Author Topic: Office 365 - Beware of nested groups  (Read 513 times)

0 Members and 1 Guest are viewing this topic.

Offline Jeff Golas

  • Administrator
  • Scalliwag
  • *****
  • Posts: 2987
  • Karma: +338/-0
    • JKJ Website
Office 365 - Beware of nested groups
« on: May 23, 2017, 01:50:00 pm »
So I got bit by this recently, and I'm a bit flustered that this can even be a thing, but I'm not exactly sure where the failure lies per se. Long story short I guess I did something I shouldn't have been able to do, but no errors or anything.

When syncing groups/distribution lists to 365 from on-prem AD, I was able to embed a security group into a distribution list. This was allowed in AD and no problem, no error.

Verified it sync'd to 365 no problem, no error.

After many complaints about certain people not getting emails from a list, and further investigation, I found that the problem in the security group that was embedded in the distribution list were not getting emails because that security group was not email enabled. (Again, no errors, nothing saying anything was wrong). The telltale sign was that in Outlook, you can see that a group is nested in the DL, but you can't expand that group.

Adding an email address to those security groups fixed the problem after re-syncing AD to 365, and re-downloading the address book. Just @#$@# urks me to no end that this happened with NO ERRORS.

Technically, I guess nothing was done wrong, but exchange should be warning/erroring when trying to send to a non-mail-enabled group!
Jeff Golas
Johnson, Kendall & Johnson, Inc. :: Newtown, PA
Epic Online w/CSR24