Feb 08 2023 04:23 AM
Today I faced a strange behavior. ( Fixed but with open question to the community ).
I needed to add a user to one Exchange Online Role Group ( something easy and done thousand times ).
The case is that, from the EXO AC, the specific Role Group had the "add member" option ( + ) greyed out. Of course that I checked if there was some security group related OnPrem, but was not the case.
So, I tried to do it in PS, but got a message that I never got before:
" The action 'Add-RoleGroupMember', 'Identity,Member', may not be performed on the management role group 'SecurityAdmins_XXXXX' with capablity 'Partner_Managed' ".
I never seen before that 'Partner Managed' in a Role Group... Someone has any clue about this message?
I realized that the members of that group, ( 'SecurityAdmins_XXXXX' ), were the same as those of the standard Exchange Security Group, ( so also the same permissions ). I decided to add the user to this last one, ( te "add" option + was enabled here ), but I got again an error:
Then I tried in PS. The funny thing is, trying the standard Security Group, the system was recognizing the 'SecurityAdmins_XXXXX' one, and of course I got again the same error message, ( even with the "bypassing" switch 😞
No way to find any local object related to this.
Finally, I tried to add the user in Azure:
And "voilà"! After 1 minute I was able to see the user in the required Exchange Role Group.
Well... Basically, I fixed my issue and can go ahead with other tasks... But still would like to undesrtand better this behavior and see if someone has some information about capablity 'Partner_Managed' on a Role Group. Any information will be highly appreciated 🙂