Understanding Distribution Groups
In Exchange Server 2010, distribution groups serve two primary purposes: They can be used as email distribution groups created to expedite the mass sending of email messages, calendar invitations, and other information within an Exchange Server organization, or a security group to assign permissions to a shared resource. Whether you create a distribution group or a security group, the same utility (New Distribution Group) is utilized.
Whether a distribution group or a security group is wanted, the group is created as a mailenabled Active Directory group object. When a sender sends a message to a distribution group, the server takes the original message, accesses the distribution group membership, and sends the message to each recipient in the membership list; this is known as "distribution group expansion." In Exchange Server 2010, distribution groups are configured to use any Hub Transport server as the distribution group expansion server. Although this default behavior can be modified, this default setting is a recommended best practice.
By default, distribution groups created in Exchange Server 2010 require that all senders be authenticated. This prevents external senders from sending messages to distribution groups. To configure a new distribution group to accept messages from all senders, you must modify the message delivery restriction settings on the object.
To create or modify distribution groups, the user must be assigned to either the Organization Management or Recipient Management role.
Creating Distribution Groups in the EMC
To create a new distribution group in the Exchange Management Console, perform the following steps:
- Start the Exchange Management Console.
- In the Console Tree, navigate to the Recipient Configuration \ Distribution Group node.
- In the action pane, click New Distribution Group. The New Distribution Group Wizard appears.
- On the Introduction page, select New Group, and then click Next.
- On the Group Information page, complete the following fields:
- Group Type-To create a distribution group, select Distribution. To create a security group, click Security. The remaining steps are identical, regardless of which type of group you create.
- Organizational Unit-By default, the New Distribution Group is created in the Users Organizational Unit (OU) in Active Directory. To change the default OU, select the box labeled Specify the Organizational Unit Rather Than Using a Default One; then click Browse and select the desired OU.
- Name-Enter the desired name for the group.
- Name (pre-Windows 2000)-By default, the group name for pre-Windows 2000 operating systems is automatically generated to be the same as the group name. You can modify the name in this field (not recommended).
- Alias-Enter the desired alias for the group. This is the name used to generate the default email address for the distribution group, so it must contain only characters that can be used in a valid SMTP address. (For example, no spaces can be used.) If you select an invalid character, the wizard notifies you. Enter the desired alias.
- Click Next.
- On the New Distribution Group page, review the Configuration Summary. To make any configuration changes, click Back. To create the new distribution group, click New.
- On the Completion page, the summary states whether the distribution group was successfully created. The summary also displays the Exchange Management Shell command that was used to create the distribution group.
- Click Finish.
Creating Distribution Groups in the EMS
To create a new distribution group in the Exchange Management Shell, you can use the following command syntax:
New-DistributionGroup -Name "GroupNameHere" -OrganizationalUnit "companyabc.com/users" -Type "Distribution OR Security" -SamAccountName
"GroupNameHere" -Alias "AliasHere"
Creating Distribution Groups in the ECP
New in Exchange Server 2010 is the ability to create and manage distribution lists from within the Exchange Control Panel web interface.
Before we discuss the process, there are a few items to note:
- Although both Mail Universal Distribution Groups and Mail Universal Security Groups are visible from within the ECP, there is no noticeable differentiation between the two.
- All distribution groups created from within the ECP are created as Mail Universal Distribution Groups; there is no option to create a security group.
- Dynamic Distribution Groups are not visible from within the ECP, nor can new ones be created there.
The ability to create new groups using the ECP is governed by RBAC. Users must be granted the permission to do so before the following process can be accomplished.
To create a new distribution group in the ECP, perform the following steps:
- Connect to the ECP by logging into OWA as an administrator and selecting the Options page, clicking Manage Your Organization, and selecting the Groups icon. Alternatively, you can go directly to https://{your CAS server name}/ecp and authenticate through OWA.
- Under Groups, click the New button.
- In the New Group window, complete the following fields:
- Display Name-(Required)-This name must be unique in the domain. This is the name that displays in the address book and on the To: line when mail is sent to the group. The display name should be user-friendly to help people recognize the purpose or membership of the group.
- Alias-(Required)-This is the name portion of the email address that appears to the left of the @ symbol. The alias must be unique in the domain and, because it is part of the email address, cannot contain any spaces.
- Description-(Not Required)-This description populates the Notes field for the object. This descriptive name can be viewed by employees who view the properties of the distribution list. If populated, the field should describe the purpose or membership of the group.
- Ownership-(Required)-Owners can add members to the group, approve or reject requests to join, and approve or reject messages sent to the group. By default, the person creating the group is added as a group owner. If an administrator creates the group at the request of an employee, the administrator can add the employee as an owner and then remove herself.
- Membership-(Not Required)-By default, all group owners are added as group members. If this behavior is not desired, deselect the check box for this option. Add or remove members to the group as desired.
- Membership Approval-(Required)-New to distribution groups in Exchange Server 2010 is the ability for users to self-manage their distribution lists, joining those that interest them and leaving those that don't. During the creation of the distribution group using the ECP, the following options are available:
- Owner Approval-Open-Anyone can join the group without being approved by the group owners.
- Owner Approval-Closed-Members can be added only by the group owners. All requests to join will be rejected automatically.
- Owner Approval-Owner Approval-All requests are approved or rejected by the group owners.
- Group Open to Leave-Open-Anyone can leave the group without being approved by the group owners.
- Group Open to Leave-Closed-Members can be removed only by the group owners. All requests to leave will be rejected automatically.
- After all fields have been populated and all options selected, click Save to create the distribution group.
In this tutorial:
- Administering an Exchange Server
- Role Based Access Control
- Shared Versus Split Permissions Models
- Configuring Exchange Server 2010 for Split Permissions
- Administrative Tools
- Exchange Management Console
- Exchange Management Shell Command Log
- Exchange Control Panel
- Performing Common Tasks
- Creating Multiple Mailboxes in the Exchange Management Shell
- Understanding Distribution Groups
- Dynamic Distribution Groups
- Managing Distribution Groups
- Creating Mail Contacts
- Managing Disconnected Mailboxes
- Moving Mailboxes
- Recipient Configuration
- Mail Flow Settings
- Mailbox Features
- Managing Email Addresses
- Understanding Archiving
- Enabling Archiving on a Mailbox
- Using the Exchange Server 2010 Toolbox
- Public Folder Management Console
- Mail Flow Troubleshooter
- Routing Log Viewer
- Exchange Server Coexistence
- Server Administration
- Setting Limits on Databases