Exchange 2010 SP1 Distribution Group Membership Management
Posted on 2011-04-28
I am looking for a way to assign the right to modify distribution group membership, in Outlook through Exchange 2010, SP1 to a group, rather than an individual.
We have several hundred DLs which in E2K3 where configured to allowed membership modification by members of a group, which itself has a large number of members. I have not found a way in Exchange 2010 to recreate this configuration.
I tried running...
Set-DistributionGroup “GroupName” –Managedby “Security Group Name” – BypassSecurityGroupManagerCheck
….I get an error indicating that the owner of the group must have recipient type details that equal UserMailbox, LegacyMailbox, SharedMailbox, MailUser, LinkedMailbox, RemoteUser, RemoteSharedMailbox, MailContact, or User.
I tried running....
Add-ADPermission -Identity "DL Name" -User "Management Group Name" -AccessRights WriteProperty - Properties Member
....and got the following error...
Active Directory operation failed on "DomainControllerName". This error is not retriable. Additional information: Access i
Active directory response: 00000005: SecErr: DSID-03151E07, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
+ CategoryInfo : WriteError: (0:Int32) [Add-ADPermission], ADOperationException
+ FullyQualifiedErrorId : D0CDD1B8,Microsoft.Exchange.Management.RecipientTasks.AddADPermission
....I get this same error even if I specifiy an individual user rather than a management group.
Any help would be appreciated.