DynamicDistributionGroup for all users in a particular storage group
Lots of people are asking lots of questions at the ExchangeNinjas wiki! Glad to see so much participation both from within the Exchange team and also from the broad Exchange community!!
This question struck me as pretty interesting, so I figured I'd surface it on the blog as well as answering it (a few weeks ago) on the wiki... From the wiki's Recipient Management FAQs page (originally was posted to the Ask a Question page) :
Q: I want to create a custom dynamic distribution group for all users in a storage group. I can get the user if I use: get-mailbox | where {$_.Database -like "*<SGName>*"}
BUT this doesn't work for a new DDG :
new-DynamicDistributionGroup -alias test1a -name test1a -recipientfilter {Database -like "*SG01-SUKMSDMBX03*"} -org exchorg.local
I get no members! It will work on a per server basis, but this it no good for me. Can you help? Is this possible?
A: The problem is that the "Database" filter can't do partial string matches, because underneath this property is actually a distinguished name value in the AD (which can't do substring matching). Building an infrastructure that allows you to direct email to mailboxes on a storage group is definitely possible -- just not like this. Instead, you need to ensure you're using the full distinguished name for each database you want to compare against, and not using wildcards (ie, asterisk *)
There's an easy way to do this and a hard way. The hard way I'll just talk about, then I'll show you the easy way. The hard way would be to iterate through all of the MDBs in your selected storage group, concatenating a filter-parser string made up of their DNs... with appropriately placed "-or" operators between. Then pass this string into the New-DDG cmdlet as the RecipientFilter. Yuck.
The easy way is to create a DDG for each mailboxdatabase. Then create a DistributionGroup (doesn't have to be DDG) and add all of these per-MDB DDGs into the DG. Here's how that might look:
new-distributiongroup DG-MySg1 -Type Distribution -SamAccountName DG-MySg1
get-mailboxdatabase -Server Srv1 -StorageGroup MySG1 | % { New-DynamicDistributionGroup "DDG-$($_.Name)" -RecipientFilter "Database -eq '$($_.Identity.DistinguishedName)'" } | % { Add-DistributionGroupMember DG-MySg1 -Member $_.Identity }
Updated July10: Added -Server switch to make it a more real-world syntax.
Comments
Anonymous
January 01, 2003
RE: -Server switch Well, not necessarily. If you have only one mailbox server or one server with storage groups you don't need it. :) But, of course, in the real world you're right. Generally, you'll need to better qualify what mailbox databases you really want to add to the DDGs. -Server is one way of doing that.Anonymous
January 01, 2003
Sorry Evan , but just to correct you a little bit. ;-) but you need <ServerName><SG> inAnonymous
January 01, 2003
Anonymous - Nope, OU position is really nothing more than "what is my DN". And for the same reason we can't create a filter for "database -like myDatabase", we can't create a filter for "OU -like myOU". Well, sort of the same reason: we can't do DN partial matches as part of an OPATH filter. That said, the good news is that if your goal is to create a DDG, there's a parameter "-RecipientContainer" which lets you define the root DN of the DDG expansion. Simply define the OU that contains users you want to send to as this parameter and include all recipients in the OPATH filter. Note that this will not work for EAP/AL/GAL, as they don't have RecipientContainer parameter...Anonymous
January 01, 2003
More on Exchange 2007 and certificates - with real world scenario Turning off the "leave a message"Anonymous
July 10, 2007
That me a long while back. I fixed it here: http://blogs.flaphead.dns2go.com/archive/2007/05/10/exchange-2007-dynamic-distributions-groups.aspx You need the –organizationalUnit "<domain>/<ou>" in the new-distributiongroup also is you have more than one server the get-mailboxdatabase doesn't work, you need to specify the serversg name. Sorry ;-) http://blogs.flaphead.dns2go.com/archive/2007/07/10/dynamicdistributiongroup-for-all-users-in-a-particular-storage-group.aspxAnonymous
July 12, 2007
Is it possible to create an opath query to filter out members of a particular OU? I can't seem to find any filterable properties to do so. Thanks.