I'm new to an existing MIM 2016 environment (and FIM in general) and trying to track down an issue we've been experiencing. In the Portal, group owners are attempting to modify membership which is being denied.
Reason: The operation failed as a result of insufficient access rights.
Attributes: MailNickname
Details: No policy grants the Requestor permission to complete all changes.
If the owner is removed and re-added, they are then able to successfully modify the group membership for some short period of time (less than 24 hours). When these requests are processed, there is no mention of E-mail Alias/MailNickname being modified.
In each case, the Request appears to be using the same MPRs so I'm confused as to why it's trying to modify the E-mail Alias in one situation and not the other.
Thanks
Brett