Setting SharePoint Alerts on Active Directory Security Groups

This post applies to SharePoint 2013 as of the August 2013 Cumulative Update.

If you have ever tried to set an alert on an email-enabled Active Directory Security Group (this will appear in Exchange as a “Mail Universal Security Group”), you may have found that SharePoint indicates that it cannot find an exact match, and just won’t resolve the group.

This may be due to a possible bug in SubNew.aspx located in C:\Program Files\Common Files\microsoft shared\Web Server Extensions\15\TEMPLATE\LAYOUTS\. The code for the People Picker is:

<wssawc:ClientPeoplePicker
Required="true"
ValidationEnabled="true"
id="clientPeoplePicker"
VisibleSuggestions="5"
Rows="3"
Width="100%"
runat="server"
SelectionSet="User,SecGroup"
/>

Notice the SelectionSet line. This should indicate that it accepts both User and Security Groups. However, the ClientPeoplePicker class contains no such property! It does, however, contain another valid property, PrincipalAccountType. While I don’t recommend this, as it will most likely be overwritten by new updates, and you must manually make the change, if you do edit SubNew.aspx so the ClientPeoplePicker instead uses the PrincipalAccountType property, mail-enabled Security Groups will now be resolvable within the New Alert dialog.

<wssawc:ClientPeoplePicker
Required="true"
ValidationEnabled="true"
id="clientPeoplePicker"
VisibleSuggestions="5"
Rows="3"
Width="100%"
runat="server"
PrincipalAccountType="User,SecGroup"
/>

One issue to note when this configuration completed is that all Security Groups will be visible through the dialog, however when clicking OK to save the Alert, it will validate that the object has an email address, and if not, throw a user-friendly exception.

Note that SharePoint 2010 does not suffer from this issue. SharePoint 2010 uses the PeopleEditor class which does have the SelectionSet property.

Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.