How Can I Create a New Outlook Distribution List Based On the Membership of an Active Directory Group?


Hey, Scripting Guy! Question

Hey, Scripting Guy! How can I create a new Outlook distribution list based on the membership of an Active Directory group?


SpacerHey, Scripting Guy! AnswerScript Center

Hey, HKM. Before we launch into today’s column we’d like to make a nomination for the Most Courageous Scripting Performance of the Year. With all due modesty, that would be today’s Hey, Scripting Guy! column, a column written despite the fact that the Scripting Guy who writes this column did something really weird to his back and, as a result, can now barely stand up and sit down, let alone walk. (Well, unless you consider a slow shuffle in which his feet never leave the ground to be a walk. If you do, then he can walk just fine. If you don’t, well, then he’s having some trouble walking these days.)

So was the Scripting Guy who writes this column doing something juvenile and immature when he hurt his back? Possibly. Did he persist in this behavior even though he was well-aware that someone (namely himself) was likely to get hurt? Maybe. When he could still barely walk, but was at least starting to feel better did he challenge the Scripting Son to a race, a race he not only was doomed to lose, but also a race that ended up making his back hurt even worse than it did before? That doesn’t really sound like the Scripting Guy who writes this column, but we suppose that could have happened. Despite the fact that he could barely walk, did he really drive 160 miles roundtrip just to watch a Scripting Son baseball game and then, upon returning home, engage in the very same behavior that got him hurt in the first place, all in an effort to prove … well, whatever it is he was trying to prove? You know what; it’s time to take a look at a script that can retrieve a list of users from an Active Directory group and then add each of those users to a new Microsoft Outlook distribution list:

On Error Resume Next

Const olDistributionListItem = 7

Set objOutlook = CreateObject(“Outlook.Application”) Set objList = objOutlook.CreateItem(olDistributionListItem )

objList.DLName = “Test Group” objList.Save

Set objGroup = GetObject(“LDAP://CN=Finance Users,OU=Finance,,DC=fabrikam,DC=com”)

For Each strUser in objGroup.Member Set objUser = GetObject(“LDAP://” & strUser) strUserName = objUser.displayName

Set objRecipient = objOutlook.Session.CreateRecipient(strUserName) objRecipient.Resolve objList.AddMember objRecipient Next

So can we explain how this script works? You bet we can … as long as we don’t have to get up out of this chair, that is. (You don’t want to know how long it took us to get into this chair. Nor do you want to know how long it took the Scripting Guy who writes this column to climb seven flights of stairs this morning, all because – for some bizarre reason that no one, including himself, understands – he refused to take the elevator.)

As you can see, we start out by defining a constant named olDistributionListItem and setting the value to 7; we’ll use this constant to tell Outlook what type of item (a distribution list) we want to create. We next create an instance of the Outlook.Application object, then call the CreateItem method to create a new distribution list:

Set objOutlook = CreateObject(“Outlook.Application”)
Set objList = objOutlook.CreateItem(olDistributionListItem )

Actually, all we’ve done so far is create a distribution list in memory. To create a real distribution list, we need to give the list a name (that is, assign a value to the DLName property) and then call the Save method to save our new list. That’s what these two lines of code are for:

objList.DLName = “Test Group”

Yes, those are short, little lines of code, aren’t they? And that’s good: you have no idea how painful it is to type right now.

Although typing is nowhere near as painful as sneezing turned out to be.

After we create the distribution list all we have to do is connect to an Active Directory group, retrieve the membership list for that group, then add each of those users to our new list. Needless to say, that means that step 1 involves binding to the Active Directory group, in this case a group named Finance Users, which just happens to be located in the Finance OU of

Set objGroup = GetObject(“LDAP://CN=Finance Users,OU=Finance,DC=fabrikam,DC=com”)

Now it gets a little tricky. Active Directory groups have a property named Member; this property is actually a collection consisting of the entire membership of the group. To get at an individual group member we need to set up a For Each loop that will walk us through the entire collection, something we do with this line of code:

For Each strUser in objGroup.Member

Our next task is to bind to each individual user account and retrieve the value of the displayName property; the display name corresponds to the name shown in Outlook when you enter an email address and then click the Resolve button. The Member property lists group members by their distinguished name; hence a single user in that group will look something like this:

CN=kenmyer, OU=Accounting, DC=fabrikam, dc=com

By tacking the moniker for the LDAP provider (LDAP:) onto the front of the distinguished name we can create an object reference that binds us to that user account. That’s what we do here:

Set objUser = GetObject(“LDAP://” & strUser)

Once we make the connection, we then grab the value of the displayName property and store it in a variable named strUserName:

strUserName = objUser.displayName

Got all that? Good. Now we’re ready to add the first user in the collection to our distribution list. To programmatically add someone to an Outlook distribution list, we need to create a Recipient object for that person. We do that by calling the CreateRecipient method, passing along the user’s display name as the sole method parameter:

Set objRecipient = objOutlook.Session.CreateRecipient(strUserName)

After creating the Recipient object we call the Resolve method; this resolves the user name against the Outlook address book. By the way, this is going to cause a security dialog box to pop up, inform you that someone or something is trying to access your address book, and then ask you if you want to allow this access. You must click Yes in this dialog box or the script will fail. That’s a security feature built into Outlook and, to be honest, we don’t know of any way to avoid it.

Of course, even if we did, we wouldn’t tell you. We get in enough trouble without trying to find ways to bypass Outlook security features.

Once the name has been resolved we can then call the AddMember method to add this new recipient to the distribution list. At that point we then loop around and repeat the process with the next user in the Member collection. And that, as they say, is that.

So are we going to explain exactly how the Scripting Guy who writes this column hurt his back? To tell you the truth, no, we aren’t. We already told the story to the Scripting Editor, and, as a result, have had the … pleasure … of listening to her opinion of both the Scripting Guy who writes this column and his tendency to try things that no one in their right mind would try. (In case you’re wondering, her opinion seems to consist primarily of the word “stupid.”) But don’t worry; the Scripting Guy who writes this column expects to be fully-recovered in another day or two. You know what they say: you can’t keep a good man down.

And, with any luck, you can’t keep the Scripting Guy who writes this column down, either.


Discussion is closed.

Feedback usabilla icon