Evan Dodds - Microsoft Exchange Server Blog

Exchange, Exchange administration stuff, and other assorted ramblings

DynamicDistributionGroup for all users in a particular storage group

DynamicDistributionGroup for all users in a particular storage group

  • Comments 6
  • Likes

Lots of people are asking lots of questions at the ExchangeNinjas wiki! Glad to see so much participation both from within the Exchange team and also from the broad Exchange community!!

This question struck me as pretty interesting, so I figured I'd surface it on the blog as well as answering it (a few weeks ago) on the wiki... From the wiki's Recipient Management FAQs page (originally was posted to the Ask a Question page) :

Q: I want to create a custom dynamic distribution group for all users in a storage group. I can get the user if I use: get-mailbox | where {$_.Database -like "*<SGName>*"}
BUT this doesn't work for a new DDG :
new-DynamicDistributionGroup -alias test1a -name test1a -recipientfilter {Database -like "*SG01-SUKMSDMBX03*"} -org exchorg.local
I get no members!   It will work on a per server basis, but this it no good for me.  Can you help?  Is this possible?


A: The problem is that the "Database" filter can't do partial string matches, because underneath this property is actually a distinguished name value in the AD (which can't do substring matching). Building an infrastructure that allows you to direct email to mailboxes on a storage group is definitely possible -- just not like this. Instead, you need to ensure you're using the full distinguished name for each database you want to compare against, and not using wildcards (ie, asterisk *)

There's an easy way to do this and a hard way. The hard way I'll just talk about, then I'll show you the easy way. The hard way would be to iterate through all of the MDBs in your selected storage group, concatenating a filter-parser string made up of their DNs... with appropriately placed "-or" operators between. Then pass this string into the New-DDG cmdlet as the RecipientFilter. Yuck.

The easy way is to create a DDG for each mailboxdatabase. Then create a DistributionGroup (doesn't have to be DDG) and add all of these per-MDB DDGs into the DG. Here's how that might look:

new-distributiongroup DG-MySg1 -Type Distribution -SamAccountName DG-MySg1
get-mailboxdatabase -Server Srv1 -StorageGroup MySG1 | % { New-DynamicDistributionGroup "DDG-$($_.Name)" -RecipientFilter "Database -eq '$($_.Identity.DistinguishedName)'" } | % { Add-DistributionGroupMember DG-MySg1 -Member $_.Identity }

Updated July10: Added -Server switch to make it a more real-world syntax.

Comments
  • More on Exchange 2007 and certificates - with real world scenario Turning off the &quot;leave a message&quot;

  • That me a long while back. I fixed it here:

    http://blogs.flaphead.dns2go.com/archive/2007/05/10/exchange-2007-dynamic-distributions-groups.aspx

    You need the –organizationalUnit "<domain>/<ou>" in the new-distributiongroup

    also is you have more than one server the get-mailboxdatabase doesn't work, you need to specify the server\sg name.

    Sorry ;-)

    http://blogs.flaphead.dns2go.com/archive/2007/07/10/dynamicdistributiongroup-for-all-users-in-a-particular-storage-group.aspx

  • Sorry Evan , but just to correct you a little bit. ;-) but you need &lt;ServerName&gt;\&lt;SG&gt; in

  • RE: -Server switch

    Well, not necessarily. If you have only one mailbox server or one server with storage groups you don't need it. :)

    But, of course, in the real world you're right. Generally, you'll need to better qualify what mailbox databases you really want to add to the DDGs. -Server is one way of doing that.

  • Is it possible to create an opath query to filter out members of a particular OU?  I can't seem to find any filterable properties to do so.  Thanks.

  • Anonymous - Nope, OU position is really nothing more than "what is my DN". And for the same reason we can't create a filter for "database -like *myDatabase*", we can't create a filter for "OU -like *myOU*". Well, sort of the same reason: we can't do DN partial matches as part of an OPATH filter.

    That said, the good news is that if your goal is to create a DDG, there's a parameter "-RecipientContainer" which lets you define the root DN of the DDG expansion. Simply define the OU that contains users you want to send to as this parameter and include all recipients in the OPATH filter. Note that this will not work for EAP/AL/GAL, as they don't have RecipientContainer parameter...

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment