Forum Discussion

Cris20's avatar
Cris20
Copper Contributor
Jan 14, 2021

Dynamic Distribution List based on multiple AAD fields

Hello,

 

I need to make a dynamic distribution list based on following criteria:

Job title is 'Job1' or 'Job2' or 'Job3'  and Block sign in is 'No'.

 

Can you please help me with PowerShell RecipientFilter parameters for this task?

 

Thank you!

  • Cris20 Vasil prompted me to look at this request. This code worked for me...

     

    $Filter = "((Title -like 'Architect') -and (ExchangeUserAccountControl -ne 'AccountDisabled'))"

    New-DynamicDistributionGroup -Name "Architects" -DisplayName "System and Engineering Architects" -Alias AllArchitects -PrimarySmtpAddress Architects@Office365itpros.com -RecipientFilter $Filter

    Set-DynamicDistributionGroup -Identity AllArchitects -ManagedBy Tony.Redmond -MailTip "Distribution List for anyone with Architect in the job title"

     

    TR

  • Cris20 Vasil prompted me to look at this request. This code worked for me...

     

    $Filter = "((Title -like 'Architect') -and (ExchangeUserAccountControl -ne 'AccountDisabled'))"

    New-DynamicDistributionGroup -Name "Architects" -DisplayName "System and Engineering Architects" -Alias AllArchitects -PrimarySmtpAddress Architects@Office365itpros.com -RecipientFilter $Filter

    Set-DynamicDistributionGroup -Identity AllArchitects -ManagedBy Tony.Redmond -MailTip "Distribution List for anyone with Architect in the job title"

     

    TR

    • Cris20's avatar
      Cris20
      Copper Contributor

      TonyRedmond 

       

      Thank you. It worked!

       

      I had to chain multiple conditions for the filter because, from what I've read, wildcards can't be used as first character in RecipientFilter.

      I have many job titles like Architect (Junior Architect, Lead Architect, Senior Architect, etc), a few variations for Associate and for Partner and I need to include all in filter. I tried "Title -like '*Architect' -or Title -like '*Associate' -or Title -like '*Partner'", but got an error.

       

      Is there a more elegant solution than a dozen of -or conditions?

      • Cris20 Unfortunately, you'll have to include multiple conditions, which is what I did when I wrote the problem up:

         

        How to Create Exchange Dynamic Distribution List with Custom Recipient Filters

        Exchange dynamic distribution lists allow messages to be sent to sets of recipients determined by a query against the directory. A custom filter is a powerful way to find the right set of recipients. In this case, we want to find mailboxes with certain job titles whose Azure AD accounts are not blocked for sign-in. Here’s how to create the filter, make sure it works, and create the DDL.

         

        https://office365itpros.com/2021/01/18/create-exchange-dynamic-distribution-list-custom-recipient-filters/

  • Is this for Exchange Online? If so I'm afraid there is no good answer here, it depends on what exactly you mean by "block sign in" - is this the AzureAD BlockCredential attribute, or the Exchange-specific ones (AccountDisabled/ExchangeUserAccountControl/UserAccountControl). They do not always match in value, which poses a challenge here. Only one of these can actually be used for filtering though (UserAccountControl), so try that.

     

    Other than that it's just stringing them together:

     

    {(Title -eq "Job1" -or Title -eq "Job2") -and (UserAccountControl -eq "AccountDisabled, NormalAccount")}

    • Cris20's avatar
      Cris20
      Copper Contributor

      VasilMichev 

      Thank you for your answer!

      This is indeed for Exchange Online.

      The two fields I was referring to are from AzureAD User Profile, I don't know if Block sign in has a match in Exchange

       

      I will try your suggestion. 

       

      Thanks again!

Resources