Recently, I stumbled on an issue when working with address lists in Exchange Online (Office 365). Existing Members didn't show up in the list, although their attributes match with the filter expressions used for the address list...
Well the creation of a new address list works as expected with the Exchange Online PowerShell New-AddressList cmdlet. The command can be used as here:
New-AddressList -Name 'New York and HR' -RecipientFilter {( (department -eq 'New York') -or (department -eq 'Human Resources') )}
So, if an object matches the filter criteria, it shall be member of that address list "New York and HR". So far, so good.
The issue is that the newly created address list stays empty (check f.e. in https://outlook.office365.com).
When doing some research, it turned out that the Exchange cmdlet "Update-AddressList" is only available in the Exchange on premises environment, but not in Exchange Online. This would cause the Exchange system to update an address list...
This article describes the situation: https://support.microsoft.com/en-us/kb/2955640 "...New address lists aren't automatically updated in Exchange Online. Additionally, the Update-AddressList and Update-GlobalAddressList cmdlets aren't currently available in Exchange Online. This behavior is by design...".
There are currently only two methods for updating the address list:
- Create the address list before you create the users - then all new created users will show up, if they match the filter criteria.
- Update existing user's attributes by re-setting a property in the mailbox (or in the user properties, if it's f.e. a contact).
Honestly? Yes. Currently, it (still) seems these are the only options in Office365.
So for doing this, you could use these cmdlets for a user:
Set-User jeffh@CIECOM888546.onmicrosoft.com -Department 'New York'
If it's an Exchange property - the user has a mailbox, you could use:
Set-Mailbox jeffh@CIECOM888546.onmicrosoft.com -CustomAttribute10 'New York'
If it's a global contact, use this:
Set-Contact -Identity 'max.doe@doe.com' -Department 'New York'
As result, the users should show up in the address list shortly as in the following screenshot where I used exactly the commands from above (Set-User and Set-Contact for my demo using the department property).
Note: If the users are federated from a local AAD, of course, re-writing a user property does not work.
Set-Mailbox jeffh@sometenant.onmicrosoft.com -Department 'New York'
or a command as
Set-User jeffh@sometenant.onmicrosoft.com -MobilePhone '+1 234567890'
...will result in an error as follows, depending on the type.
The operation on mailbox "xy" failed because it's out of the current user's write scope. The action 'Set-Mailbox', 'Department', can't be performed on the object 'xy' because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.
Well, in that case, you need to perform the changes on the on premises site and resync with AAD Connect... (or users update their profile themselves).
As an alternative, IT-Admins could update a writeable Exchange Property as "SimpleDisplayName" (which is not synchronized). This property is available for users with mailboxes and for Distribution Groups. You can check that with get-mailbox -Identity ....
These links were helpful:
I hope, this information helps!