A dynamic distribution group is a mail-enabled Active Directory group object that you can create to expedite the mass sending of email messages and other information.
The membership list for a dynamic distribution group is calculated each time a message is sent to the group, based on the filters and conditions that you define. This differs from a regular distribution group, which contains a defined set of members. When an email message is sent to a dynamic distribution group, it is delivered to all recipients in the organization that match the criteria defined for that group.
DRA supports the following features:
Audit and UI reporting
Enumeration support for dynamic distribution groups
NetIQ Reporting Center (NRC) report for dynamic distribution groups
Trigger operation support for dynamic distribution groups
UI extension support for Exchange dynamic distribution groups
Dynamic distribution group tasks:
You can create a dynamic distribution group in the managed domain or managed subtree. You can also modify properties, such as group members, for the new dynamic distribution group.
NOTE:
Your company may have a naming convention enforced through policy that determines the name you can assign to the new dynamic distribution group.
By default, DRA places the new dynamic distribution group in the Users OU of the managed domain.
You can clone both local and global dynamic distribution groups in managed domains. Cloning dynamic distribution groups creates new dynamic distribution groups of the same type and attributes as the original dynamic distribution group.
By cloning a dynamic distribution group, you can quickly create dynamic distribution groups based on other dynamic distribution groups with similar properties. When you clone a dynamic distribution group, DRA populates the Clone Dynamic Distribution Group Wizard with values from the selected dynamic distribution group. You can also modify properties for the new dynamic distribution group.
You can move a dynamic distribution group to another container, such as an OU, in the managed domain or managed subtree.
You can delete local and global dynamic distribution groups in the managed domain or managed subtree. If the Recycle Bin is disabled for that domain, deleting a dynamic distribution group permanently removes the dynamic distribution group from the Active Directory. If the Recycle Bin is enabled for that domain, deleting a dynamic distribution group moves it to the Recycle Bin and disables the dynamic distribution group’s properties.
For more information on the Recycle Bin, see Managing the Recycle Bin.
WARNING:When you create a dynamic distribution group, Microsoft Windows assigns a Security Identifier (SID) to that dynamic distribution group. The SID is not generated from the dynamic distribution group name. Microsoft Windows uses SIDs to record privileges in access control lists (ACLs) for each resource. If you delete a dynamic distribution group, you cannot return access capabilities for that dynamic distribution group by creating a new dynamic distribution group with the same name.
You can modify properties for local and global dynamic distribution groups. The powers you have determine which properties you can modify for a group in the managed domain or managed subtree.
A dynamic distribution list’s membership is determined by its filter, which you can define.
Conditions define the criteria that an object must meet in order to be a member of the dynamic distribution group.