Hello!
We have a multi-tenant Exchange 2013 server that we host multiple domains on. Due to this, we have to be careful when assigning permissions to any users on the server. I was able to work out allowing users to add/remove members of Distribution groups using this article: http://blogs.technet.com/b/rmilne/archive/2013/08/09/allow-users-to-manage-distribution-groups-without-creating-new-ones.aspx
Due to the setup of our current environment, once a distribution group is created, it has to have certain attributes modified in ADUC after it is moved into the proper domain, in order to be visible to the users in that particular domain.
I have verified that the users who are listed as owners on the groups can add / remove other users to/from the groups.
The current issue is peculiar. They can add / remove other DISTRIBUTION GROUPS to a group they are an owner of, and I have verified that it is listed in the group after they do it, but they cannot SEE the groups listed in the membership of the group.
Example:
User Tom is owner of Group A and Group B. He tries to add Group B to the member list of Group A. There are no errors when he does this, but he does not see Group B as a member of Group A after-ward. If I am logged in as administrator on ECP or OWA, I can see his change (Group B is now listed as member of Group A).
This happens for Tom in both Outlook and OWA.
Thoughts or suggestions welcomed!
Thank you.