Dynamic Distribution Lists per-group

active-directorydistribution-listsexchange-2013

It's my first time digging into MS Exchange 2013 and I need to do something like this: Each group I create needs a distribution list. Here are the groups and their assigned users:

  1. Group1
    1. User1
    2. User2
    3. User3
  2. Group2
    1. User2
    2. User4
    3. User5
  3. Group3
    1. User1
    2. User3
    3. User5

Basically, if I send an email to group1@example.com, all the people in group 1 will receive the email. Although, if I add a user into AD, I want the distribution list to automatically update itself with the right group of users.

As you can see, one member can be part of multiple groups, so I can't use the department field of Exchange. How can I do that? (Without Powershell as I know nothing of powershell)

Thanks!

Best Answer

I will tell you the way i have done this on my Exchange 2010, hoping it will also work for your Exchange 2013.

You absolutely need Powershell (Exchange Management Shell) to create the DDL :

New-DynamicDistributionGroup -Name "group1_DDL" -RecipientFilter {MemberOfGroup -eq "CN=Group1,OU=myOU,DC=domain,DC=local"} -RecipientContainer "OU=Users,OU=Account,DC=domain,DC=local"

Main points here are :

  • You need to use the OPATH filter attribute MemberOfGroup :

For this value you need to put the full DN of your AD Group.

  • You need to specify the RecipientContainer parameter :

This is the full DN where your AD users are stored.

Some explanations :

  • You need to use OPATH Filters for the RecipientFilter so that you can use the MemberOfGroup attribute. The standard memberOf attribute exposed by Exchange will not work because you need a calculated back-link property from AD :

MemberOfGroup filtering requires that you supply the full AD distinguished name of the group you're trying to filter against. This is an AD limitation, and it happens because you're really filtering this calculated back-link property from AD, not the simple concept of "memberOf" that we expose in Exchange.

  • OPATH Filters are supported for the RecipientFilter parameter :

https://technet.microsoft.com/en-us/library/bb125127(v=exchg.150).aspx

RecipientFilter : The RecipientFilter parameter filters the mail-enabled recipients used to build the dynamic distribution group. [...] The RecipientFilter parameter uses OPath syntax to query Active Directory and filter recipients.

http://exchangepedia.com/blog/2007/02/memberof-attribute-can-now-be-used-in.html :

Unlike LDAP filters, the actual attribute name - memberOf is not used in OPATH filters. The filterable property name for OPATH filters is MemberOfGroup.

  • By default (means not specified), the RecipientContainer will be the standard Users DN : CN=Users,DC=domain,DC=local. So when Exchange performs its query to determine membership, it can only see members that are in this OU. This is the reason why you need to specify the OU where your AD Users are actually stored.

Finally, here is the link to the ressource that makes me able to make this work, and from i get most of the reference above : https://exchangemaster.wordpress.com/tag/recipientcontainer

Related Topic