WPLG
asked on
Apply Exchange Retention Policies via AD
I had this question after viewing Exchange Retention Policy on OU.
I understand you can create an active directory OU and apply Exchange retention policies to the users in that OU by running Get-Mailbox -OrganizationalUnit "Finance" -ResultSize Unlimited | Set-Mailbox -RetentionPolicy "RetentionPolicy-Finance".
However, this sounds like a basic question, but how do I add a user to an OU other than the "users" OU? Am I not doing this correct? If I create a group under the OU, would the retention policies be applied to the users in the group?
I understand you can create an active directory OU and apply Exchange retention policies to the users in that OU by running Get-Mailbox -OrganizationalUnit "Finance" -ResultSize Unlimited | Set-Mailbox -RetentionPolicy "RetentionPolicy-Finance".
However, this sounds like a basic question, but how do I add a user to an OU other than the "users" OU? Am I not doing this correct? If I create a group under the OU, would the retention policies be applied to the users in the group?
If I create a group under the OU, would the retention policies be applied to the users in the group?
Answer: NO..
Answer: NO..
ASKER
I understand that you would have to run the command manually for the new user. I am not talking about new users, I am talking about all current users. Half the users will get one policy while the other half will get a different policy. I am trying to avoid applying policies individually.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you need to create a separate OU if you run the powershell cmdlets against user in an OU. All users in the OU will get the policy. the user they will get a different policy will need to be in a different OU since you are running against users in the OU. Basically 2 different policies will need 2 different OUs. you cant run it against a group.
Going back to your original question "but how do I add a user to an OU other than the "users" OU? ". You just drag and drop in ADUC. Create your new OU, select the users you want to move and drag and drop them in the OU. You can also right-click the user, select Move, and select the OU.
The article which you are referring already says that if a new user is added in the OU he will not get the same policy and you will have to run the command manually for the new user.