Exchange Online Missing Get-DynamicDistributionGroup

Occasional Contributor

I have a service account that I use for scripting some things in Exchange, but for some reason that I can't figure out, it doesn't get Get-DynamicDistributionGroup:

PS C:\Scripts> get-command -Module tmp_pdx5cbmi.izh | where {$ -like '*dynamic*'}
CommandType     Name                                               Version    Source                                                                                                                                                                            
-----------     ----                                               -------    ------                                                                                                                                                                            
Function        Set-DynamicDistributionGroup                       1.0        tmp_pdx5cbmi.izh
I get Set-DynamicDistributionGroup though. The account has the Exchange administrator role which I would think would be enough. Anyone have any ideas?
2 Replies
best response confirmed by Aubrey Moren (Occasional Contributor)

If you only get the Set- cmdlet, you most likely dont have the relevant role assigned ("Distribution Groups"), as the role should also contain the New-/Remove- cmdlets, in addition to the Get- one.


In particular the Set-DynamicDistributionGroup can also be granted as part of the MyDistributionGroups role, part of the default role assignment policy. And the role in question does not contain any of the other DDG cmdlets:


# Get-ManagementRoleEntry "MyDistributionGroups\*-DynamicDistributionGroup"
Name                           Role                      Parameters
----                           ----                      ----------
Set-DynamicDistributionGroup   MyDistributionGroups      {ErrorAction, ErrorVariable, Identity, MailTip, MailTipTranslations, OutBuffer, OutVariable}


which looks exactly what you are getting.

@Vasil MichevThank you so much! I don't have access to the cmdlets to see what role is needed, so that is very helpful :)