Recipe17.21.Creating a Query-Based Distribution List

Previous page
Table of content
Next page

Recipe 17.21. Creating a Query-Based Distribution List

Problem

You want to create a query-based distribution list.

Creating a mail-enabled query-based distribution list requires the Exchange organization be in Exchange Native Mode. See MS KB 829577.


Solution

Using a graphical user interface

  1. Open the ADUC snap-in.

    This needs to be run on a workstation or server that has the Exchange Management Tools loaded (see Recipe 17.6).


  2. If you need to change domains, right-click on Active Directory Users and Computers in the left pane, select Connect to Domain, enter the domain name, and click OK.

  3. In the left pane, browse to the parent container of the new object, right-click on it and select New

    Enter the group name and mail alias and click Next.

  4. Select the search base, enter the specifics of the filter, and then click Next.

    The filter should be a standard LDAP filtere.g., (&(objectcate-gory=user)(homeMDB=*)( employeeType=FT)).


  5. Verify the summary and click Finish.

Using a command-line interface

First, you need to create an LDIF file called add_qbdl.ldf with the following contents:

dn: CN=<QB DL Name>,<ParentDN>  changetype: add cn: <QB DL Name> displayName: <QB DL Name> objectClass: msExchDynamicDistributionList mailNickname: <mail nickname> legacyExchangeDN: <legacy Exchange DN> msExchDynamicDLFilter: <LDAP Filter> msExchDynamicDLBaseDN: <BaseDN> reportToOriginator: TRUE systemFlags: 1610612736

Replace <QB DL Name> with the name of the address list, <mail nickname> with the mail nickname, <legacy Exchange DN> with the appropriate legacy Exchange DN value, <LDAP Filter> with the specific LDAP filter you want to be used to determine group membership, <BaseDN> with the base distinguished name you want used in combination with the filter, and <ParentDN> with the distinguished name of the container you want the group created in. Then run the following command:

> ldifde -i -f add-qbdl.ldf

Using VBScript
' This code creates and mail enables a Query-Based Distribution List. ' ------ SCRIPT CONFIGURATION ------ strParentDN  = "<Parent DN>"   ' e.g., ou=groups,dc=rallencorp,dc=com strGroupName ="<DL Name>"      ' e.g., Sales Dept strBaseDN = "<Base DN>"        ' e.g., ou=mail,dc=rallencorp,dc=com strFilter = "<Filter>"         ' e.g., (&( department=sales)(homemdb=*))  strLegacyDN = "<Legacy DN of Recipients>" & "/cn=" & strGroupName ' e.g. /o=RALLENCORPMAIL/ou=First Administrative Group/cn=Recipients     ' ------ END CONFIGURATION --------- ' Set Dynamic values set objOU = GetObject("LDAP://" & strParentDN) set objGroup = objOU.Create("msExchDynamicDistributionList","cn=" & _                             strGroupName) objGroup.Put "msExchDynamicDLBaseDN", strBaseDN objGroup.Put "msExchDynamicDLFilter", strFilter objGroup.Put "displayName", strGroupName objGroup.Put "mailNickname", strGroupName objGroup.Put "legacyExchangeDN",strLegacyDN     ' Set static values objGroup.Put "systemFlags",1610612736 objGroup.Put "reportToOriginator",TRUE     objGroup.SetInfo Wscript.Echo "Successfully created query-based DL."

Discussion

Exchange Server 2003 has introduced a new type of distribution list: the query-based DL. These are, as implied by name, distribution lists that are built on the fly based on a query; specifically an LDAP query against Active Directory.

Creating a mail-enabled query based distribution list requires Exchange Data Administrator permissions. See the Discussion for Recipe 17.7.


This is an extremely powerful addition for Exchange, but you have to be careful because you can get into trouble with it. Unlike address lists, the query-based DL is resolved each time it is used with an actual LDAP query against Active Directory. This means that the query needs to be efficient. Used enough, a poorly designed query for the DL could severely impact Exchange and Active Directory performance. You will want to use indexed attributes and avoid bitwise operators, the NOT operator, and medial search strings as per normal Active Directory efficient programming guidelines. A medial search string is a search string that has a wildcard somewhere other than at the end of the string (e.g., *llen or j*e). See MSDN for more details (search for "Creating Efficient Active Directory Queries").

For Windows Server 2003 Active Directory, Microsoft made an un-documented change concerning how the Query Processor (QP) worked with linked attributes. Linked attributes, due to how they are stored, are implicitly indexed but the Windows 2000 QP did not take advantage of these indices. In Windows Server 2003 Active Directory, the QP will use the implicit indexes for all linked attributes and greatly speed up searches using those attributes. This has tremendous implications around attributes such as homeMDB and member and the speed at which you can search on those attributes.


Unlike every other object you can mail-enable, when you create a query-based DL you are not using the CDOEXM interface. However, when you create this object with ADUC, the Exchange Management tools must be loaded or the distribution list object will not be properly populated and will not function properly. When creating the object from script or command line, you directly set all of the Active Directory attributes of the msExchDynamicDistributionList object. The specific changes that need to be made are to the following attributes:

  • displayName

  • mailNickname

  • reportToOriginator

  • legacyExchangeDN

  • systemFlags

  • msExchDynamicDLBaseDN

  • msExchDynamicDLBaseFilter

Using a graphical user interface

Using the GUI is probably the safest way to generate a query for these DLs unless you are very familiar with how to make efficient Active Directory queries. The GUI is configured to help direct you to create queries that are more efficient. If they are created in the ADUC, you will not have to deal with the legacyExchange and mailNickname issues discussed below.

Using a command-line interface

This example follows the standard LDIF method of importing or modifying an object used in other examples. See the command-line interface discussion from Recipe 17.9.

In Recipe 17.9, there is discussion indicating that you can avoid specifying the legacyExchangeDN attribute and Exchange will auto-generate a value for you. Unfortunately, this functionality is not extended to the Query-Based DL at this time.


Using VBScript

This is the only script in this chapter for mail-enabling objects that doesn't have a nice simple interface. It seems when Microsoft came up with the query-based distribution list object, they totally forgot about people who script and use the command line. You would expect that you could use the CDOEXM MailEnable method, but unfortunately it doesn't work. This is the only script in this chapter that has no choice but to deal with the legacyExchangeDN and mailNickname attributes. See the notes on these two attributes in the command-line interface discussion from Recipe Recipe 17.9.

See Also

MS KB 251631 (XADM: How to Create Distribution Lists in Exchange 2000 Server), MS KB 822897 (How to Troubleshoot Query-Based Distribution Groups), MS KB 829577 (Mixed mod e vs. native mode in Exchange Server 2003), and MSDN: Creating More Efficient Microsoft Active Directory-Enabled Applications


Previous page
Table of content
Next page
Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
VBScript Programmers Reference
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Twisted Network Programming Essentials
Junos Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy