seperating GALS on exch 2003
Greetings
I need to sperate GALs on my exchange server where only the client can see their members. i.e. xyz domain should only be able to see members of xyz in the GAL, i have thus far created two GALS in system manager in an attempt to seperate the members of the original GAL. i filtered it via user email i.e @xyz.com...what am i missing?
I need to sperate GALs on my exchange server where only the client can see their members. i.e. xyz domain should only be able to see members of xyz in the GAL, i have thus far created two GALS in system manager in an attempt to seperate the members of the original GAL. i filtered it via user email i.e @xyz.com...what am i missing?
ASKER
Gpriceee
i have followed your notes and it worked like a charm; but i can still see the GAL with everyone in it. Do i need to create a seperate security group for each OU in the AD?
i have followed your notes and it worked like a charm; but i can still see the GAL with everyone in it. Do i need to create a seperate security group for each OU in the AD?
You should be able to see the list this way but not the recipients.
If you don't want anyone to be able to see the nested lists, then creating secured lists for the OUs might work better for you. You have to be able to see the list to select it; however, if you don't have rights to it, upon selecting it, you should get a "The Bookmar is not valid" error.
It sounds like you might want to create a secured list for each OU with nested lists within?
If so, at the top of the list, where we created the Secured Lists address list, simply remove the rights the same way you did in the nested list, but leave the OU group with read permissions--deny Open Address list. Then allow specifics within the nested lists.
This kind of sounds like double talk; I hope it's clear ;-)
If you don't want anyone to be able to see the nested lists, then creating secured lists for the OUs might work better for you. You have to be able to see the list to select it; however, if you don't have rights to it, upon selecting it, you should get a "The Bookmar is not valid" error.
It sounds like you might want to create a secured list for each OU with nested lists within?
If so, at the top of the list, where we created the Secured Lists address list, simply remove the rights the same way you did in the nested list, but leave the OU group with read permissions--deny Open Address list. Then allow specifics within the nested lists.
This kind of sounds like double talk; I hope it's clear ;-)
Clarification:
Create new Address Lists at the same level we created the Secured Lists and remove the rights from those newly-created lists. . . .
Create new Address Lists at the same level we created the Secured Lists and remove the rights from those newly-created lists. . . .
ASKER
i dont think you understand.......
in the client (outlook) when pulling up the GAL, it defaults to the complete location. i was looking for a way to seperate the different organizations with in the GAL. we use OWA and i am looking to find a way to seperate the two orgs.
i like the secured list thing and can finsd that useful in the furture.
in the client (outlook) when pulling up the GAL, it defaults to the complete location. i was looking for a way to seperate the different organizations with in the GAL. we use OWA and i am looking to find a way to seperate the two orgs.
i like the secured list thing and can finsd that useful in the furture.
Hello. Is this what you're looking for?: http://support.microsoft.com/kb/237945/EN-US/
"To Change the Address Provider Priority
To view and change the address resolution priority, follow these steps: 1. On the Tools menu, click Services.
2. In Services, click the Addressing tab. The address list priority is displayed in the When sending mail, check names using these address lists in the following order list.
3. To permanently change the address list priority, click an address provider and then click the arrows to arrange the address providers in the order you want to have addresses resolved.
Outlook will resolve the name to the first address it matches based upon the address order. "
"To Change the Address Provider Priority
To view and change the address resolution priority, follow these steps: 1. On the Tools menu, click Services.
2. In Services, click the Addressing tab. The address list priority is displayed in the When sending mail, check names using these address lists in the following order list.
3. To permanently change the address list priority, click an address provider and then click the arrows to arrange the address providers in the order you want to have addresses resolved.
Outlook will resolve the name to the first address it matches based upon the address order. "
ASKER
In OWA (outlook web access) the GAL is only avaliable. i am trying to seperate the departments/organizations into two seperate GALs; your secure lists idea opened up the question that it is possible to seperate it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
soory for the delayed responce! thanks for your help. the first answer tot he GAL worked, i just had to wait for replication. :)
Right click All Address Lists --> New Address List...
Name the new list Something Like Secured Lists.
Finish
Right Click the new Secured Lists list --> Properties --> Security Tab
Select Everyone.
At the bottom of the permission list, check Deny for Open Address List.
OK to the warning.
Right click Secured Lists --> New Address List... (It will be nested with a default of deny).
Name the list appropriately and setup the filters.
Finish.
Right click the New List --> Properites --> Security Tab.
Click Advanced.
Uncheck Allow inheritable. . . .
Click Copy.
Remove everyone and group who do not need access.
CAREFUL HERE: Don't over do it--sort by name and do not remove system or ANY Exchange server rights.
Add those who need access.
Click OK.
If you don't see the list in Outlook, you might have to wait for replication.
That's it!
Now, any Address List you nest under Secured Lists will be able to be customized.