Delegation permition Distribution List Exchange 2007
Hi to all,
i need to able a group to add\remove member in a DL in outlook.
SCENARIO:
exchange 2007 5 child domain and 1 parent on windows 2003.
I have created a DL in the parent domain and a domain local\security group in a child1 domain.
i have tryed do:
-Add-ADPermission DL -User child\editgroup -AccessRights WriteProperty -Properties "Member"
-Add-ADPermission -Identity DL -User child\editgroup -AccessRights "WriteProperty" -ExtendedRights "Add/Remove self as member"
-In AD add to DL security tab the editgroup and in advance proprierties i have flag write member
nothing of this work.
Someone have other information that can help me or a documentation?
Thanks.
Maw
September 6th, 2011 5:52am
Hi
To have control over a DL, the User who is going to have permission on the DL, should be presented on the same domain, Member can be of from any domain.
Permissions on DLs can’t cross domains
If user/group assigned permission on a DL from other domain, the cannot modify the DL members.
What you can at this time
The only practical thing to do is export the membership from the DL, delete it, then recreate it in the correct\same domain and import the membership back into it.
Thank you
Free Windows Admin Tool Kit Click here and download it now
September 6th, 2011 8:15am
Hi Rajkumar,
thanks for your reply, but there aren't workaround?
If i create a local security group and i work on AD permition?
There aren't solution?
thx
September 6th, 2011 8:34am
In simple,
To assign permission for a user on a DL to modify the members, both the DL and the user has to be on same domain, else it wont work.
No other work arround as I know and There is no problem in deleting and recreating the DL on the same domain where user or group resides.
Free Windows Admin Tool Kit Click here and download it now
September 6th, 2011 9:09am
Rajkumar is correct, the behavior is by design and elaborated below; article is for 2003 but still applies since it's more of an AD limitation.
Understanding multi-domain DL update and delegate issues after application of Exchange 2003 SP2
http://blogs.technet.com/b/exchange/archive/2007/04/09/3401857.aspxJames Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
September 6th, 2011 10:40am