|
How can I
work with Query-Based Distribution
groups in Windows Server 2003 and
Exchange Server 2003?
Windows
Server 2003 and Exchange Server 2003
have a new group type called
"Queries-Based Distribution groups".
With the new Queries-Based Distribution
groups we can now create new types of
distribution groups that are different
from the regular type of distribution
groups.
The reason
for this difference is the fact that the
Queries-Based Distribution groups are
dynamic by nature and their membership
is not static as in regular types of
groups. The members of Queries-Based
Distribution groups are dynamically
inserted or removed from the group when
they fall under the scope of the group's
LDAP-based search filter.
Note: In order to
be able to use
Queries-Based Distribution groups you
need to be running a Windows Server 2003
AD and Exchange Server 2003. These types
of groups are not present in Windows
2000 AD, nor are they present if
Exchange Server 2003 is not installed in
your organization.
To create a
Queries-Based Distribution group
perform the following steps:
-
In the Windows Server
2003 AD Users and Computers
right-click any OU you want and
choose New > Query-Based
Distribution Group.
-
In the New Object
window, give the new group a name
and Alias and click Next.
Note: Make
sure you do NOT enter an Alias in
Hebrew. The e-mail address of the
new group will be based upon this
alias (unless you change it later),
and Hebrew characters will cause the
e-mail address to be somewhat
unpredictable and containing
numbers.
-
In the New Object
window select the search scope of
the new group (i.e. the entire
domain or just one OU). You can
choose one of the pre-defined search
parameters, or, if you want to be
more precise, you can select the
Customize Filter radio-button and
then click on Customize.
-
In the Find window
click on the drop-down list to
select the type of query you want to
create.
You can use some of
the built-in attributes or create
your own set of attribute-based
query. In this example I've created
a custom search by using a manually
entered LDAP search string.
See my LDAP Search
Samples for Windows Server 2003 and
Exchange 2000/2003 article for many
LDAP search samples you can use.
-
When you're done with
the search filter click Ok. You can
now go to the Preview tab and see
the results your filter gave you.
These will be the group's members,
and if you're satisfied with what
you saw - click Ok.
-
Changing the search
filter for the group is easy and can
be done at any time. Just make sure
you test the resulting members by
pressing the Start button in the
Preview tab of the Query-Based
Distribution group.
-
Wait a few minutes
before the group gets it's e-mail
address listed. This is because of
latency issues with the Recipient
Update Service (RUS) in Exchange. In
order for the group to get their
e-mail address faster you could
manually update the RUS instances in
the Exchange System Manager.
The moment the new group
gets the e-mail address you wanted
(remember, you can easily change it
later) you will be able to send e-mail
to this group and see it in the Global
Address List (GAL).
Remember: This is
a Distribution group, not a Security
group, therefore you cannot use this
group to grant permissions to users. |
