Manage dynamic distribution groups

  • 16 minutes to read

Dynamic distribution groups are mail-enabled Active Directory group objects that are created to expedite the mass sending of email messages and other information within a Microsoft Exchange organization.

Unlike regular distribution groups that contain a defined set of members, the membership list for dynamic distribution groups is calculated each time a message is sent to the group, based on the filters and conditions that you define. When an email message is sent to a dynamic distribution group, its delivered to all recipients in the organization that match the criteria defined for that group.

Important

A dynamic distribution group includes any recipient in Active Directory with attribute values that match its filter. If a recipients properties are modified to match the filter, the recipient could inadvertently become a group member and start receiving messages that are sent to the group. Well-defined, consistent account provisioning processes will reduce the chances of this issue occurring.

What do you need to know before you begin?

Create a dynamic distribution group

Use the EAC to create a dynamic distribution group

  1. In the EAC, navigate to Recipients > Groups > New > Dynamic distribution group.

  2. On the New dynamic distribution group page, complete the following boxes:

    • * Display name: Use this box to type the display name. This name appears in the shared address book, on the To: line when email is sent to this group, and in the Groups list in the EAC. The display name is required and should be user-friendly so people recognize what it is. It also must be unique in the forest.

    Note

    Group naming policy isnt applied to dynamic distribution groups.

    • * Alias: Use this box to type the name of the alias for the group. The alias cannot exceed 64 characters and must be unique in the forest. When a user types the alias in the To: line of an email message, it resolves to the groups display name.

    • Description: Use this box to describe the group so people know what the purpose of the group is. This description appears in the shared address book.

    • Organizational unit: You can select an organizational unit (OU) other than the default (which is the recipient scope). If the recipient scope is set to the forest, the default value is set to the Users container in the Active Directory domain that contains the computer on which the EAC is running. If the recipient scope is set to a specific domain, the Users container in that domain is selected by default. If the recipient scope is set to a specific OU, that OU is selected by default.

      To select a different OU, click Browse. The dialog box displays all OUs in the forest that are within the specified scope. Select the OU you want, and then click OK.

    • Owner: An owner for a dynamic distribution group is optional. You can add owners by clicking Browse and then selecting users from the list.

  3. Use the Members section to specify the types of recipients for the group and set up rules that will determine membership. Select one of the following boxes:

    • All recipient types: Choose this option to send messages that meet the criteria defined for this group to all recipient types.

    • Only the following recipient types: Messages that meet the criteria defined for this group will be sent to one or more of the following recipient types:

    • Users with Exchange mailboxes: Select this check box if you want to include users that have Exchange mailboxes. Users that have Exchange mailboxes are those that have a user domain account and a mailbox in the Exchange organization.

    • Users with external email addresses: Select this check box if you want to include users that have external email addresses. Users that have external email accounts have user domain accounts in Active Directory, but use email accounts that are external to the organization. This enables them to be included in the global address list (GAL) and added to distribution lists.

    • Resource mailboxes: Select this check box if you want to include Exchange resource mailboxes. Resource mailboxes allow you to administer company resources through a mailbox, such as a conference room or a company vehicle.

    • Contacts with external email addresses: Select this check box if you want to include contacts that have external email addresses. Contacts that have external email addresses dont have user domain accounts in Active Directory, but the external email address is available in the GAL.

    • Mail-enabled groups: Select this check box if you want to include security groups or distribution groups that have been mail-enabled. Mail-enabled groups are similar to distribution groups. Email messages that are sent to a mail-enabled group account will be delivered to several recipients.

  4. Click Add a rule to define the criteria for membership in this group.

  5. Select one of the following recipient attributes from the drop-down list and provide a value. If the value for the selected attribute matches that value you define, the recipient receives a message sent to this group.

    Attribute Send message to a recipient if...
    Recipient container The recipient object resides in the specified domain or OU.
    State or province The specified value matches the recipients State or province property.
    Company The specified value matches the recipients Company property.
    Department The specified value matches the recipients Department property.
    Custom attributeN (where N is a number from 1 to 15) The specified value matches the recipients CustomAttributeN property.

    Important

    The values that you enter for the selected attribute must exactly match those that appear in the recipients properties. For example, if you enter Washington for State or province, but the value for the recipients property is WA, the condition will not be met. Also, text-based values that you specify arent case-sensitive. For example, if you specify Contoso for the Company attribute, messages will be sent to a recipient if this value is contoso.

  6. In the Specify words or phrases window, type the value in the text box. Click Add and then click OK.

  7. To add another rule to define the criteria for membership, click Add a rule under the previous rule that you created.

    Important

    If you add multiple rules to define membership, a recipient must meet the criteria of each rule to receive a message sent to the group. In other words, each rule is connected with the Boolean operator AND.

  8. When youve finished, click Save to create the dynamic distribution group.

    Note

    If you want to specify rules for attributes other than the ones available in the EAC, you must use the Exchange Management Shell to create a dynamic distribution group. Keep in mind that the filter and condition settings for dynamic distribution groups that have custom recipient filters can be managed only by using the Exchange Management Shell. For an example of how to create a dynamic distribution group with a custom query, see the next section on using the Exchange Management Shell to create a dynamic distribution group.

Use the Exchange Management Shell to create a dynamic distribution group

Note

If you do not specify an OU in your cmdlets, the default OU scope will be the local OU (the OU in which the dynamic distribution group is being created). With the New-DynamicDistributionGroup cmdlet, use the RecipientContainer parameter to specify an OU.

This example creates the dynamic distribution group Mailbox Users DDG that contains only mailbox users.

New-DynamicDistributionGroup -IncludedRecipients MailboxUsers -Name Mailbox Users DDG -RecipientContainer Users 

This example creates a dynamic distribution group with a custom recipient filter. The dynamic distribution group contains all mailbox users on a server called Server1.

New-DynamicDistributionGroup -Name Mailbox Users on Server1 -RecipientContainer Users -RecipientFilter (RecipientTypeDetails -eq UserMailbox) -and (ServerName -eq Server1) 

This example creates a dynamic distribution group with a custom recipient filter. The dynamic distribution group contains all mailbox users that have a value of FullTimeEmployee in the CustomAttribute10 property.

New-DynamicDistributionGroup -Name Full Time Employees -RecipientFilter (RecipientTypeDetails -eq UserMailbox) -and (CustomAttribute10 -eq FullTimeEmployee) 

For detailed syntax and parameter information, see New-DynamicDistributionGroup.

How do you know this worked?

To verify that youve successfully created a dynamic distribution group, do one of the following:

  • In the EAC, navigate to Recipients > Groups. The new dynamic distribution group is displayed in the group list. Under Group Type, the type is Dynamic distribution group.

  • In the Exchange Management Shell, run the following command to display information about the new dynamic distribution group.

    Get-DynamicDistributionGroup | Format-List Name,RecipientTypeDetails,RecipientFilter,PrimarySmtpAddress 

Change dynamic distribution group properties

Use the EAC to change dynamic distribution group properties

  1. In the EAC, navigate to Recipients > Groups.

  2. In the list of groups, click the dynamic distribution group that you want to view or change, and then click Edit Edit.

  3. On the groups properties page, click one of the following sections to view or change properties.

General

Use this section to view or change basic information about the group.

  • * Display name: This name appears in the address book, on the To: line when email is sent to this group, and in the Groups list. The display name is required and should be user-friendly so people recognize what it is. It also has to be unique in your domain.

  • * Alias: This is the portion of the email address that appears to the left of the at (@) symbol. If you change the alias, the primary SMTP address for the group will also be changed, and contain the new alias. Also, the email address with the previous alias will be kept as a proxy address for the group.

  • Description: Use this box to describe the group so people know what the purpose of the group is. This description appears in the address book and in the Details pane in the EAC.

  • Hide this group from address lists: Select this check box if you dont want users to see this group in the address book. To send email to this group, a sender has to type the groups alias or email address on the To: or Cc: lines.

  • Organizational unit: This read-only box displays the organizational unit (OU) that contains the dynamic distribution group. You have to use Active Directory Users and Computers to move the group to a different OU.

Ownership

Use this section to assign a group owner. A dynamic distribution group can have only one owner. The group owner appears on the Managed by tab of the object in Active Directory Users and Computers.

You can add owners by clicking Browse and selecting the owner from the list. To remove the owner, click Clear (X) and then click Save.

Membership

Use this section to change the criteria used to determine membership of the group. You can delete or change existing membership rules and add new rules. For procedures that tell you how to do this, see Use the EAC to create a dynamic distribution group in the procedures for configuring membership when you use the EAC to create a new dynamic distribution group.

Delivery management

Use this section to manage who can send email to this group.

  • Only senders inside my organization: Select this option to allow only senders in your organization to send messages to the group. This means that if someone outside your organization sends an email message to this group, it is rejected. This is the default setting.

  • Senders inside and outside of my organization: Select this option to allow anyone to send messages to the group.

    You can further limit who can send messages to the group by allowing only specific senders to send messages to this group. Click Add Add and then select one or more recipients. If you add senders to this list, they are the only ones who can send mail to the group. Mail sent by anyone not in the list will be rejected.

    To remove a person or a group from the list, select them in the list and then click Remove Remove.

    Important

    If youve configured the group to allow only senders inside your organization to send messages to the group, email sent from a mail contact is rejected, even if theyre added to this list.

Message approval

Use this section to set options for moderating the group. Moderators approve or reject messages sent to the group before they reach the group members.

  • Messages sent to this group have to be approved by a moderator: This check box isnt selected by default. If you select this check box, incoming messages are reviewed by the group moderators before delivery. Group moderators can approve or reject incoming messages.

  • Group moderators: To add group moderators, click Add Add. To remove a moderator, select the moderator, and then click Remove Remove. If youve selected Messages sent to this group have to be approved by a moderator and you dont select a moderator, messages to the group are sent to the group owners for approval.

  • Senders who dont require message approval: To add people or groups that can bypass moderation for this group, click Add Add. To remove a person or a group, select the item, and then click Remove Remove.

  • Select moderation notifications: Use this section to set how users are notified about message approval.

    • Notify all senders when their messages arent approved: This is the default setting. Notify all senders, inside and outside your organization, when their message isnt approved.

    • Notify senders in your organization only when their messages arent approved: When you select this option, only people or groups in your organization are notified when a message that they sent to the group isnt approved by a moderator.

    • Dont notify anyone when a message isnt approved: When you select this option, notifications arent sent to message senders whose messages arent approved by the group moderators.

Email options

Use this section to view or change the email addresses associated with the group. This includes the groups primary SMTP addresses and any associated proxy addresses. The primary SMTP address (also known as the reply address) is displayed in bold text in the address list, with the uppercase SMTP value in the Type column.

  • Add: Click Add Add to add a new email address for this mailbox. Select one of following address types:

    • SMTP: This is the default address type. Click this button and then type the new SMTP address in the * Email address box.

      Note

      To make the new address the primary SMTP address for the group, select the Make this the reply address check box.

    • Custom address type: Click this button and type one of the supported non-SMTP email address types in the * Email address box.

      Note

      With the exception of X.400 addresses, Exchange doesnt validate custom addresses for proper formatting. You must make sure that the custom address you specify complies with the format requirements for that address type.

  • Edit: To change an email address associated with the group, select it from the list, and then click Edit Edit.

    Note

    To make an existing address the primary SMTP address for the group, select the Make this the reply address check box.

  • Remove: To delete an email address associated with the group, select it from the list, and then click Remove Remove.

  • Automatically update email addresses based on the email address policy applied to this recipient: Select this check box to have the recipients email addresses automatically updated based on changes made to email address policies in your organization. This box is selected by default.

MailTip

Use this section to add a MailTip to alert users of potential issues before they send a message to this group. A MailTip is text thats displayed in the InfoBar when this group is added to the To, Cc, or Bcc lines of a new email message. For example, you could add a MailTip to large groups to warn potential senders that their message will be sent to lots of people.

Note

MailTips can include HTML tags, but scripts arent allowed. The length of a custom MailTip cant exceed 175 displayed characters. HTML tags arent counted in the limit.

Group delegation

Use this section to assign permissions to a user (called a delegate) to allow them to send messages as the group or send messages on behalf of the group. You can assign the following permissions:

  • Send As: This permission allows the delegate to send messages as the group. After this permission is assigned, the delegate has the option to add the group to the From line to indicate that the message was sent by the group.

  • Send on Behalf Of: This permission also allows a delegate to send messages on behalf of the group. After this permission is assigned, the delegate has the option to add the group on the From line. The message will appear to be sent by the group and will say that it was sent by the delegate on behalf of the group.

To assign permissions to delegates, click Add under the appropriate permission to display the Select Recipient page, which displays a list of all recipients in your Exchange organization that can be assigned the permission. Select the recipients you want, add them to the list, and then click OK. You can also search for a specific recipient by typing the recipients name in the search box and then clicking Search.

Use the Exchange Management Shell to change dynamic distribution group properties

Use the Get-DynamicDistributionGroup and Set-DynamicDistributionGroup cmdlets to view and change properties for dynamic distribution groups. Advantages of using the Exchange Management Shell are the ability to change the properties that arent available in the EAC and change properties for multiple groups. For information about what parameters correspond to distribution group properties, see the following topics:

Here are some examples of using the Exchange Management Shell to change dynamic distribution group properties.

This example changes the following parameters for all dynamic distribution groups in the organization:

  • Hide all dynamic distribution groups from the address book

  • Set the maximum message size that can be sent to the group to 5MB

  • Enable moderation

  • Assign the administrator as the group moderator

Get-DynamicDistributionGroup -ResultSize unlimited | Set-DynamicDistributionGroup -HiddenFromAddressListsEnabled $true -MaxReceiveSize 5MB -ModerationEnabled $true -ModeratedBy administrator 

This example adds the proxy SMTP email address, Seattle.Employees@contoso.com, to the All Employees group.

Set-DynamicDistributionGroup -Identity All Employees -EmailAddresses SMTP:All.Employees@contoso.com, smtp:Seattle.Employees@contoso.com 

How do you know this worked?

To verify that youve successfully changed properties for a dynamic distribution group, do the following:

  • In the EAC, select the group and then click Edit Edit to view the property or feature that you changed. Depending on the property that you changed, it might be displayed in the Details pane for the selected group.

  • In the Exchange Management Shell, use the Get-DynamicDistributionGroup cmdlet to verify the changes. One advantage of using the Exchange Management Shell is that you can view multiple properties for multiple groups. In the first example, you would run the following command to verify the new values.

    Get-DynamicDistributionGroup -ResultSize unlimited | Format-List Name,HiddenFromAddressListsEnabled,MaxReceiveSize,ModerationEnabled,ModeratedBy 

    For the example above where the message limits were changed, run this command.

    Get-Mailbox -OrganizationalUnit Marketing | Format-List Name,IssueWarningQuota,ProhibitSendQuota,ProhibitSendReceiveQuota,UseDatabaseQuotaDefaults