Share via

Update RequireSenderAuthenticationEnabled property on on-prem Distribution Groups via Powershell for group synched to Azure AD

Anonymous
2023-03-16T16:01:15+00:00

Good morning,

We're working towards eliminating the Exchange Server 2016 CU22 installation in favor of the Exchange Management Tools from Exchange Server 2019. When this is done, as I understand it, the on-premises EAC will be unavailable. I'm testing the ability to update the RequireSenderAuthenticationEnabled property on the Deserialized.Microsoft.Exchange.Data.Directory.Management.DistributionGroup object and am getting the error below:

Write-ErrorMessage : |System.InvalidOperationException|The operation on Identity "<GUID Removed>" failed because it's out of the current user's write scope. The

action 'Set-DistributionGroup', 'RequireSenderAuthenticationEnabled', can't be performed on the object '<GUID Removed>' because the object is being synchronized

from your on-premises organization. This action should be performed on the object in your on-premises organization.

At C:\Users\sbeane-adm\AppData\Local\Temp\22\tmpEXO_qsltvmww.5u5\tmpEXO_qsltvmww.5u5.psm1:1121 char:13

+ Write-ErrorMessage $ErrorObject

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

**+ CategoryInfo          : InvalidOperation: ("&lt;GUID Removed&gt;":ADObjectId) [Set-DistributionGroup], InvalidOperationException** 

**+ FullyQualifiedErrorId : [Server=YT3PR01MB5028,RequestId="&lt;GUID Removed&gt;",TimeStamp=Thu, 16 Mar 2023 15:12:24 GMT],Write-ErrorMessage**

Documentation indicates that the Set-DistributionGroup cmdlet is available in the service and on-prem but when I disconnect from ExchangeOnline and run the Get-Command Set-DistributionGroup command it reports "get-command : The term 'set-distributiongroup' is not recognized as the name of a cmdlet, function, script file, or operable program."

My questions are these:

  1. What module, contains the command that can be used on -prem ?
  2. Is it the msExchRequireAuthToSendTo property on the group properties on the on-prem object in AD that needs to be updated ? The current value in ADUC appears to be Not Set which is unexpected.

Thanks for any assistance you can provide.

Regards,

Scott

Microsoft 365 and Office | Install, redeem, activate | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-03-16T22:21:52+00:00

    Hello Scott Beane,

    Good day!

    Thank you for posting to Microsoft Community. We are happy to help you.

    We are glad to hear that After reading this article from the docs.microsoft.com site ( https://learn.microsoft.com/en-us/answers/questions/152771/how-do-we-set-only-senders-in-the-organization-in ) your issue was resolved.

    Appreciate your patience and understanding and thank you for your time and cooperation.

    For other concerns, please do not hesitate to add you post in the Microsoft Community Team.

    Sincerely,

    Eben Ezer Tres | Microsoft Community Moderator

    Was this answer helpful?

    0 comments
  2. Anonymous
    2023-03-16T16:22:58+00:00

    Good morning,

    After reading this article from the docs.microsoft.com site ( https://learn.microsoft.com/en-us/answers/questions/152771/how-do-we-set-only-senders-in-the-organization-in ) I took another look and located the command in the Exchange Management Shell. I've successfully updated the property on the on-prem group and am awaiting for the ADSync interval before checking it on ExchangeOnline.

    Thanks to @KyleXu-MSFT for the solution and my sincere apologies for wasting anyone's time.  

    Regards,

    Scott

    Was this answer helpful?

    0 comments