Distribution Group that can manage itself?
In Exchange 2007 I know I can give permissions to a particular user to be able to add/remove members to/from a distribution group but ideally I would like to assign those same rights to the distribution group itself so that each member can add or remove members. Has anyone done anything like this? I've considered just doing a for loop in powershell to assign the rights to the individual members of the group on a nightly basis but that solution would not be able to remove the rights from people removed from the group.
May 29th, 2009 9:04pm
You can write a script something like this...
# Remove all non-inherited WriteProperty permission from the group, including non-existing members and existing members also...
Get-Adpermission "Distribution Group" | where {($_.AccessRights -like "*writeproperty*") -and ($_.IsInherited -eq $false)} | Remove-ADPermission -Confirm:$false
# Get group in to a variable
$Group = Get-Group "Distribution Group"
# Get Member List
$Members = $Group.Members
# Give WriteProperty permission to all current members on the group.
$Members | foreach {add-adpermission $group.name -accessrights "WriteProperty" -user $_.name}
Hope this helps...!
Amit Tank | MVP Exchange Server | MCITP: EMA | MCSA: M | http://ExchangeShare.WordPress.com
Free Windows Admin Tool Kit Click here and download it now
May 30th, 2009 6:27pm
Ah, that seems like a simple enough way to hande it. Thanks Amit!
June 1st, 2009 7:11pm