Giving User Enough Rights To Manage Distribution Group In Exchange 2007…

Share & Comment

Anyone who is working in IT is familiar with the “Managed By” option of a distribution list. It gives a false feeling that the user who is specified in the “Managed By” option will be able to manage the distribution group, say add/remove members. But, he/she won’t be able to do it.

The behaviour of “Managed By” has been changed in Exchange 2007. It is only an informational field that users see in Outlook, when they take the properties of the distribution group. That is of no good you would say and I agree.

So, what should be done so that the “Owner” of the distribution group can really manage the group?

Explicit permissions has to be given to the Owner, so that he/she can add & remove members. Run the following command to achieve the same.

Add-ADPermission –identity DistributionGroup –User owner –AccessRights WriteProperty –Properties “Member”

Let me explain with an example. I have a distribution group named “Exchange Team” & has my account in the “Managed By” field.

DG0

When I open the properties of the distribution group from Outlook, I can see that my account is listed as the “Owner”.

DG1

But, when I try to add a new member, I get the following error message.

DG2

To give my account enough permissions to manage the distribution group “Exchange Team”, I ran the following.

DG3

After the command was run, I could add members to the group.

DG4

The behaviour is the same on Exchange 2007 SP2.

Share & Comment
Subscribe for Updates
Never miss a blog post again
About the author: UC Architect, Blogger, Husband & Dad. I have been in IT for the last 12 years, with Exchange Server becoming the prime area in the last few years. I am active on Experts Exchange & TechNet forums and I am a technical author for SearchExchange.

15 comments… add one

  1. Anonymous

    Thanks – Really useful!

  2. Thanks

  3. Hi,

    I'm attempting to give a user admin rights over a distribution group in Exchange 2010. The distribution group resides in: domain.org/Distribution Groups.

    Here's the command I'm running in exchange management shell:

    Add-ADPermission –identity BusinessConnectionCommittee –User jmccullough –AccessRights WriteProperty –Properties “Member”

    Keeps telling me that "BusinessConnectionCommittee" wasn't found. Any ideas as to what I'm doing wrong?

  4. Luuk

    Do not use the Alias name of the group but the actual group name: “Business Connection Committee”

  5. Thank you for a simple, well written and documented article. I have read alot about this issue and cannot understand why microsoft removed this feature from working, but thanks to your instructions, I am able to get this working for my users.

    1. Rajith Enchiparambil

      Glad to help Dave.

  6. Nomen

    Question: Is it possible to grant a security group these rights, so that the mebmers of that security group, get permission to modify members of the distribution list?

  7. Chris

    I tried this today, but I still get that error message. Must add that i’m working with Exchange 2010 on the server side and Outlook 2003 on the client side.

  8. Yap Boon LIong

    How to revoke this permission?

  9. SAS

    Thank you! Totally awesome! I do not understand why it doesn’t work from the GUI as-is, but I’m glad to finally have a fix.

    1. Glad to help Sas

  10. Alpesh Bhakta

    Awesome script, it worked. Been trying to pull my hair for almost 2 weeks now on this issue.

    1. Glad it helped Alpesh

  11. Mark

    Is this the same for Exchange 2013? I’m having this same issue with Exchange 2013 I added the AD permissions to write member for the DL’s owner, still not working though

    1. It should be Mark, though I haven’t tested it.

Leave a Comment