We are in a hybrid setup with on-premises AD syncing to Azure and an on-premises exchange that is for management purposes only.
We have a security group in on-premises AD called yyy-all, it does not show up in our Exchange on-premises as a mail enabled group either in the web interface or PowerShell. However, it does show up as a mail enabled security group in Exchange Online. I have tried to hide this group from the GAL but even with HiddenFromAddressListsEnabled set to True it still shows up in everyone's address book (not a sync issue, it shows as true in Exchange Online as well and we have wait several days for the GAL to update, still there.)
I can't run disable-distributiongroup in on-premises exchange because it doesn't find it. There doesn't appear to be a disabled-distributiongroup for Exchange Online.
I'm stumped as to how it was created as a distribution group in Exchange Online, and as to how to fix this issue. My guess is that someone else attempted to disable the group and didn't do it properly.
Any thoughts?