none
Exchange 2007 groups as managers of distribution groups

    General discussion

  • As we know, with exchange 2010, security groups are no longer able to manage distribution group membership. We used this feature extensively with outlook so our end users could manage distribution group membership as well as folder share security permissions. I had read a few “hacks” out there to make this work, but we decided administratively to use emc or ems to manage group owners instead of aduc. So, how to fix all the groups currently out there? Here is my script that grabs all distribution groups in the domain, finds their managers, if the manager is a group, get the group members, then set the distribution group managers to the members of the former management security group.

    $distributiongroups = get-distributiongroup -resultsize unlimited | where {$_.ManagedBy -ne $null}

    if ($distributiongroups -ne $null){
     $distributiongroups | foreach {
      $DistGroupName = $_.Name
      $ManagedBy = $_.ManagedBy
      $ManagedBy | foreach {
       If (get-distributiongroup $_.Name){
        $DistGroupName
        $DistGroupName >> fixedowners.txt
        $_.Name
        $_.Name >> fixedowners.txt
        $owners = get-distributiongroupmember $_.Name
        $owners
        $owners >> fixedowners.txt
        set-distributiongroup -identity $DistGroupName -managedby $owners -BypassSecurityGroupManagerCheck
       }
       else{
        echo "no"
       }
      }
     }
    }


    Tony Brzoskowski
    • Edited by tobrz Wednesday, January 11, 2012 5:18 PM
    Wednesday, January 11, 2012 5:17 PM

All replies