I know, I know, another work post. But it really has been taking up a lot of my mind and time lately. I worked at my previous job for over 11 years, and I was always part of a team of many other people with the exact same role as I had. So I definitely took it for granted that I could take time off at almost any time, provided we weren't all off at the same. Or that I could ask a co-worker a question about the issue at hand, or how to resolve something, or bounce ideas off of them. At my current job, I am one of two systems engineers, there's a Database Admin, and 3 help desk techs. And the other systems engineer is also the networking guy and he mostly deals with maintaining the hardware and server side of the systems work. I manage the email system exclusively, and the cloud presence(Azure AD, Office 365, Intune endpoint management, Microsoft licensing, etc.) almost exclusively. All this is to say that I really don't have overlap in most of my functions with anyone else on my team. So anything that falls in my realm, I pretty much have to figure out myself. When I'm trying to figure something out, or don't know how to do something, there's no one to ask or bounce ideas off of. Aaaaaand, I'm the end of the line for anything email, Office 365, Azure AD, etc. Recently we ran into a situation where after the migration into our M365 environment from GSuite, it became apparent we needed to convert most of our newly migrated M365 groups into Distribution Lists (DLs). I figured most of that out, wrote some scripts for it and ran them. One of the last pieces of the puzzle, was being able to set multiple owners for DLs that came from Groups with multiple owners. I could get my commands/scripts to work for setting single owners, but when I tried to set multiple owners, it would either error out, or set the first or last owner only, depending on the syntax I used in my CSV file.
I had to move forward with the conversion, and I figured I'd run a script against all the groups with single owners first, and that would give me some time later to figure out the ones with multiple owners(about 670 DLs out of a little over 2000). This is the gist of what I am trying to do:
$owners = Import-Csv .\GroupOwners.csv
Set-DistributionGroup
-Identity $_.GroupEmail -ManagedBy $_.OwnerIDs
And the CSV looks like this:
That works, as long as the OwnerIDs field only has 1 owner. If it has more than one, it fails. And this is the syntax for running the command with more than one owner:
Set-DistributionGroup
-Identity testDL@mercycorps.org
-ManagedBy owner1@mercycorps.org,owner2@mercycorps.org,owner3@mercycorps.org
That works. But if I try and feed this a CSV with the list of DLs and owners, it won't work. I looked into it, and in a CSV file, if the field contains a comma, the escape characters are quotes. You wrap the comma in quotes, and it treats it as an ordinary character, instead of a separation in the CSV. But no matter what I tried, it would still error out. In the CSV 'OwnerIDs' field I tried:
user1@domain.org,user2@domain.org,user3@domain.org
user1@domain.org","user2@domain.org","user3@domain.org
"user1@domain.org,user2@domain.org,user3@domain.org"
"user1@domain.org","user2@domain.org","user3@domain.org"
"user1@domain.org"",""user2@domain.org"",""user3@domain.org"
And probably other variations that I can't even remember right now. All would either only read the first, last, or the whole thing as 1 invalid user/email and error, or error for some other reason. I was even working with a Microsoft engineer that wasn't very helpful...I would expect them to know their own damn syntax, but apparently not. So I resorted to a not so elegant, but nevertheless functional alternative. I just started with a txt file and copied this into it:
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity -ManagedBy
Set-DistributionGroup -Identity DL2@domain.org -ManagedBy owner1@domain.org,owner2@domain.org,owner3@domain.org