Using PowerShell to Manage Dynamic Distribution Groups and Recipient Filters in Exchange Server

Home > Blogs > Exchange Server > Using PowerShell to Manage Dynamic Distribution Groups and Recipient Filters in Exchange Server

Using PowerShell to Manage Dynamic Distribution Groups and Recipient Filters in Exchange Server

1 9 Mike Pfeiffer
Added by March 19, 2014

Using PowerShell to Manage Dynamic Distribution Groups and Recipient Filters in Exchange Server.

Dynamic Distribution Groups in Exchange Server are a little bit different than your typical Distribution Group.


For example, if I go into this Marketing Distribution Group and take a look at the members, you can see that this is a static list of members straight out of active directory that have mailboxes.


The group of users in this list is determined long before anybody ever sends an email message to it. The idea with Dynamic Distribution Groups is that we can basically determine that membership list based off of a query. This would be a query of maybe the users have a certain attribute for their job title or their department or a number of other things.

In the actions screen you can see that we have the ability to create a dynamic Distribution Group in addition to just a regular Distribution Group.


Let’s go ahead and run through that real quick.

I’m going to click on new dynamic Distribution Group and I’m going to call this one Human Resources. The alias will be the same just no spaces involved here, HumanResources.


I’m going to hit next and here are the filter settings that we’re using as a way to define membership list.


I’m going to scope this group.

It’s basically anything in Active Directory.


I’ve got one domain in a single forest so I want to look for any recipients in that entire domain and forest and I’m going to let all recipient types to be affected by this.


Here are really my conditions. I have a few options here in the graphical.


I can say well maybe the recipient is in that HR department.


I’ve got the ability to key that out to company or the state or some of these custom attributes but that’s about it.

In a scenario where I have more criteria using the GUI is a little limiting. We can use PowerShell to add multiple attributes to this that aren’t on this list. For example, I might want the job title to be part of that query as well. Instead of creating this with the GUI, I’m actually going to go in the Shell and do this.

Let’s bring this up and the cmdlet for this is New-DynamicDistributionGroup.


I’m going to call this ‘Human Resources’ again. This will be the display name that my recipient container will be uss.local.


I’m going to use the recipient filter parameter. It’s hard to see this here because its line wrapping but it’s the recipient filter parameter.


I want to specify my filter syntax using something called OPATH. Good thing is it looks just like a filter you would write in typical PowerShell. Starting with Exchange 2007, we no longer use LDAT filters and we use OPATH‑filtering syntax.

I’m going to open a curly brace { and I’m going to say title, that’s the property that I’m interested here equals HR manager and I’m going to close that off there.


I’m using single quotes here because there’s a space in that string. I’m also going to do a dash or (-or). I’m going to look for two separate things either have a department attribute set to HR or the department title or the user title, I should say, set to HR manager.


This is using a filter that I couldn’t actually do in the graphical console. Let me hit enter to create this group. It looks like I’ve misspelled one of my attributes here so it should be department. Again, make sure you read the errors.


It tells me exactly what the problem is, the filter, the property that I’ve been trying to use is not valid. Basically, I had to re‑read that notice that I have misspelled it. Let’s try that again. Hit enter and OK, now that’s created.


If we go back in the console and refresh this, we’ve now created this human resources group.



If we preview the members on the filter tab.


You can now see that it has gone out to active directory. Check both of those attributes and put that collection of users here in that group.


When the messages are sent to this recipient, the members will be determined at the time that message hits the transport pipeline and that query is run against active directory.

Something else that’s interesting with this is if you look here, this filter that was added.


This is what we use at first. Title equals HR manager, department equals HR. But, then, Exchange Server added all this other stuff for us here. It is filtering out all of these system mailboxes and CAS accounts and all the things mailbox plans, discovery mailboxes. The things that the system uses.

You don’t have to know to filter this stuff out but remember that when you’re creating this with these filters, Exchange is going to do that for you. We can’t actually modify this filter in this screen from here. If we wanted to change this at this point, obviously, you need to go into PowerShell to do this. Let me clear this screen. We’ll take a look at a couple other things.

What I’m going to do is I’m going to do a $var for a variable. I’m going to do a Get-DynamicDistributionGroup ‘Human resources’ and that will save an instance to that group in the variable.


I’m going to do a $var .RecipientFilter.


Here in the Shell, you can see the recipient filter just like we were looking at in the console.


Really the use case for getting to this data would be if you wanted to preview the membership in the shell.

You could actually use this variable to do that. For example, I could say Get-Recipient and say my RecipientPreviewFilter is $var.RecipientFilter.


You can see that it executes that query and gives me back the recipients that match the filter.


Now, one of the things that you might be thinking right now is how do I know which properties I can filter on?

If we’re looking at our filter again or the title, the department. How would I actually know which ones those are? Which ones are available to me? When it comes to that, you have to go to the documentation. The cmdlet help isn’t going to give you that information specifically. There’s also this parameter, the recipient filter parameter on multiple cmdlets.

What I would recommend it that you go out to Technet that talks about this. Filterable Properties for the -RecipientFilter Parameter. This article has a list of different recipient filters that you can use and the appropriate values for those. There has been some instances where I’ll run into things where there’s a property that’s filterable that is not on this list. You got to keep track for this and hopefully, that would be completely updated at some point.


But notice the recipient filter parameters available not only new Dynamic Distribution Group but all this other ones as well and if you scroll down here, you can see there’s a table that will tell you here’s the property names that you can filter on and there’s a real long list here.


If you were not sure which ones you can use, I would recommend you go to this article and check that out.

That’s the process of using the Shell to manage Distribution Groups, Dynamic Distribution Groups. Work with the filters and actually query those filters from the command line.

Videos You May Like

A Simple Introduction to Cisco CML2

0 3874 0

Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2

Cable Testers and How to Use them in Network Environments

0 720 1

This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments

Government Edition – Encrypting a USB Flash Drive in Windows 10

0 274 2

In this video, Security Instructor Mike Danseglio demonstrates how to use BitLocker in Window 10 to secure files on a USB Flash drive that adhere to stricter data protection requirements as found inside Government entities. BitLocker 2-day instructor-led training is now available at Interface: BITLOCK: Planning and Deploying BitLocker Drive Encryption Training Video Transcription: Hi. … Continue reading Government Edition – Encrypting a USB Flash Drive in Windows 10

Write a Comment

See what people are saying...

  1. Pingback: Exchange 2010: AD group for a Dynamic Distribution List | YASAB

Share your thoughts...

Please fill out the comment form below to post a reply.