Setting Distribution Group Delivery Restrictions via PowerShell…

Matt Ellis
365 UC
Published in
2 min readMar 21, 2018

--

Note: I originally wrote this back in January 2012, but I got rid of my Wordpress site and wanted to move it over to Medium. It was still getting a lot of hits so it’s worth re-sharing. I also gave the script at the bottom a bit of a facelift…

Adjusting the delivery restrictions or delivery management settings on distribution groups is quite a common task. However, if you manage a lot of distribution groups, chances are you need a faster way of doing this.

Setting the permissions in the Exchange Management Console (EMC) or Exchange Admin Center (EAC) is simple enough when you have one or two people/groups to add to the allowed list. When you have many user/groups needing to be added across a massive range of groups then this is something your going to need to script.

Using the GUI in EAC

Now this is where it doesn’t quite work as expected. It’s easy enough to create a shell command to add multiple users to the -AcceptMessagesOnlyFromSendersOrMembers attribute on the DL object but when doing this you’ll find that only the last one in the list has been added and any that were there before will have gone. This is because the attribute is an array. You can view this using the following command.

Get-DistributionGroup -Identity "GROUP-NAME-HERE" | Select -expand AcceptMessagesOnlyFromSendersOrMembers | ft Name

To add a new user to this list you have to call the already existing list and then add the new user to the end of it. Because PowerShell is so, well, ‘powerful’ you can do this quite easily with one one-liner:

Set-DistributionGroup "GROUP-NAME-HERE" -AcceptMessagesOnlyFromSendersOrMembers((Get-DistributionGroup "GROUP-NAME-HERE").AcceptMessagesOnlyFromSendersOrMembers + "IDENTITY-OF-USER-OR-GROUP-HERE")

The identity of the new group or user can be in the form of the following attributes:

  • Distinguished Name (DN)
  • Canonical Name
  • GUID
  • Name
  • Display Name
  • Alias
  • Exchange DN
  • Primary SMTP Email Address

Now, that’s all very well, but what if you’d like to add multiple users to multiple groups?

The script below will help you do this. All you need to do is add the senders (users or groups) you want to allow to send to the DL into the SendersToAdd.txt file and the Distribution Groups you want to add them to in the DLsToChange.txt file.

Microsoft
Exchange
Powershell

--

--

Matt Ellis
365 UC

Written by Matt Ellis

135 Followers
Editor for

Unified Communications guy, Pompey fan, burger eater, coffee drinker...

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams