You're on the right track from my experience. You'd have to say "members of x OU + members of y OU + members of z... OU", because, "All OUs - a OU - b OU" is not possible with a msft ldap filter. It's better to key off of another attribute, either one already existing, or one you script (and schedule to run nightly or whatever you'd like) the addition of.. and that's nice because scripts CAN say "All OUs - a OU - b OU".
Ian From: Russ Patterson [mailto:rus...@gmail.com] Sent: Thursday, January 10, 2013 11:23 To: MS-Exchange Admin Issues Subject: DynamicDistributionList - -RecipientFilter Hello All - I seem to remember that excluding membership in a DDL by OU is a no- go, am I wrong? I have a customer who has Exchange 2010 and an AD with a complicated structure - AD Continent Country Users Non-Employee Country Users Non-Employee on & on, ad infinitum They want a DDL with ALL users, except the ones in the 15 - 20 OUs named Non-Employee. I'm thinking something a good bit less dynamic, like CustomAttribute. Anybody an LDAP or OPATH genius? Is there a way to use -RecipientFilter & get away with this? I'm pretty sure the answer is no, please let me know what you think. Thanks very much, as always. Russ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
