UC Unleashed

Get-DistributionGroup "Operations" | Add-ADPermission -User "jcahill" -AccessRights WriteProperty -Properties "Member"

Large organizations generally have a large number of distribution lists. Managing membership of those DLs can often be a time consuming tasks. In earlier versions of Exchange, you could select a manager for the DL, and optionally grant that user the right to manage membership for that list, as seen below (click thumbnails for larger version).

While that option still exists, we can now assign multiple users, and even groups, the right to manage membership. And all it takes is (surprise), a little PowerShell.

For this example, we’ll take the same DL, ‘Operations’, and grant Julie the ability to manage membership.

Get-DistributionGroup "Operations" | Add-ADPermission -User "jcahill" -AccessRights WriteProperty -Properties "Member"

But Pat, you say – how is this method better? Well, we can specify a group instead of a single user like this:

Get-DistributionGroup "Operations" | Add-ADPermission -User "HelpDesk" -AccessRights WriteProperty -Properties "Member"

As seen here:

This allows anyone in the HelpDesk group the ability to manage the DL.

If we need to remove Julie’s rights, we use Remove-ADPermissions like this:

Get-DistributionGroup "Operations" | Remove-ADPermissions -User 'jcahill' -AccessRights WriteProperty -Properties "Member"

As you can see, we now have the ability to grant multiple people rights to manage a distribution list.

The last thing we need to look at is generating a report as to who has rights to manage a specific DL. For that, we can use

Get-DistributionGroup 'operations' | Get-ADPermission | Where-Object {($_.AccessRights -match 'WriteProperty') -and ($_.Properties -match 'Member')} | Format-Table User,AccessRights,Properties -AutoWidth

Which produces output such as:

Hopefully, this tip will cut down on calls to the Help Desk, and allow admins to focus on more pressing matters.