Forum Discussion

CG-1717's avatar
CG-1717
Brass Contributor
Jun 12, 2019

Dynamic DL or group based on org hierarchy?

Is there a way to create a dynamic DL or group based on org hierarchy? For example if the Global HR Director wants to communicate to everyone in HR...

As of right now because of a recent acquisition, the data we have for users is not too accurate (department, business unit, etc) but people have been "assigned" to the right managers. 

 

Any way to do this?.

Thanks

Cristina

  • jerome317's avatar
    jerome317
    Brass Contributor

    CG-1717 

     

    You should be able to do an advanced dynamic rule... (condition1) or (condition2) and (accountenabled = true).

     

    Reference: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership

    Create a "Direct reports" rule

    You can create a group containing all direct reports of a manager. When the manager's direct reports change in the future, the group's membership is adjusted automatically.

    The direct reports rule is constructed using the following syntax:

     
    Direct Reports for "{objectID_of_manager}"

    Here's an example of a valid rule where "62e19b97-8b3d-4d4a-a106-4ce66896a863" is the objectID of the manager:

     
    Direct Reports for "62e19b97-8b3d-4d4a-a106-4ce66896a863"

     

     

  • If you need a dynamic DL, those exist only in Exchange Online (not Azure AD) and you must use the Exchange cmdlets:

     

    New-DynamicDistributionGroup manager -RecipientFilter {(Manager -eq 'CN=user,OU=tenant.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=EURPR03A001,DC=prod,DC=outlook,DC=com') -and (RecipientType -eq 'UserMailbox')}

    where you need to provide the full DN of the manager.

     

    • jerome317's avatar
      jerome317
      Brass Contributor

       


      VasilMichev wrote:

      If you need a dynamic DL, those exist only in Exchange Online (not Azure AD) and you must use the Exchange cmdlets:

       

      New-DynamicDistributionGroup manager -RecipientFilter {(Manager -eq 'CN=user,OU=tenant.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=EURPR03A001,DC=prod,DC=outlook,DC=com') -and (RecipientType -eq 'UserMailbox')}

      where you need to provide the full DN of the manager.

       


      VasilMichev- you can do it in Azure AD with the 'modern DL' called Office365 Groups haha using Microsoft verbiage here!

      • VasilMichev's avatar
        VasilMichev
        MVP

        I know you can, but using dynamic membership for "modern" groups is *paid* functionality, as in requires Azure AD Premium licensing. While using good old fashioned dynamic DGs in Exchange Online is free.

Resources