a way/script to pull names from a query-based distribution group

I am being tasked to find a way to pull names from a query-based distribution group for another department so they can manually verify who is actually in the groups to make sure they belong in them. Is there a script that someone has used before that can provide this information? I've been searching high and low for any sort of answer and have found nothing other than it isn't possible.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

Yes, but you'd just be executing the query and parsing the results. Query based distribution groups have no membership except a point in time membership when a query is executed to expand membership.

If you just want to execute the query you'll need to let us know the server of Exchange. The method for 2003 differs from 2007.

MedassurantAuthor Commented:
Sorry. I didn't think about that. it's Exchange 2003.
MedassurantAuthor Commented:
Actually, if I could get it for both that would be great. We are in the process of converting from 2003 to 2007 so having the 2007 version for the future would  be awesome.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Chris DentPowerShell DeveloperCommented:

You have quite a few methods available to you here. You could use AD Users and Computers Custom query, but that might be a bit hard work if you need to do this a lot.

We can also use DSQuery to get information like this, but it's not as flexible as would perhaps be nice. Then there's PowerShell which I love, but will need you to download things.

So... this example is VbScript (save as .vbs).

You need to fill in the value for "strFilter", this should contain the string used to filter the group. Do you need a base for the search other than the domain root (it fills that in for you at the moment, defaultNamingContext)?

It will return all fields listed in strFields (they must be entered as a comma delimited list).

The file returned by the script is Tab Delimited but should open up in Excel moderately neatly.


strFilter = "(sAMAccountName=*dentc)"
strFields = "distinguishedName,name,department"
Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.OpenTextFile("groupmembers.txt", 2, True, 0)
objFile.WriteLine Replace(strFields, ",", VbTab)
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objRootDSE = GetObject("LDAP://RootDSE")
Set objRecordSet = objConnection.Execute( _
  "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">;" & _
  strFilter & ";" & strFields & ";subtree")
Set objRootDSE = Nothing
Dim arrLine()
While Not objRecordSet.EOF
  arrFields = Split(strFields, ",")
  ReDim arrLine(0)
  For i = 0 to UBound(arrFields)
    ReDim Preserve arrLine(i) : arrLine(i) = ""
    On Error Resume Next
    arrLine(i) = objRecordSet.Fields(arrFields(i)).Value
    On Error Goto 0
  objFile.WriteLine Join(arrLine, VbTab)

Open in new window


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Chris DentPowerShell DeveloperCommented:

For Exchange 2007 it's nice and easy :) It's done from the Exchange Management Shell, you'd just need to fill in the group name, this one  exports the data returned to a CSV file.


$Group = Get-DynamicDistributionGroup "YourGroup"
$Recipients = Get-Recipient -RecipientPreviewFilter $Group.RecipientFilter
$Recipients | Export-CSV -Path "members.csv"

Open in new window

MedassurantAuthor Commented:
I'm not sure that the question was fully understood. After getting these answers,(and nto understanding much myself), I showed it to our Senior SysAdmin just to take a look because to me, it looked like it was only doing a search on job title and giving out the results where what I needed was essentially to query a query I guess. To actually find a way to view the "Preview" in a query based distribution group. Which by other forums and such I've seen, just isn't possible.
Chris DentPowerShell DeveloperCommented:

The server itself only expands the lists at a point in time, only when it is required to do so to actually send to the recipients.

That means we don't have a static data set we can query. Instead our only option is to execute the query used by the list against AD. That's what the scripts above do, the Exchange 2007 version is must more elegant (or at least shorter) but technically isn't different in approach.

The Preview button works in exactly the same way. It ignores the group itself, and simply executes the query against AD, returning the results to the form or page to display them.

Looking at the VbScript above again, we have these fields at the top:

strFilter = "(sAMAccountName=*dentc)"
strFields = "distinguishedName,name,department"

Fields is just what the search returns, we can add as many as we want in there, it doesn't alter the search in any way, but if the results are being handed to someone else to verify it can include enough to make verification easy.

Filter on the other hand should be the LDAP filter used in the Query for the dynamic list. Running the script should return us exactly the same results as using the Preview button.

We could potentially extend the script so that it reads the query directly from the group rather than having it set by us. That wouldn't be very hard to sort out.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.