Setting SharePoint Alerts on Active Directory Security Groups08 Oct 2013 | SharePoint 2013
This post applies to SharePoint 2013 as of the August 2013 Cumulative Update.
If you have ever tried to set an alert on an email-enabled Active Directory Security Group (this will appear in Exchange as a “Mail Universal Security Group”), you may have found that SharePoint indicates that it cannot find an exact match, and just won’t resolve the group.
This may be due to a possible bug in SubNew.aspx located in
C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\. The code for the People Picker is:
<wssawc:ClientPeoplePicker Required="true" ValidationEnabled="true" id="clientPeoplePicker" VisibleSuggestions="5" Rows="3" Width="100%" runat="server" SelectionSet="User,SecGroup" />
Notice the SelectionSet line. This should indicate that it accepts both User and Security Groups. However, the ClientPeoplePicker class contains no such property! It does, however, contain another valid property, PrincipalAccountType. While I don’t recommend this, as it will most likely be overwritten by new updates, and you must manually make the change, if you do edit SubNew.aspx so the ClientPeoplePicker instead uses the PrincipalAccountType property, mail-enabled Security Groups will now be resolvable within the New Alert dialog.
<wssawc:ClientPeoplePicker Required="true" ValidationEnabled="true" id="clientPeoplePicker" VisibleSuggestions="5" Rows="3" Width="100%" runat="server" PrincipalAccountType="User,SecGroup" />
One issue to note when this configuration completed is that all Security Groups will be visible through the dialog, however when clicking OK to save the Alert, it will validate that the object has an email address, and if not, throw a user-friendly exception.