How to Troubleshoot Query-Based Distribution Groups (822897)

SUMMARY

A query-based distribution group is a new type of distribution group that is included in Exchange 2003. A query-based distribution group provides the same functionality as a standard distribution group, but it uses a Lightweight Directory Access Protocol (LDAP) query that is based on RFC 2254 "LDAP Filter Rules." A query-based distribution group uses the LDAP filter rules to dynamically build membership in the distribution group instead of specifying static user membership. You can easily construct a mailing list for all users who have mailboxes on a particular server, or in a particular storage group or in a database, by using a query-based distribution group. It is less time-consuming to use this method than to add the users to a standard distribution group by using Exchange System Manager or by using a programmatic method. If the user resides on the server, they will receive the mail.

back to the top

Description of the Query-Based Distribution Group Process

Because of the dynamic nature of the distribution group, you can use query-based distribution groups at a much lower administrative cost. However, a query-based distribution group carries a higher performance cost for queries that produce many results. This cost is in terms of server resources, such as high CPU utilization and an increased working set, because each message to the query-based distribution group causes a corresponding LDAP query to be run against the Microsoft Active Directory directory service to determine its membership. You cannot view the membership of a query-based distribution group in the Global Address List because it is dynamically generated each time mail is sent. However, you can see the dynamic list if you right-click the distribution group, click Properties, and then click the Preview tab.

When a message is submitted to a query-based distribution group, Exchange treats the message slightly differently than messages that are destined for other recipients:

1. A message is submitted through the Exchange store driver or through Simple Mail Transfer Protocol (SMTP) to the submission queue.
2. The categorizer, a transport component that is responsible for address resolution, determines that the recipient is a query-based distribution group.
3. The categorizer sends the LDAP query request to the global catalog server.
4. The global catalog server runs the query, and then it returns the set of addresses that match the query.
5. After receiving the complete set of addresses that match the query, the categorizer generates a recipient list that contains all the users. The categorizer must have the complete set of recipients before it can submit the message to routing. If an error occurs during the expansion of the query-based distribution group to its individual recipients, the categorizer must start the process over.
6. After the categorizer sends the complete and expanded list of recipients to routing, the standard message delivery process continues, and the message is delivered to the users' mailboxes.

The process is slightly different if you use a dedicated expansion server, a single server that is responsible only for expanding distribution groups, for query-based distribution groups. In this case, instead of sending a query to the global catalog server for expansion in step 4, the message is first routed to the dedicated expansion server. After the message arrives at the expansion server, the expansion occurs. The delivery follows the same process that is described earlier in this article.

back to the top

Query-Based Distribution Group Guidelines

The following list describes the guidelines about how to use query-based distribution groups:

• They can have restrictions. You can restrict who can send to the query-based distribution group.
• They can expand on a dedicated server (if you want).
• They can be used for Microsoft Exchange 2000 Server or Exchange 2003 users and contact-based recipients.
• They can be used to restrict Universal Distribution Group Message Restrictions.
• They can be nested. It is better to use universal distribution groups.
• They cannot be security principals.
• They cannot be used in an Exchange mixed mode environment that includes Exchange Server 4.0, Exchange Server 5.0, or Exchange Server 5.5.
• They cannot use an external directory service for LDAP queries. You must replicate the external objects to Active Directory.
• Filters must use attributes that are in the global catalog; use of the Preview option is strongly recommended
• Index the attributes that are used in the query. Indexing greatly improves the performance of the query and reduces the time that it takes to expand the distribution group and to deliver the message to the intended recipients.
• Always use universal groups, particularly in multiple domain environments. Use of local and of global groups, even of nested groups, does not work in a multi-domain environment because their membership is not replicated to all global catalog servers

You must use an Exchange 2003 version of Exchange System Manager and of Active Directory Users and Computers to create a query-based distribution group. You cannot create query-based distribution groups without upgrading your administration console. If you have Exchange 2000 computers, you must upgrade them to at least Exchange 2000 Server Service Pack 3. The Exchange organization must be in native mode (no computers can be running versions that are earlier than Exchange 2000).

back to the top

Configure an Exchange 2000 Service Pack 3 Computer for Improved Reliability

To configure an Exchange 2000 SP3 server for improved reliability in organizations where query-based distribution groups are expanded with Windows 2000 global catalogs, follow these steps.
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

1. To start Registry Editor, click Start, click Run, and then type regedit.
2. Expand the following registry key:

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC\Parameters

3. Right-click Parameters, point to New, and then click DWORD Value.
4. Type DynamicDLPageSize, and then press ENTER.
5. Right-click DynamicDLPageSize, and then click Modify.
6. In Edit DWORD Value, under Base, click Decimal.
7. Under Value Data, type 31, and then click OK.

back to the top

Troubleshoot

Use Preview to View the Results of Your Query

If the filter string contains bad formatting or incorrect LDAP syntax, then the global catalog server will not run the query. If you use Active Directory Users and Computers to create your query, it can help prevent you from constructing an incorrect query. Use Preview to view the result of the query; you can use the preview feature to make sure that the query is valid and that it returns the results that you expect. To do this, follow these steps:

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Click Action, point to New, and then click Query-based Distribution Group.
3. Type a name for the query-based distribution group, and then click Next.
4. Click to select the filter options that you want to use, and then click Next.
5. Click Finish.
6. Right-click the new query-based distribution group, and then click Properties.
7. Click the Preview tab, and then click Start.
8. The results of your query are listed under Preview.

back to the top

Non-Delivery Report with the Code 5.2.4, and Event 6025 or Event 6026

If you create a query-based distribution group that is based on an incorrect LDAP query, when a user sends to the query-based distribution group, the user receives a non-delivery report with the code 5.2.4: Unable to expand a distribution list to deliver the message to its members. Try again or contact your system administrator. ServerName #5.2.4
Also, if categorizer logging is enabled, one of following two events will be logged:Event 6025back to the top

Messages Seem to Disappear

If the filter string is well-formatted but no results are produced, the sender does not receive a delivery status notification message. This behavior is similar to the results that you receive when you send to an empty distribution group. Message tracking may show that the message disappeared after it was submitted to the categorizer.

Use the Preview button in Active Directory Users and Computers to confirm the result that you want from your query. If the preview is blank, then verify your filter again. Make sure you only use attributes that are in the global catalog. For additional information about how to verify if an attribute is in the global catalog, click the following article number to view the article in the Microsoft Knowledge Base: For additional information about how to add additional attributes, click the following article number to view the article in the Microsoft Knowledge Base: Note Exchange System Manager runs by using the administrative credentials of the current user. An administrator with greater administrative credentials than the Exchange computer system account and who previews a query-based distribution group may be accessing Active Directory attributes that are not accessible to the Exchange computer, but that are accessible to the administrator. The administrator will see the correct set of results in the query preview, but the categorizer will run by using the administrative credentials associated with the Exchange computer system account. The categorizer will not be able to retrieve the same set of results. When this behavior occurs, messages are not sent to the query-based distribution group as expected.

back to the top

Message Remains in the Messages Awaiting Directory Lookup System Queue

The categorizer must have the complete set of recipients before it can submit the message to routing. Therefore, if an error occurs during the expansion of the query-based distribution group to its individual recipients, the categorizer must restart the process. If the error is considered temporary, then the message queues in the Messages Awaiting Directory Lookup queue until all the recipients are successfully resolved. Frequently, this problem is caused by global catalog servers that are unavailable, but it can also be caused by other things. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

back to the top