SOLVED

Dynamic Distribution Group issue in Hybrid Exchange Setup

Brass Contributor
Dear Folks,
 
For a customer, i have setup Hybrid Exchange based on 2013 CU 23 environment and many users have been migrated to Exchange Online. Now, I am facing an issue regarding Dynamic Distribution Group(DDG).  Well, my scenario is that my migrated users of Office 365 can't send email to Dynamic Distribution Group (DDG). These DDG are in On-Premises Exchange.
 
I have created a contact in Office 365 so that users' can select On-Premises Dynamic Distribution Group and then email can be routed to On-Premises DDG as suggested on this

 https://www.itpromentor.com/dynamic-groups-hybrid/

 
As soon as any user from EXO send email to DDG group by selecting contact from address book - Exchange Online (EXO) users get this error:
 
"Your message to DDG1@abc.com could not be delivered.
DDG1 wasn't found at abc.com"
 
Please suggest, how it can be solved. Thanks.
19 Replies

@M. Sheeraz Ansari. 

 

Hi, have you set the DDG's to accept All recipient types?

@PeterRising 

 

Yes, I have done that and tested it as mentioned in this link: https://www.itpromentor.com/dynamic-groups-hybrid/

 

but getting same error.

 

Thanks.

Thank you for all 3 previous replies.

First I would request you to check if the https://support.microsoft.com/en-gb/help/3061396/members-of-a-dynamic-distribution-group-in-an-excha... already shared if the filtering properties are working properly.

 

Also, run following commands on EMS

$FTE = Get-DynamicDistributionGroup "Full Time Employees"
Get-Recipient -RecipientPreviewFilter $FTE.RecipientFilter -OrganizationalUnit $FTE.RecipientContainer

to check if it returns the results as expected. 

@Ashkb and @PeterRising 

 

Thanks for your replies guys. Well, when i am running below command as per the article.

 

Set-DynamicDistributionGroup -Identity DDG1@abc.com -IncludedRecipients "MailboxUsers,MailContacts" -RecipientFilter {((RecipientType -eq 'UserMailbox' -or 'MailUser' -or 'MailContact'))}

 

I am getting this error:

 

"Cannot bind parameter 'RecipientFilter' to the target. Exception setting "RecipientFilter": "Invalid filter syntax.
For a description of the filter parameter syntax see the command help.
"((RecipientType -eq 'UserMailbox' -or 'MailUser' -or 'MailContact'))" at position 39."
+ CategoryInfo : WriteError: (:) [Set-DynamicDistributionGroup], ParameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Exchange.Management.RecipientTasks.SetDynamicDistributi
onGroup"

 

Please suggest the correct Syntax of command. Thanks.

@Ashkb 

 

To add more info, yes; this command is returning - correct members of the Dynamic Distribution Group.

 

$FTE = Get-DynamicDistributionGroup "Full Time Employees"
Get-Recipient -RecipientPreviewFilter $FTE.RecipientFilter -OrganizationalUnit $FTE.RecipientContainer

 

Thanks.

@M. Sheeraz Ansari. 

 

Try this command instead,

 

Set-DynamicDistributionGroup -Identity DDG1@abc.com -RecipientFilter {(RecipientType -eq 'UserMailbox') -or (RecipientType -eq 'MailUser') -or (RecipientType -eq 'MailContact')}

 

@PeterRising 

 

Thanks Peter, your suggested change in command has worked. After applying those changes on Dynamic Distribution Group (DDG), I have waited for around 4 to 6 hours and after applying changes on DDG - I still get same error/ NDR message.

 

Well, i also observed below Error details in the NDR, please see if it can help.

 


"Error Details
Reported error: 550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient DDG1@abc.com not found by SMTP address lookup
DSN generated by: DX2P273MB0172.AREP273.PROD.OUTLOOK.COM "

 

Thanks.

 

@PeterRising 

 

Hi Peter, Thanks for sharing that article. Well yes, i had already created the contact for that Dynamic Distribution Group and still getting the same error message. Well, I observed one strange thing with DDG email in On-Premises exchange is that - DDG group do not have email address with Proxy Address meaning only email address they have is DDG1@abc.com  and a similar contact in Exchange Online (DDG1@abc.com) for users to select form GAL.

 

I am suspecting, should i add proxy address for DDG groups manually like DDG1@tenantname.onmicrosoft.com?

 

Just to clarify further, there is no issue with normal Distribution groups - On-Premises users and EXO users can send email to Distribution groups. Only issue with Dynamic Distribution Groups.

 

Thanks.

@M. Sheeraz Ansari. 

 

This is very likely going to be part of the problem yes.  In order for email to work in a Hybrid, all mail accounts must have an alias address added in the format of;

 

DDG1@tenantname.mail.onmicrosoft.com

 

Note that I have added mail into this address.  This is important.  Please can you try this?

@PeterRising 

 

Thanks Peter, yeah i meant username@tenanatName.mail.onmicrosoft.com was missing and i have added it. After doing this i got below error for couple of test emails

 

"Your message can't be delivered because delivery to this address is restricted.
For more information about this issue see DSN code 5.7.1 in Exchange Online."

 

Then i started getting same old error 

"Your message to DDG1@abc.com couldn't be delivered.
DDG1 wasn't found at abc.com"

 

Just for your knowledge, account that i am using is authorized to send email to that DDG group. Any other ideas please. Thanks

@M. Sheeraz Ansari. 

 

Running out of ideas now.  Did you try changing the accepted domain in Exchange Online to Internal Relay as the original document you posted suggested?

 

Short of this, I would suggest opening a ticket with Microsoft support as your next logical step.

@PeterRising 

 

Thanks Peter. Well, I will do that and will post the solution. Thanks for your all support.

@PeterRising 

 

Yes, domain is set to Internal Relay since i found out that article. Thanks. 

@M. Sheeraz Ansari. 

 

Thank you, yes please do post here again if you get the solution from Microsoft.  Good luck.

best response confirmed by M. Sheeraz Ansari. (Brass Contributor)
Solution

@PeterRising 

 

We finally able to solve this issue while working with Office 365 Support. It has taken a long time due to ping pong between on premises and Exchange Online teams. Anyway, after digging a while - solution turned out be an attribute issue, which solved our problem.

 

1. we re-run the Hybrid configuration wizard then following command was run on affected Dynamic Distribution Group.

 

Set-DynamicDistributionGroup DDG1@abc.com -RequireSenderAuthenticationEnabled $false

 

Hopefully, it may help someone out there. Thanks.

@M. Sheeraz Ansari. 

 

Hey 

So eventuallly you didnt need to add proxy address of @tenant.mail.onmicrosoft.com to the dynamic group?

Hi @shai101,

We added proxy address "email address removed for privacy reasons" then used this command to mark authentication attribute to false.

Set-DynamicDistributionGroup email address removed for privacy reasons -RequireSenderAuthenticationEnabled $false

Hope, this helps.
1 best response

Accepted Solutions
best response confirmed by M. Sheeraz Ansari. (Brass Contributor)
Solution

@PeterRising 

 

We finally able to solve this issue while working with Office 365 Support. It has taken a long time due to ping pong between on premises and Exchange Online teams. Anyway, after digging a while - solution turned out be an attribute issue, which solved our problem.

 

1. we re-run the Hybrid configuration wizard then following command was run on affected Dynamic Distribution Group.

 

Set-DynamicDistributionGroup DDG1@abc.com -RequireSenderAuthenticationEnabled $false

 

Hopefully, it may help someone out there. Thanks.

View solution in original post