Bonnie: Thanks for the information! We don't have Exchange 2013 yet (but we should shortly), so I'll try this out then. To clarify, is this what you did to be able to use groups in Exchange 2013:
1. Create a new global Security group called something like Exchange All DL Admins and add Exchange Admins into this group. 2. Assign Exchange All DL Admins to have Managed By permission and Manager can update membership list permission. 3. Log into EAC using one of the users that is now a member of Exchange All DL Admins and then add an existing group as an Owner. Can you specify non mail enabled security groups, or can you only choose DL groups? Thanks, -Aakash Shah From: [email protected] [mailto:[email protected]] On Behalf Of Miller Bonnie L. Sent: Wednesday, May 7, 2014 12:50 PM To: [email protected] Subject: [Exchange] RE: Managing DLs with Groups I ran across this during our 2007 to 2013 migration, and thankfully this is not accurate for 2013-you can use groups. For ours, I first added a new global dl managers group via AD as the manager, and then within EAC, using an account that is a member of the global dl managers group, I was able to add additional groups for those DLs that are delegated for management (previously done via direct AD permissions). As far as auditing, I'm not sure how they are stored, but you would probably have to use PS to get information from the DLs via Exchange, as when viewing the managedby attribute in AD, it only shows the first one applied. -Bonnie From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Aakash Shah Sent: Wednesday, May 07, 2014 12:32 PM To: [email protected]<mailto:[email protected]> Subject: [Exchange] Managing DLs with Groups I just learned that with Exchange 2010 and Exchange 2013, you can no longer manage DLs with groups as per http://blogs.technet.com/b/exchange/archive/2011/05/04/how-to-manage-groups-with-groups-in-exchange-2010.aspx. Besides the workarounds mentioned on the blog above, are there any other workarounds/solutions that people have used to address this problem? My goal primarily is to be able to quickly audit a user's permission to identify what access permissions they have, ideally through the Member Of tab along with the rest of the user's permissions. Thanks, -Aakash Shah
