Creating and managing distribution lists
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Creating and managing distribution lists
Distribution lists are public lists that are published as distribution group objects in Active Directory. You can use Active Directory Users and Computers to create and delete distribution lists as distribution group objects, and to view their properties. For more information on performing these tasks, see Create distribution lists, Delete distribution lists, and View, add, or delete elements in a distribution list. For more conceptual information on distribution lists, see Distribution lists.
When you create a distribution list (group) in Active Directory, you are prompted to specify the minimal information needed to establish the object in Active Directory. Each distribution list (group) has many more properties (attributes) that can be viewed and set, as follows.
| Property | Details |
|---|---|
Group name |
Name of distribution list object |
Description |
Description of distribution list object |
Group scope |
Distribution lists can be domain-scoped, global, or universal |
Group type |
The type of group for this object is distribution |
Distribution list (group) elements (members) |
Elements that make up the distribution group |
Folders containing the members in Active Directory |
Location of group elements |
Distribution lists (groups) of which the applicable distribution list (group) is a member |
If the distribution list is in turn the member of another distribution list |
Administrative permissions |
Security for the distribution list |
Setting distribution list scope
Distribution lists can be specified as "Global", "Domain-scope" or "Universal":
Domain-scope distribution lists can only contain queues and distribution lists from the local domain as members, and cannot be moved to another domain.
Distribution lists with global scope can include queues and distribution lists from the local domain, and queues and global distribution lists from other domains in the forest. They can be moved to another domain.
Distribution lists with universal scope can include other groups and accounts from any domain in the domain tree or forest and can be granted permissions in any domain in the domain tree or forest.
Setting distribution list security
Because distribution lists are objects in Active Directory, security attributes can be attached to control access to them. A security descriptor is assigned to each queue and distribution list. This security descriptor lists the users and groups that are granted or denied access to the queue or distribution list, and the following specific permissions are associated with distribution lists:
Send To permission allows a group or user to send messages to the applicable distribution list. By default, this permission is granted to everyone.
Add/Remove Self as Member permission for a public queue or queue alias allows a group or user to add or remove the applicable public queue or queue alias as a member in a distribution list. All users are granted this permission by default.
Add/Remove Self as Member permission for a distribution list allows a group or user to add or remove the applicable distribution list as a member in another distribution list. Only the owner of a distribution list has the Add/Remove Self as Member permission for it.
For more information on distribution list security, see Distribution lists.
Distribution lists can be referenced programmatically through distribution list format names. For more information on using distribution list format names and their syntax, refer to the Message Queuing Software Development Kit (SDK).