locked
Exception when adding a Distribution Group to the managedBy attribute of another Exchange 2010 Distribution Group. RRS feed

  • Question

  • Hi everyone,

    I'm trying to give Write access to a Distribution Group and I used to do this with Exchange 2007 Distribution Group by adding users/distribution groups to the WriteMember attribute (NT Security Descriptor). However, this is totally different with Exchange 2010 Distribution Groups and the managedBy attribute has to be used instead.

    This works fine when I add a UserMailBox to the managedBY attribute as shown below:

    Set-DistributionGroup -identity test-dl -ManagedBy JohnSmith –BypassSecurityGroupManagerCheck -ForceUpgrade

    However, it's resulting in an error as shown below when I add another Exchange 2010 Distribution Group to the managedBy attribute of this Exchange 2010 Distribution Group. This is really puzzling. Is this a bug or am I missing something? Is there another way I can add an Exchange 2010 Distribution Group to the managedBy attribute? Any help would be greatly appreicated.

     

    [PS] C:\Windows\system32>Set-DistributionGroup -identity test1-dl -ManagedBy test2-dl -BypassSecurityGroupManagerCheck
    The group "XXX/Groups/Distribution/test2-dl" can't be managed by recipient "XXX/Groups/Distribution/test1-dl". The owner of the group should have the follow
    ing recipient type details: UserMailbox,LegacyMailbox,SharedMailbox,MailUser,LinkedMailbox,RemoteUserMailbox,RemoteSharedMailbox,MailContact,User
        + CategoryInfo          : NotSpecified: (ic.ac.uk/Imperi...-sanjaytest2-dl:ADObjectId) [Set-DistributionGroup], Re
       cipientTaskException
        + FullyQualifiedErrorId : 85C1C806,Microsoft.Exchange.Management.RecipientTasks.SetDistributionGroup

     

    Friday, March 11, 2011 11:46 AM

Answers

  • Alex,

    What you are doing is doesn't work as stated by the error message:

    Only the following recipients can manage the distributiongroups:

    UserMailbox,LegacyMailbox,SharedMailbox,MailUser,LinkedMailbox,RemoteUserMailbox,RemoteSharedMailbox,MailContact,User

    Regards,

    Johan


    Exchange-blog: www.johanveldhuis.nl
    • Marked as answer by emma.yoyo Friday, March 18, 2011 1:09 AM
    Friday, March 11, 2011 11:54 AM
  • Hi Alex,

    Seems like you have to add members of other group to the Managedby one by one manually using EMC. Even if you can add the group to "Managed By" tab using ADUC, there will be an error in the DG's properties in the EMC, and the member still cannot manage the DG.

    Or you can add all members to the Manageby using cmdlet at one time, e.g.

    $DG = Get-DistributionGroup "Owner-DL"

    Get-DistributionGroupMember "other group" | foreach {$DG.ManagedBy += $_.DistinguishedName}

    Set-DistributionGroup "Owner-DL" -ManagedBy $DG.ManagedBy

    After you run the cmdlets, please read a blog:

    How to Manage Groups that I already own in Exchange 2010?

    http://blogs.technet.com/b/exchange/archive/2009/11/18/3408844.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by emma.yoyo Friday, March 18, 2011 1:09 AM
    Wednesday, March 16, 2011 5:08 AM

All replies

  • Alex,

    What you are doing is doesn't work as stated by the error message:

    Only the following recipients can manage the distributiongroups:

    UserMailbox,LegacyMailbox,SharedMailbox,MailUser,LinkedMailbox,RemoteUserMailbox,RemoteSharedMailbox,MailContact,User

    Regards,

    Johan


    Exchange-blog: www.johanveldhuis.nl
    • Marked as answer by emma.yoyo Friday, March 18, 2011 1:09 AM
    Friday, March 11, 2011 11:54 AM
  • Is there any other way of having a DistributionGroup to manage another DistributionGroup? What we have in place now is that we usually have an Owner-DL and the members of this Owner DL can then manage any other group that has the Owner-DL in it's managedBy attribute. Thanks again.

     

    Alex

    Friday, March 11, 2011 12:11 PM
  • Hi Alex,

    Seems like you have to add members of other group to the Managedby one by one manually using EMC. Even if you can add the group to "Managed By" tab using ADUC, there will be an error in the DG's properties in the EMC, and the member still cannot manage the DG.

    Or you can add all members to the Manageby using cmdlet at one time, e.g.

    $DG = Get-DistributionGroup "Owner-DL"

    Get-DistributionGroupMember "other group" | foreach {$DG.ManagedBy += $_.DistinguishedName}

    Set-DistributionGroup "Owner-DL" -ManagedBy $DG.ManagedBy

    After you run the cmdlets, please read a blog:

    How to Manage Groups that I already own in Exchange 2010?

    http://blogs.technet.com/b/exchange/archive/2009/11/18/3408844.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by emma.yoyo Friday, March 18, 2011 1:09 AM
    Wednesday, March 16, 2011 5:08 AM