Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Adding a group to multiple Distribution list
Adding a group to multiple Distribution list [message #155479] Sat, 30 May 2009 06:26 Go to next message
Amarnath  is currently offline Amarnath
Messages: 21
Registered: July 2009
Junior Member
I just wanted to know, how to add a single group to multiple distribution
list (appr 150 lists).
and members those are in single group needs to manage all the 150
distribution lists (i.e they should be owner of the distribution list).

Help is really appreciated.
Re: Adding a group to multiple Distribution list [message #155486 is a reply to message #155479] Sat, 30 May 2009 13:26 Go to previous message
rlmueller-nospam  is currently offline rlmueller-nospam  United States
Messages: 292
Registered: July 2009
Senior Member
"Amarnath" <Amarnath @discussions.microsoft.com> wrote in message
news:BD2EB60C-BF9D-45E2-92C2-EA68DC71C05F@microsoft.com...
>I just wanted to know, how to add a single group to multiple distribution
> list (appr 150 lists).
> and members those are in single group needs to manage all the 150
> distribution lists (i.e they should be owner of the distribution list).
>
> Help is really appreciated.

The "owner" of an object is specified in the security descriptor of the
object. But distribution lists do not have security descriptors, so they
cannot have an "owner". There is a managedBy attribute, which specifies the
user or contact that manages the group. However, this must be the
Distinguished Name of a user or contact. It cannot be a group. Exchange may
have some other mechanism for what you want.

To add a single group to multiple distribution groups, you must specify the
Distinguished Name of the group (of any kind) to be added as a member. Also,
you need a list of the Distinguished Names of the distribution groups,
perhaps in a text file. A VBScript solution would be similar to below:
===========
Option Explicit

Dim strGroupList, strNewMember, objNewMember, objGroup
Dim objFSO, objList, strGroup

Const ForReading = 1

' Specify Distinguished Name of new member (group or user).
strNewMember = "cn=MyList,ou=West,dc=MyDomain,dc=com:"

' Specify list of distribute group Distinguished Names.
strGroupList = "c:\Scripts\groups.txt"

' Bind to the new member object.
Set objNewMember = GetObject("LDAP://" & strNewMember)

' Open the file of group names for read access.
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objList = objFSO.OpenTextFile(strGroupList, ForReading)

' Read the list of Distinguished Names.
Do Until objList.AtEndOfStream
strGroup = Trim(objList.ReadLine)
' Skip blank lines.
If (strGroup <> "") Then
' Bind to the Distribution Group.
' Trap error if group not found.
On Error Resume Next
Set objGroup = GetObject("LDAP://" & strGroup)
If (Err.Number <> 0) Then
On Error GoTo 0
' Check if specified group already a member
' of this distribution group.
If (objGroup.IsMember(objNewMember.AdsPath) = False) Then
' Not a member, add to group.
objGroup.Add(objNewMember.AdsPath)
End If
Else
On Error GoTo 0
Wscript.Echo strGroup & " not found"
End If
End If
Loop

' Clean up.
objList.Close
=======
This can still be done if the list of distribution group names is the
"pre-Windows 2000 logon" names, but the script would require a few more
steps. You would use the NameTranslate object to convert the "pre-Windows
2000" names into Distinguished Names. You could also code a VBScript program
to spit out the Distinguished Names of all Distribution groups in the domain
(or in an OU) and echo the output to a text file to create the list. That
script would use ADO to retrieve the names. For information on using
NameTranslate in VBScript see this link:

http://www.rlmueller.net/NameTranslateFAQ.htm

For information on using ADO in VBScript see this link:

http://www.rlmueller.net/ADOSearchTips.htm

Using the syntax from this last link, the filter for all distribution groups
would be:

strFilter = "(&(objectCategory=group)" _
& "(!groupType:1.2.840.113556.1.4.803:=2147483648))"

That is also the filter that would be used in any command line utilities to
retrieve Distinguished Names, like dsquery or adfind.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
Previous Topic:Recover Windows Server 2003 DC that won't boot but drive can be read
Next Topic:Re: MMC 40000015
Goto Forum:
  


Current Time: Sun Sep 24 15:17:59 EDT 2017

Total time taken to generate the page: 0.03371 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software