Exchange distribution groups are a very useful method for delivering email to a large number of clients, however every design has it’s limits. I needed to use a distribution list for a rotating number of users with a total count of close to 20,000 members. When looking at distribution groups with more than a few thousand entries causes scalability limits. Naturally I’d rather not have to manually load lists every night.
if(Get-Module -Name ActiveDirectory){}
else{Import-Module ActiveDirectory}
Write-Host "Loading employees"
$myusers = Get-ADUser -filter "*" -SearchBase "OU=Employees,DC=liquidobject,DC=com" -properties description | Select-Object samaccountname
Write-Host "Successfully loaded" $myusers.count "employee accounts."
$alpha = "a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"
foreach($i in $alpha)
{
$mygroup = "EmployeeSub_$i"
$myoldgroupmembers = Get-AdGroupMember -identity $mygroup | Select-Object SamAccountName
Write-Host "Group:" $mygroup "has" $myoldgroupmembers.count "members"
$mycurrentusers = $myusers | where {$_.samaccountname -like "$i*"}
Write-Host "We currently have" $mycurrentusers.count "which should be in this group"
$mydiff = Compare-Object -ReferenceObject $myoldgroupmembers -DifferenceObject $mycurrentusers -property samaccountname
$mydiff
foreach($i in $mydiff)
{
if($i.SideIndicator -eq "=>"){Add-AdGroupMember -identity $mygroup -members $i.samaccountname}
else {Remove-AdGroupMember -identity $mygroup -members $i.samaccountname -confirm:$False}
}
}
The above provides a differential solution by splitting the single very large group into a series of 26 smaller, more manageable groups. Then we can wrap the 26 groups with a query-based distribution group for simplified delivery to clients using
new-DynamicDistributionGroup All_Employees -OrganizationalUnit "OU=My OU,DC=liquidobject,DC=com" -RecipientFilter {RecipientContainer -eq "OU=EmployeeGroups,My OU,DC=liquidobject,DC=com"}