opath syntax to force dynamic distribution group field as numerical comparison? (Exchange 2010)
Posted
by
Matt
on Server Fault
See other posts from Server Fault
or by Matt
Published on 2011-01-11T18:00:47Z
Indexed on
2011/01/11
18:55 UTC
Read the original article
Hit count: 270
I'm upgrading a (working) query based group (Exchange 2003) to a new and 'improved' dynamic distribution group (2010).
For better or worse, our company decided to store everyone's employee ID in the pager field, so it's easy to manipulate via ADUC. That employee number has significance, as all employees are in a certain range, and all contractors are in a very different range.
Basically, the new opath syntax appears to be using string compare on my pager field, even though it's a number. Let's say my employee ID is 3004, well, it's "less than" 4 from a string check POV.
Set-DynamicDistributionGroup -Identity "my-funky-new-group" -RecipientFilter "(pager -lt 4) -and (pager -like '*') -and (RecipientType -eq 'UserMailbox')"
Shows up in EMC with this:
((((((Pager -lt '4') -and (Pager -ne $null))) -and (RecipientType -eq 'UserMailbox'))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')))
This group should have max of 3 members right? Nope - I get a ton because of the string compare. I show up, and I'm in the 3000 range.
Question: Anyone know a clever way to force this to be an integer check?
The read-only LDAP filter on this group looks good, but of course it can't be edited.
The LDAP representation (look ma, no quotes on the 4!) - Also interesting it sort of 'fills the' bed with the (pager=4) thing...
(&(pager<=4)(!(pager=4))(pager=*)(objectClass=user)(objectCategory=person)(mailNickname=*)(msExchHomeServerName=*)(!(name=SystemMailbox{*))(!(name=CAS_{*))!(msExchRecipientTypeDetails=16777216))(!(msExchRecipientTypeDetails=536870912))(!(msExchRecipientTypeDetails=8388608)))
If there is no solution, I suppose my recourse is either finding an unused field that actually will be treated as an integer, or most likely building this list with powershell every morning with my own automation - lame.
I know of a few ways to fix this outside of the opath filter (designate "full-time" in another field, etc.), but would rather exchange do the lifting since this is the environment at the moment.
Any insight would be great - thanks!
Matt
© Server Fault or respective owner
