This is a unique situation. I was trying to pull from the local AD when I should have been pulling from the Azure AD. In this line:
-and (-not(MemberOfGroup -eq 'CN=AllExclusion,OU=SG,DC=Example,DC=Local')) `
I am targeting the DN name for allexclusion from the local AD. I need to get the DN for Azure AD. The reason for this is because exchange online is pointing to azure not the local ad. If this was a local on-prem exchange, this would work, but this isn't. To get the DN you will need to run this command:
(Get-DistributionGroup AllExclusion).DistinguishedName
The DN will be much larger. It will look something like this:
CN=AllExclusion,OU=Example.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=NAMPR##A###,DC=PROD,DC=OUTLOOK,DC=COM
Thus your exclusion will look something like this:
-and (-not(MemberOfGroup -eq 'CN=AllExclusion,OU=Example.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=NAMPR##A###,DC=PROD,DC=OUTLOOK,DC=COM'))
Here is what the final Recipient Filter looks like:
(
(RecipientType -eq 'UserMailbox') `
-and (RecipientType -ne 'MailContact') `
-and (MemberOfGroup -ne 'CN=AllExclusion,OU=Example.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=NAMPR##A###,DC=PROD,DC=OUTLOOK,DC=COM') `
-and (Name -notlike 'SystemMailbox{*') `
-and (Name -notlike 'CAS_{*') `
-and (RecipientTypeDetailsValue -ne 'MailboxPlan') `
-and (RecipientTypeDetailsValue -ne 'DiscoveryMailbox') `
-and (RecipientTypeDetailsValue -ne 'PublicFolderMailbox') `
-and (RecipientTypeDetailsValue -ne 'ArbitrationMailbox') `
-and (RecipientTypeDetailsValue -ne 'AuditLogMailbox') `
-and (RecipientTypeDetailsValue -ne 'AuxAuditLogMailbox') `
-and (RecipientTypeDetailsValue -ne 'SupervisoryReviewPolicyMailbox') `
-and (RecipientTypeDetailsValue -ne 'GuestMailUser')`
)