| Home | Kaiming |
Who can add a member to a group?
Active Directory Users and Computers
Open OUTLOOK with Rob Prince profile
How about assigning the Managed By property to Trivial user without selecting “Manager can update membership list”?
Trivial user cannot manage the membership of GG_Telus group.
However, with “Send delivery reports to group manager” selected, the manager will receive the delivery messages when mail is sent to the group.
Add-DistributionGroupMember -id DG_House -Member Rob.Prince
Remove-DistributionGroupMember -id DG_House -Member Rob.Prince
Get-DistributionGroupMember -id DG_House
When sending mail to a disabled mailbox, the NDR will be generated. Group manager should remove the disabled mailbox from the membership list, otherwise NDR will be generated.
Dynamic Distribution Group
A distribution group that uses recipient filters and conditions to derive its membership at the time messages are sent.
It is automatically maintained and always includes the accurate members. Execution of queries against the directory to populate dynamic distribution groups. Expansion of groups
You cannot view the membership of a dynamic distribution group from its GAL properties in Outlook.
Exchange 2007 limits the recipients that can be included in a dynamic distribution group to a single domain.
You cannot use dynamic groups to control access to objects like connectors.
you cannot nest these groups inside other distribution groups.
Members of a Distribution Group are determined. When a mail is sent to a Distribution Group, a Hub Transport server just expands the member list.
Members of a Dynamic Distribution Group are not determined. When a mail is sent to a dynamic distribution group, its member must be resolved against Active Directory based on the query. And, a Hub Transport server expands the member list.
Obviously, the Dynamic Distribution Group is more resource intensive than the distribution group.
Both of them uses a recipient filter to locate all of the objects. The membership of a Dynamic Distribution group is determined by Exchange Transport Server at the time the client sends email to the group. The membership of an address list is persistent that outlook clients can access the individual member.
New-AddressList –Name 'Newton Staff' –RecipientFilter (Get-DynamicDistributionGroup 'DG_Newton').RecipientFilter
Scenario 1: Mixed environment
In AD users and computers, the dynamic distribution group properties will have a Preview tab instead of Members tab.
Scenario 2: pure Exchange 2007
The DG_Newton dynamic distribution group is created, its type is msExchDynamicDistributionList from AD users and computers. There is no Preview tab at all.
Exchange Management Console
The Dynamic Distribution Group dg1 is created, , you could see that its properties include Filter tab and Conditions tab. To see its membership, click the Preview button on Conditions tab.
Exchange 2003 query based distribution groups use queries that are expressed in LDAP format while Exchange 2007 dynamic distribution groups use queries in OPATH format.
To see the difference between LDAP and OPATH format, let’s create a dynamic distribution group: DG_Shaw.
new-DynamicDistributionGroup -Name 'DG_shaw' -IncludedRecipients 'AllRecipients' -ConditionalCompany 'Shaw' -OrganizationalUnit 'work.com/Shaw OU' -Alias 'DG_shaw' -RecipientContainer 'work.com/Shaw OU'
Get-DynamicDistributionGroup dg_shaw | fl recipientFilter,LDAPRecipientFilter
RecipientFilter :
((Company -eq 'Shaw' -and Alias -ne $null) -and -not(Name -like 'SystemMailbox{*') -and -not(Name –like 'CAS_{*'))
LdapRecipientFilter :
(&(company=Shaw)(mailNickname=*)(!(name=SystemMailbox{*))(!(name=CAS_{*)))
Exchange generates the value of the LDAP filter when it creates the OAPTH filter and you should not attempt to set the LDAP filter with other tools as you may generate incompatible or unusable results.
Some basic points about OPATH syntax for building custom recipient filters are:
OPATH requires a hyphen before –and, -or, and –not operators.
Comparison operators:–eq (equal), -ne (not equal), -lt (less than), -gt (greater than), -like (like), -ilike, and -notlike.
–Like and –notlike are wildcard string compares. –iLike and –notLike are case insensitive.
The RecipientFilter property specifies the OPATH query.
Specify the filter within braces. For example, {Office –eq “Dublin}
When you create a dynamic distribution group through EMC, Exchange automatically generates the necessary filter and stores it in the RecipientFilter property.
“precanned” filters are tuned for performance.
Precanned filter is a commonly-used Exchange 2007 filter that you can use to meet a variety of recipient-filtering criteria. The wizard will create the precanned filter.
If you modify the filters created by the Wizard through Management Shell, you cannot modify the filters through MMC.
To see the membership of a Dynamic Distribution Group from Exchange Management Shell:
$Shaw=Get-DynamicDistributionGroup -identity DG_Shaw
Get-Recipient -RecipientPreviewFilter $Shaw.RecipientFilter
From clients, such as outlook and outlook Web Access, you cannot see the membership of a Dynamic Distribution Group.
For each message that is sent to a distribution group, Exchange must access the full membership list to route the message to all recipients. This process is known as distribution group expansion.
By default, Any server in the organization (HUB) can be used to do the distribution group expansion. To expand very large distribution groups is resource intensive. When you dedicate a HUB server for expansion, when it is down, mail sent to distribution groups cannot be delivered because the members are not known.