Update 10/6/11: This script has been updated. The new script addresses a minor bug that could cause incorrect users to be added to a DL. It also enables recursive ownership assignment. It will no...
Updated Apr 28, 2020
Version 3.0
Blog Post
BTW, I should add that I wrote a custom Powershell script to run as a scheduled task that does something very similar to what the script mentioned above does. Even though it works, it's a very ugly approach to fixing this problem, and God help me when I have to undo this all someday. It's insane to have to make multitudes of people direct "owners" of a security group just to be able to manage the membership list. What's worse, you can't even make someone an owner using the ECP unless you're already an owner yourself, so delegating this out to other admins is a challenge unto itself. This is, by far, my biggest gripe about Exchange 2010. In order to address the relatively few cases where the Active Directory administrator is a separate function from the Exchange administrator, you turned a decade-old management system on its ears. This was a very poorly thought out decision. Just admit it and fix it, and we'll forgive you for it.