Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 665
  • Last Modified:

Exchange 2007 restrict recipients by storage group

I need to restrict the max recipient value for members of a specific storage group in Exchange 2007, as opposed to changing the global value for all users.  Is there any way to do this ?

Thanks
0
cmdown
Asked:
cmdown
  • 10
  • 7
  • 4
  • +1
4 Solutions
 
AkhaterCommented:
no it can be done only by hub server or by organization you can't do it per storage group
0
 
Glen KnightCommented:
This is not possible.
0
 
cmdownAuthor Commented:
Thank you both for your replies.  Given your comments, what would be the easiest way to achieve the desired result?
i.e.
Members of exchange storage group A, in AD security group 1 - no recipient restriction
Members of exchange storage group B, in AD security group 2 - max 5 recipients

Thanks
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Glen KnightCommented:
As already said, without the use of third party tools (and I am not aware of any that do this) you cannot achive restrictions on a per sender basis.
0
 
AkhaterCommented:
what you should give a try is a hub transport rule that will reject emails for all members of distribution gtoupx if it has more then y recipients
0
 
Glen KnightCommented:
That's a possibility, see here for how to configure a Transport Rule: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3222-Prevent-users-sending-external-e-mails-with-Transport-Rules.html

I have just checked though and it doesn't have the option to specify the amount of recipients.
0
 
cmdownAuthor Commented:
Thanks Akhater.  Any pointers / exemplar scripts on how to achieve this ?
0
 
AkhaterCommented:
NO i am sorry it cannot be done using transport rules, so, as per my first comment, it cannot be done
0
 
cmdownAuthor Commented:
Hi Demazter

Thanks for that. I can't find/get to the transport rules tab / new transport rule action. Is it an additional snap-in?
0
 
Glen KnightCommented:
it's not an additional snap-in but if you don't have the correct permissions you will not be able to see it, it's under organisation configuration > Hub Transport.
0
 
cmdownAuthor Commented:
I've gone back in as the domain admin and it's still not showing ...
0
 
cmdownAuthor Commented:
ignore last post - I've now got in and can see the link to add new transport rule
0
 
Praveen BalanSolution ArchitectCommented:
If you have the users in single organization unit(or any other unique parameter)

Get-Mailbox -OrganizationalUnit "paste the OU path" | Set-Mailbox -RecipientLimit 100
0
 
cmdownAuthor Commented:
Hi both

Thanks for all your help.  I've been able to create a basic rule that looks to a Mail enabled universal distribution group.  However, I am unable to find any rule criteria that allow me to set a maximum value for recipients to invoke the rule.
0
 
Glen KnightCommented:
As I said above, you cannot set the maximum recipients in the rule,
0
 
cmdownAuthor Commented:
Sorry demazter - I completely missed you comment after the suggested URL link
I suppose it also helps if your browser refreshes correctly :o). IE8 is not happy with the EE site today.

PraveenBalan has suggested using an AD OU group.  It would be possible to do this with some minor changes to our system to make sure we son't break group policies.  Any thoughts ?
0
 
Glen KnightCommented:
I don't know, I have never tried it.  If u get chance I will try in my lab later today.
0
 
cmdownAuthor Commented:
Hi All

I have tested this and it works.  Created an OU called MailRestrictedUser, moved user to that OU.  Ran the following command in the exchange console:
Get-Mailbox -OrganizationalUnit MailRestrictedUsers | Set-Mailbox -RecipientLimit 2
Emails with 1 or 2 recipients go through, 3 or more are bounced by the mail server.

Having proved it works I just need to check what GPols apply where to OUs and I can lock down this menace once and for all.

Thank you to all.

If it is ok with everyone I propose a points split as shown below, as the solution isn't quite what I was looking for, and i some respects everyone was correct, but the solution presented by Praveen does provide a way forward.  
PraveenBalan : 250
demazter : 125
Akhater: 125

I do still wonder why Microsoft never thought that someone might want to do this in addition to restricting the attachment size / mailbox size etc.
0
 
Glen KnightCommented:
the spplit sounds fair to me.
0
 
Praveen BalanSolution ArchitectCommented:
Ofcourse fine with me too .. :), more than that it is good feeling that you have chosen the resolution.
0
 
AkhaterCommented:
if you don't want to break your GPO (which is quite normal) you can do it based on groups

get-distributiongroupmemebers GroupX | Set-Mailbox -RecipientLimit 100

the problem with this solution and the one of OU is that it will not apply to any new member you put in the group/ou and  it will not cease to apply if you remove a member from the group/ou

to solve the first part of the problem you schedule a task once per day to apply the above powershell

http://www.zerohoursleep.com/2010/04/how-to-run-exchange-ps1-script-as-scheduled-task/
0
 
cmdownAuthor Commented:
Thanks everyone.

I've run this as follows:

Get-Mailbox -ResultSize Unlimited -OrganizationalUnit mydomain.local/site/Users/UserGrpA | Set-Mailbox -RecipientLimit 5

The -ResultSize is as a result of EMCon returning a warning that it had only returned results for the first 1000 users.  Re-running the command with -ResultSize generated a whole host of warnings saying no action taken for that user but didn't complain about the number of users.
0
 
cmdownAuthor Commented:
Thanks for the help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 10
  • 7
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now