How to use AD Groups to assign Recipient Policies

Title: How to create Recipient and Mail management policies in Exchange that use AD Groups
by: Paul S. Chapman
edited: 3/25/2005


1) Create a group in AD.
2) Note the exact location and display name of the group (ie. MyFQDN/MyOU/MyOU/MyGroup)
3) Change this to an LDAP distinguished name (ie. CN=MyGroup,OU=MyOU,OU=MyOU,DC=MyDomain,DC=MyTLD)
4) Open Exchange System Manager
5) Drill down the Tree: Organization --> Recipients --> Recipient Policy
6) Right Click on Recipient Policy and choose New
7) Select the type of policy you are building and click OK
8) Assign a Name to the Policy
9) Click on "Modify"
10) Select "Custom Search" from the Find drop down box
11) Select the Advanced Tab
12) Insert this query:
[blue](&(&(&(objectCategory=person)(objectClass=user))(|(homeMDB=*)(msExchHomeServerName=*)))(memberOf=[red]CN=MyGroup,OU=MyOU,OU=MyOU,DC=MyDomain,DC=MyTLD[/red]))[/blue]

NOTE
Remove any extraneous carriage returns (if you cut and pasted the line)
Replace the red text with the distinguished name of your group
This query should find all users that have an Exchange Mailbox and are members of the listed group.

13) Click on the "Find Now" button to verify that the query works correctly
14) Click on OK
15) Select the E-Mail Addresses (Policy) or Mailbox Manager Settings (Policy) tab and finish defining the Policy


For more information on creating LDAP filters see this FAQ:
[link http://www.tek-tips.com/faqs.cfm?fid=5667]http://www.tek-tips.com/faqs.cfm?fid=5667[/link]