"You don't have sufficient permissions" error when you change the membership of a role group in Office 365 dedicated/ITAR
If new role groups are created to customize the RBAC configuration, we recommend that you use the ManagedBy property to set the SSA-Role Management group as the owner. For example, use the following cmdlet:
New-RoleGroup "SSA-New Custom Role Group" -Roles "SSA-Mail Recipients" -ManagedBy "SSA-Role Management"If the ManagedBy property is not specified, the individual who creates the account will be automatically added as the owner.
The RBAC customization feature that's available in Microsoft Exchange Server 2013 lets users change the baseline role group and management role implementation. Users can create custom role groups to let other administrators manage role group membership. For more information about this feature, see the "RBAC Customization" section of the Self-Service Administration guide. Example 2 in that section shows how to create a custom membership management role group and a management role.
Note Microsoft Online Support Services will not change the role group membership of the self-service role groups, nor will it release the names of any of the role group members.
Article ID: 2932691 - Last Review: 01/15/2016 09:06:00 - Revision: 3.0
- vkbportal226 KB2932691