New-ManagementRole in Exchange Online Powershell

Try as I could, I could not get the powershell command in this technet article to work in Exchange online: https://technet.microsoft.com/en-us/library/dd298073(v=exchg.150).aspx

The article cleverly suggests that to create a custom management role, you create a new role and then just strip out the commands you don’t want by filtering out certain commands and removing the rest. This worked fine in my on premise Exchange 2013 environment, but try as I could, it would not work in EOP.

Get-ManagementRoleEntry "Redmond Journaling View-Only\*" | `
Where { $_.Name -NotLike "Get*" } | `
Remove-ManagementRoleEntry

Attempting this command in Exchange Online you get the following:

PS C:\> Get-ManagementRoleEntry "Redmond Journaling View-Only\*" | `
Where { $_.Name -NotLike "Get*" } | `
Remove-ManagementRoleEntry -WhatIf

Cannot process argument transformation on parameter 'Identity'. Cannot convert value "Redmond Journaling View-Only" to type


get-managementroleentry error

The problem seems to be with the identity parameter.

Long story short, I was able to use a foreach loop to do the same thing in Exchange Online.

$rolename = “Delegated Admin Transport Hygiene”
$excludeterm = "*quarantine*"

New-ManagementRole -Name $rolename -Parent “Transport Hygiene”

$role = Get-ManagementRoleEntry ($rolename + “\*”) | `
Where { $_.Name -NotLike $excludeterm `
-and $_.name -notlike "*SenderAddress*"}

foreach ($r in $role){
Remove-ManagementRoleEntry ($rolename + "\" + $r.Name) `
-Confirm:$false}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s