How do I set an O365 user as a mailing list owner, but not a member?
I'm trying to set a user as the Owner of various distribution groups, but not as a member. When I add them as an Owner, they are automatically added as a member. When I try to remove them as a member, I get an error message which is preventing me from doing this. "Only Members who are not owners can be removed from group."
Office 365 provides the option to have Owners who are not members when creating a new distribution list, in the form of a checkbox that says "Add Group Owners as Members". This checkbox is not available for existing distribution lists, only new distribution lists.
Is there a powershell command, or some other way to change this setting on an existing distribution list, so that I can have a user who is an Owner of a distribution list, but not a member?
Solution 1:
Office 365 Group
Based on my knowledge, this difference is between Office 365 groups and distribution Lists, instead of new groups. I have tested in my Office 365. For existing DLs, I can remove the owners from members, and it will not add the owners as members when I add new owner.
But if we do the same to Office 365 groups, I get the same error with yours. So you could double-check if it is Office 365 group which you need to remove the members. If yes, this is by design. If the issue has been resolved, please mark the helpful replies as answers.
Solution 2:
A group owner can be removed from members using the Microsoft Admin Center at https://admin.microsoft.com/AdminPortal/Home#/groups/
Click on the specific group, click on the Settings tab and then on View all and manage members. From there, the owner can be removed from members.
The same operation via powershell requires using remove-AzureADGroupMember
because remove-UnifiedGroupLink
returns the same error:
Only Members who are not owners can be removed from group. Please remove ' 'domain-admin' as owners before removing them as members. d7
+ CategoryInfo : NotSpecified: (secondtest_2d4e...e6-02d6a8e2d70a9b:ADObjectId) [Remove-UnifiedGroupLinks], GroupOwnersCannotBeRemoverodException
+ FullyQualifiedErrorId : [Server=DB7PR05MB4938
[...]
Example code:
$listname = "MyList"
$MMGroupOwner = "[email protected]"
# retrieve groups and owner data
$AzMygroup = get-azureadgroup -objectid (get-unifiedgroup -Identity $listname).ExternalDirectoryObjectID
$AzMMGroupOwner = get-AzureAdUser -filter "userprincipalname eq '$MMGroupOwner'"
# remove the owner as member
remove-AzureADGroupMember -ObjectId $AzMygroup.ObjectId -MemberId $AzMMgroupOwner.ObjectId
# show group membership - the owner is not a member anymore
Get-AzureADGroupMember -ObjectId $AzMygroup.ObjectId -All $true