Share via

Cannot add Address List role

Anonymous
2016-09-30T20:04:50+00:00

Hi all,

I'm trying to follow article https://moonstarit.wordpress.com/2014/09/12/1800/   to be able to add / edit our address lists, and be able to use the Address Book Policy if we add a new company to our tenant, and want to "hide" the existing users from the address book.

However, as a Global Admin, when I try to edit the existing "Organisation Management" role to add the Address List role, or create a new role with Address List in it, I get an error

You don't have access to create, change, or remove the "tenantname.onmicrosoft.com\Address Lists-Organization Management" management role assignment. You must be assigned a delegating role assignment to the management role or its parent in the hierarchy without a scope restriction.

Any ideas anyone?  Not sure if related or not, but the closest thing I could find in searching online was related to different RBAC versions.  Ours is 0.1 (15.1.619.16) 

Thanks

Microsoft 365 and Office | Subscription, account, billing | For home | Windows

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

Answer accepted by question author

Anonymous
2016-10-04T05:02:53+00:00

Hi Neil,

Thanks for the updates.

According to the information you've provided, you've purchased the Office 365 license from a partner. And I understood you've contacted the partner support, to get dedicated support about the licenses you've purchased, it’s suggested you keep working with the partner support. As a tip, you can let them involve the backend team directly if you didn’t make any progress.

Best Regards,

Aaron

Was this answer helpful?

0 comments

5 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2016-10-03T08:07:01+00:00

    Thanks Barry,

    Checked the RBAC version this morning, and it is now 15.1.649.21, so looks to have been upgraded.

    Tried to add Address Lists to the Organisation Role, and a new role, as both my old and new global admin users but still no joy.

    I'll try again tomorrow, but if you need me to try anything else let me know.

    Thanks

    Was this answer helpful?

    0 comments
  2. Anonymous
    2016-10-02T09:10:34+00:00

    Hi Neil,

    Thanks for your reply.

    Now the issue seems to be related to the RBAC version, we will help you upgrade it from backend. Please be patient and try again after 24 hours.

    If the issue persists, please feel free to post back and we will continue to help you solve the issue.

    Regards,

    Barry

    [Updated by Barry Xie MSFT Support, 5:35 AM, Oct, 3, 2016 (UTC)].

    Was this answer helpful?

    0 comments
  3. Anonymous
    2016-10-01T09:34:58+00:00

    Thanks Aaron.

    No joy.

    So as my current Global Admin user I can’t add the ArchiveApplication to Organization Management (Same error) but I can add Application Impersonation and Journaling, so it is only certain roles that I can't add to the permissions.

    Then I created a new user and assigned global admin permissions.

    Logged in and Edited Organization Management, adding Address Lists and got same error

    “You don't have access to create, change, or remove the "tenantname.onmicrosoft.com\Address Lists-Organization Management" management role assignment. You must be assigned a delegating role assignment to the management role or its parent in the hierarchy without a scope restriction.”

    Screen shot if it helps

    So then i've logged into powershell as my new Global Admin user and tried run the new-managementroleassignment command for both the old and new global admins.  Both failing as below.

    Thanks

    Was this answer helpful?

    0 comments
  4. Anonymous
    2016-10-01T07:11:13+00:00

    Hi Neil,

    I have done some tests using my test tenant but cannot reproduce the issue, my RBAC version is 0.1 (15.1.639.11). To identify if the issue is related to the RBAC version or any other factor, please firstly help us confirm the following information:

    1. Try adding other roles to the "Organisation Management" role group, see if you get the same error message.
    2. Create a new global admin account(you don’t need to assign any license to this account), then use the account to log into EAC(Exchange Admin Center) and assign Address List role to this account.
    3. Connect to Exchange Online PowerShell, then:

    Run the command below in the exchange online powershell to check if there is any error message:

    *new-managementroleassignment -role "address lists" -user *****@contoso.com -delegating

    If there isn’t an error message, then run the command below to assign the address list role to your admin account:

    *new-rolegroup -name "address list management" -roles "address lists" -members *****@contoso.com

    Note: replace ******@contoso.com with your admin account's email address.

    If you receive any error message, please share its screenshot for analysis. As a tip, please mask your private information in the screenshot.

    Meanwhile, if the issue is related to the RBAC version, we need to collect your tenant information to help to upgrade it. For privacy concern, I have sent you a private message to collect it. You can click the following link to access the PM.

    https://answers.microsoft.com/en-us/privatemessages/list

    Looking forward to your updates.

    Best Regards,

    Aaron

    Was this answer helpful?

    0 comments