SOLVED

Cannot add a "contact" in Exchange Online to an Office 365 Group as a Guest

Copper Contributor

Looks like this is an issue - I have successfully been able to add external recipients as guests in an Office 365 Group if they are not listed in the GAL, however when I come to add a contact listed in the GAL as a guest, I receive the below warning;

 

"You are trying to add a contact created by your admin. Contact your admin to add the user as a guest to this group"

 

Help please.

 

Thanks

31 Replies

I have a client that is experiencing similar issue as described by other folks on this thread: external user emails are in a dist list and we cannot add them to groups, which is a critical requirement.

 

Thank you for this response regarding this issue.  I see that it's been a couple months since this reply.  Are there any noteworthy updates?  Is there a site or page we can use to track progress?

 

Cheers!

Microsoft now has an Office 365 Roadmap item to allow a mail contact to be added as an external guest to an Office 365 group. It's coming... (like Christmas!)

Hi Tony, Thanks for the reply and great to know!  Any ideas on garnering a soft target date of 'rolling out' status on this?  I believe 'first half of 2017' was mentioned earlier in the thread.

 

Cheers!

It is "under development" so could be revealed to First Release tenants at any time. I think this is a reasonably simple change, so I would expect it in the short term.

My customer has had the situation for over a year. Where they had all business partners as mail contact objects in AD. Which means we cannot use them as guests in 365 at all. So for the moment they are paying K1 licenses and managing separate accounts for those we need access to SPO on 365. Very costly since externals do not need access that often.

Is there an update to the timeline for this? It's now mid-April and this feature still isn't available!


@Pat Woods wrote:

Is there an update to the timeline for this? It's now mid-April and this feature still isn't available!


"Add Mail Contact as guest to Office 365 Group" is still listed as 'In Development'.  I haven't seen an actual timeline associated with that status.

 

https://products.office.com/en-us/business/office-365-roadmap#abc

 

So, where is this now. I followed your link to the road map and cannot find a reference to this. I have this issue as well and would like to know when it will be a reality.

Hi Casey, This feature got released this summer. Its functional in Outlook end-points. You should try it out. Let me know if you have any questions! 

 

It is also updated in documentation; here is one article by one of Exchange MVPs https://www.petri.com/office-365-groups-mail-contacts

Sahil,

 

I've looked at this avenue and it simply isn't feasible to manage large groups of contacts this way. Adding a user level feature is not a solution for most any company.

 

I called o365 support and was pointed in the direction of the PowerShell Add-UnifiedGroupLinks cmdlet as this doesn't appear to be something that I can solve using the Admin Center or the Exchange Admin Center since contacts simply are not visible when working with Office 365 Groups.. The bad thing is that after support suggested this solution they tucked their tail between their legs and ended the call.

 

Still, i cannot get the CMDLET to work. I am attempting to sort this out with community support on this post.This is really something that needs to be addressed and a good article written about,

 

https://social.technet.microsoft.com/Forums/office/en-US/f080f8ae-9ca3-436e-9d78-6d64a777ed5c/powers...

 

Thanks for your response. It is appreciated even if it didn't solve the larger problem.

 

If I understand the problem correctly, you have some mail contacts that appear in your GAL that you want to programatically add to Office 365 Groups. If this is the case, support was correct to point you to the Add-UnifiedGroupLinks cmdlet. Here's what you need to do.

 

[PS] C:\> Add-UnifiedGroupLinks -Id GroupName -LinkType Members -Links (Get-MailContact -id MailContact).WindowsEmailAddress

 

Basically, you take the email address registered in the mail contact and use it to create a new member of the group. Because the email address already exists for a mail contact in the tenant, Office 365 recognizes that it must create a new guest user object and goes ahead to do this before adding that object as a group member.

 

Isn't PowerShell wonderful...  All explained in Chapter 15 of "Office 365 for IT Pros"... No article necessary.

For inviting guests we would need to call AAD cmdlet, Inviting guest doesn't work with O365 or exchange cmdlets, whether the guest exist as mail contact or not. 

This article includes AAD B2B sample for that: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-code-samples

 

for example you can invite any email address through 

New-AzureADMSInvitation -InvitedUserDisplayName "Test User" -InvitedUserEmailAddress Test.User@Outlook.com -SendInvitationMessage $True -InviteRedirectUrl https://teamsite.com

 

And once this user is added you can add this user to Group

$NewUser = (Get-AzureADUser -ObjectId Test.User_outlook.com#EXT#@office365itpros.onmicrosoft.com).ObjectId

$Grp = (Get-AzureADGroup -SearchString "GroupName").id

Add-AzureADGroupMember -ObjectId $Grp -RefObjectId $NewUser

 

Please note there will some delay for this new user to be replicated into Group. You should also include error handling case when ObjectId is null.