Set-App recipient limitation

Welcome Forums General PowerShell Q&A Set-App recipient limitation

Viewing 3 reply threads
  • Author
    Posts
    • #86077
      Participant
      Topics: 1
      Replies: 1
      Points: 0
      Rank: Member

      Hi,

      I have tried to set an app to more than 1000 users using this script, but Set-App cmdlet throws an error “Too many recipients specified, the limit is 1000 recipients.”. Get-Adgroupmember has 5000 users limitation.

      What could be another option to set an app for more than 5000 users?

      Set-ExecutionPolicy RemoteSigned
      $UserCredential = Get-Credential
      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
      Import-PSSession $Session
      $users = Get-DistributionGroupMember -Identity “Some_distribution_group”
      Set-App -OrganizationApp -Identity 41f6a6f2-1234-1234-1234-26ded39437af -ProvidedTo SpecificUsers -UserList $users.Identity -DefaultStateForUser Enabled

    • #86117
      Participant
      Topics: 4
      Replies: 52
      Points: 49
      Rank: Member

      I haven’t tested this, mainly because I don’t have a distribution group with 5000 members haha. But I believe something like this would do the trick:

      Set-ExecutionPolicy RemoteSigned
      $UserCredential = Get-Credential
      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
      Import-PSSession $Session
      $users = Get-DistributionGroupMember -Identity "Some_distribution_group"
      $count = [math]::ceiling($users.count/1000)
      foreach ($i in $count) {
          $list = $users | select -First 1000
          Set-App -OrganizationApp -Identity 41f6a6f2-1234-1234-1234-26ded39437af -ProvidedTo SpecificUsers -UserList $list.Identity -DefaultStateForUser Enabled
          $users.Remove($list)
          }
      

      Basically, we create a $count variable that counts how many iterations of 1000 (or fraction of 1000) there are that we need to cycle through. Then we select the first 1000, assign it to $list, and process the Set-App cmdlet with that new list. Afterwards, we remove the first 1000 that we used from the $users array.

      Again, not tested – no clue if it’ll work or not. Just where my mind went as a quick solution.

    • #86384
      Participant
      Topics: 2
      Replies: 1013
      Points: 2,078
      Helping Hand
      Rank: Community Hero

      The 1K limit is a Active Directory default setting. and not O365 specific.
      This is a well documented and talked about limitation for years now.

      Just use you favorite search engine—
      ‘ad return more than 1000 users’

      ‘support.microsoft.com/en-us/help/315071/how-to-view-and-set-ldap-policy-in-active-directory-by-using-ntdsutil’
      ‘richardspowershellblog.wordpress.com/2013/10/08/ads-1000-object-limit’
      ‘blog.scottlowe.org/2008/04/11/ad-integration-tip-dealing-with-more-than-1000-users’

    • #88676
      Participant
      Topics: 1
      Replies: 1
      Points: 0
      Rank: Member

      Thank you all for help. Seems this solve the issue.

      Set-ExecutionPolicy RemoteSigned
      $UserCredential = Get-Credential
      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
      Import-PSSession $Session
      $users = Get-DistributionGroupMember -Identity "Some_distribution_group"
      
      $count = [math]::ceiling($users.count/1000)
      For ($i = 1; $i -le $count; $i++) {
          $list = $users | Select -First 1000
          Set-App -OrganizationApp -Identity 41f1234-1234-1234-1234-26ded312345 -ProvidedTo SpecificUsers -UserList $list.Identity -DefaultStateForUser Enabled
          $users = $users | Where-Object { $list -notcontains $_ }
          }
      
Viewing 3 reply threads
  • The topic ‘Set-App recipient limitation’ is closed to new replies.