Solved

Make "Username" "owner" of all groups in Exchange Admin Center for Exchange 2013?

Posted on 2016-09-29
10
50 Views
Last Modified: 2016-10-03
We have a large number of groups, both distribution and security, we'd like to make a certain admin account the owner of all the groups so that any and all changes can be made without error.  Is there a way to do this at once in EAC?
0
Comment
Question by:Daniel Checksum
  • 5
  • 5
10 Comments
 
LVL 14

Assisted Solution

by:Todd Nelson
Todd Nelson earned 500 total points
ID: 41822647
Owner?  There is no "owner" assigned to groups in Exchange.

As long as the "certain admin account" is a member of Organization Management they are able to make changes to all groups.
0
 
LVL 1

Author Comment

by:Daniel Checksum
ID: 41822651
OK, I guess I should go ahead and clarify here.  Logging in to EAC as "Administrator" (THE domain administrator) and attempting to add a user, getting "You don't have sufficient permissions.  This operation can only be performed by a manager of the group." -- We were going to make Administrator the owner of every single group so if/when we log on as Administrator we're not given this error.

The current workaround is to add the user in the ADUC group AND THEN add in EAC.
0
 
LVL 14

Assisted Solution

by:Todd Nelson
Todd Nelson earned 500 total points
ID: 41822655
What AD groups is the "administrator" a member of?  The only one that matters for Exchange to be able to do most all things in Exchange is Organization Management.
0
 
LVL 1

Author Comment

by:Daniel Checksum
ID: 41822657
It's a member in quite a few groups, not to list them all, but, at least:  "Exchange Organization Administrators, Exchange Recipient Administrators, Exchange Servers, Exchange View-Only Administrators"
0
 
LVL 14

Assisted Solution

by:Todd Nelson
Todd Nelson earned 500 total points
ID: 41822662
I would recommend adding the administrator as a member of Organization Management.  Try it out, make sure AD replication completes, and then perform the same task.

Let me know.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:Daniel Checksum
ID: 41822672
It's actually already there, showed up when I tried to add it with the error "this user is already a member..."

I actually just tried to add Administrator as the owner of the group and got the same exact error about not having permission.
0
 
LVL 14

Accepted Solution

by:
Todd Nelson earned 500 total points
ID: 41822685
Hmmm.  Okay.  This should do it...

Take an accounting of your current permissions.  This command will export a list of all distros and their existing managers to a CSV file...

Get-DistributionGroup | Select-Object Name,ManagedBy | Export-Csv C:\DistroManagers.csv -NoType

Open in new window


This command will set Administrator as the manager of an individual distro...

Set-DistributionGroup -Identity "GrouName" -ManagedBy "Administrator" -BypassSecurityGroupManagerCheck

Open in new window


This command will set Administrator as the manager of all distros...

Get-DistributionGroup | Set-DistributionGroup -ManagedBy "Administrator" -BypassSecurityGroupManagerCheck

Open in new window


Hope that helps.
0
 
LVL 1

Author Comment

by:Daniel Checksum
ID: 41826792
Update:  Just got back from the weekend and have a few more pressing projects now.  Will get back to you with results when I have more time.
0
 
LVL 1

Author Closing Comment

by:Daniel Checksum
ID: 41826867
Thanks, Todd.  Coworker applied the commands and all appears to be working.  Fantastic job, sir.
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41826873
You are most welcome.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now