Capablity 'Partner_Managed' error adding user to Exchange Role Group

Iron Contributor

Today I faced a strange behavior. ( Fixed but with open question to the community ).

I needed to add a user to one Exchange Online Role Group ( something easy and done thousand times ).

The case is that, from the EXO AC, the specific Role Group had the "add member" option ( + ) greyed out. Of course that I checked if there was some security group related OnPrem, but was not the case. 

So, I tried to do it in PS, but got a message that I never got before:


" The action 'Add-RoleGroupMember', 'Identity,Member', may not be performed on the management role group 'SecurityAdmins_XXXXX' with capablity 'Partner_Managed' ".


I never seen before that 'Partner Managed' in a Role Group... Someone has any clue about this message?


I realized that the members of that group, ( 'SecurityAdmins_XXXXX' ), were the same as those of the standard Exchange Security Group, ( so also the same permissions ). I decided to add the user to this last one, ( te "add" option + was enabled here ), but I got again an error:




Then I tried in PS. The funny thing is, trying the standard Security Group, the system was recognizing the 'SecurityAdmins_XXXXX' one, and of course I got again the same error message, ( even with the "bypassing" switch :(




No way to find any local object related to this.


Finally, I tried to add the user in Azure:




And "voilà"! After 1 minute I was able to see the user in the required Exchange Role Group. 


Well... Basically, I fixed my issue and can go ahead with other tasks... But still would like to undesrtand better this behavior and see if someone has some information about capablity 'Partner_Managed' on a Role Group. Any information will be highly appreciated :) 

0 Replies