Hello, I am recieving the following Error when trying to use remove-distributiongroupmember cmdlet in Azure Functions using Managed Identity. I am able to use the same MI to do other Exchange Online module cmdlets such as "set-mailbox" and I recieve no errors. But this issue has persisted for several days and I am not sure what the issue could be. I do have the Exchange Administrator access added to this MI and everything has been set up as MS showed in their douments. If anyone could help, that would be wonderful. Thank you.
2024-07-16T16:24:08.584 [Error] ERROR: |Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:SN6PR11MB3359.namprd11.prod.outlook.com doesn't have write permission to target DC:. Usually it indicates that target forest isn't an account partition of source forest. The user has insufficient access rights.Exception :Type : System.ExceptionMessage : |Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:SN6PR11MB3359.namprd11.prod.outlook.com doesn't have write permission to target DC:. Usually it indicates that target forest isn't an account partition of source forest. The user has insufficient access rights.Data : System.Collections.ListDictionaryInternalHResult : -2146233088CategoryInfo : NotSpecified: (:) [Remove-DistributionGroupMember], ExceptionFullyQualifiedErrorId : [],Write-ErrorMessageInvocationInfo :MyCommand : Write-ErrorMessageScriptLineNumber : 1204OffsetInLine : 13HistoryId : 1ScriptName : C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1Line : Write-ErrorMessage $ErrorObjectStatement : Write-ErrorMessage $ErrorObjectPositionMessage : At C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1:1204 char:13+ Write-ErrorMessage $ErrorObject+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PSScriptRoot : C:\local\Temp\tmpEXO_jxhi1j0x.wgcPSCommandPath : C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1InvocationName : Write-ErrorMessageCommandOrigin : InternalScriptStackTrace : at Write-ErrorMessage<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 550at CheckRetryAndHandleWaitTime<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 1204at Execute-Command<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 1558at script:Remove-DistributionGroupMember<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 33916at <ScriptBlock>, C:\home\site\wwwroot\ExchangePowershellTrigger\run.ps1: line 22PipelineIterationInfo :01Microsoft.Azure.WebJobs.Script.Workers.Rpc.RpcException : Result: ERROR: |Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:SN6PR11MB3359.namprd11.prod.outlook.com doesn't have write permission to target DC:. Usually it indicates that target forest isn't an account partition of source forest. The user has insufficient access rights.Exception :Type : System.ExceptionMessage : |Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:SN6PR11MB3359.namprd11.prod.outlook.com doesn't have write permission to target DC:. Usually it indicates that target forest isn't an account partition of source forest. The user has insufficient access rights.Data : System.Collections.ListDictionaryInternalHResult : -2146233088CategoryInfo : NotSpecified: (:) [Remove-DistributionGroupMember], ExceptionFullyQualifiedErrorId : [],Write-ErrorMessageInvocationInfo :MyCommand : Write-ErrorMessageScriptLineNumber : 1204OffsetInLine : 13HistoryId : 1ScriptName : C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1Line : Write-ErrorMessage $ErrorObjectStatement : Write-ErrorMessage $ErrorObjectPositionMessage : At C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1:1204 char:13+ Write-ErrorMessage $ErrorObject+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PSScriptRoot : C:\local\Temp\tmpEXO_jxhi1j0x.wgcPSCommandPath : C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1InvocationName : Write-ErrorMessageCommandOrigin : InternalScriptStackTrace : at Write-ErrorMessage<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 550at CheckRetryAndHandleWaitTime<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 1204at Execute-Command<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 1558at script:Remove-DistributionGroupMember<Process>, C:\local\Temp\tmpEXO_jxhi1j0x.wgc\tmpEXO_jxhi1j0x.wgc.psm1: line 33916at <ScriptBlock>, C:\home\site\wwwroot\ExchangePowershellTrigger\run.ps1: line 22PipelineIterationInfo :01Exception: |Microsoft.Exchange.Data.Directory.InsufficientPermissionsException|Source server:SN6PR11MB3359.namprd11.prod.outlook.com doesn't have write permission to target DC:. Usually it indicates that target forest isn't an account partition of source forest. The user has insufficient access rights.Stack: