Script Module name : destroyElementRecursive#1) Error when destroying an element: 00000005: SecErr: DSID-03152CA5, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0


VMware vRealize Orchestrator 8.x
VMware Aria Automation 8.x
VMware Aria Automation Orchestrator 8.x
VMware vRealize Automation 8.x


The issue can occur when the account executing the Aria Automation Orchestrator content is missing the required permissions in Microsoft Active Directory.


Validate that the user account has the required permissions to delete Active Directory objects.

Where subtrees exist for the objects being removed its necessary to grant the user the Delete Subtree permissions.