Share via

Managed identity is exchange administrator but can't HiddenFromAddressListsEnabled

Scott Holland 5 Reputation points
2023-03-09T17:53:29.6333333+00:00

I'm trying to migrate from a runas account in Azure Automation to a managed identity. I have followed the instructions on
this page. and I can convert a mailbox to shared successfully, but I can't run

Set-Mailbox "$mailbox" -HiddenFromAddressListsEnabled $true

without getting the following error.

what am I missing? thanks.

|Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:TY0PR0101MB4562.apcprd01.prod.exchangelabs.com doesn't have write permission to tar

Active directory response: 00002098: SecErr: DSID-031514A0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Microsoft Exchange Online
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,578 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Yuki Sun-MSFT 41,146 Reputation points Microsoft Vendor
    2023-03-10T08:37:48.1966667+00:00

    Hi @Scott Holland ,

    Please make sure you were using the primary .onmicrosoft.com domain for your organization as the value of the Organization parameter when connecting to Exchange Online Powershell.

    Below is a thread which discusses a similar error message for reference:

    Cannot run set-casmailbox in O365 with App Registration

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.