How to Delegate Management of Distribution Group Membership to a User

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.


Applies to: Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3

This topic explains how to use the Exchange Management Shell to delegate the management of distribution group membership to a user.


You cannot use the Exchange Management Console to perform this procedure.

In Exchange 2007, the behavior of the Managed By property is different than in previous versions of Exchange. This property is an informational field that users see in Microsoft Office Outlook when viewing the properties of the distribution group. This property does not provide the user who is identified in the Managed By property with the ability to modify the members of that distribution group in Outlook. If you want to provide a user with the ability to modify distribution group membership, you must explicitly grant the required Active Directory directory service permissions by using the Add-ADPermission cmdlet. Specifically, this allows the user to modify the Member property of the distribution group.

Before You Begin

To perform this procedure, the account you use must be delegated the following:

  • Exchange Recipient Administrator role

  • Account Operator role for the applicable Active Directory containers

For more information about permissions, delegating roles, and the rights that are required to administer Exchange Server 2007, see Permission Considerations.


To use the Exchange Management Shell to delegate management of distribution group membership to a user

  • Run the following command:

    Add-ADPermission -Identity <name of distribution group> -User <name of user> -AccessRights WriteProperty -Properties "Member"

    For example, to grant John Smith the right to add members to the Marketing Department distribution group, run the following command:

    Add-ADPermission -Identity "Marketing Department" -User "John Smith" -AccessRights WriteProperty -Properties "Member"

For detailed syntax and parameter information, see the following topics:

For More Information

For more information about managing distribution groups, see Managing Distribution Groups.

For more information about managing recipients, see Managing Recipients.