In a Federated Tenant configuration, Active Roles does not use the optimal Organization name when working with Exchange Online cmdlets.
This can lead to poor performance and/or "Access Denied" error messages.
Attempting to set SendOn Behalf or SendAs using the Active Roles Web Interface fails.
Active Roles Administration Service verbose logging fails with an error message similar to the following:
[ExchangeOnlineConnectionManager::ExecuteCommand] Source server:BN8PR15MB2865.namprd15.prod.outlook.com doesn't have write permission to target DC:DM5PR10A02DC002.NAMPR10A002.PROD.OUTLOOK.COM. Usually it indicates that target forest isn't an account partition of source forest. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-03152E13, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0