Can I deny access to the global address list
Posted on 2006-03-31
Hi, I hope you can help.
I have recently put a couple of Exchange 2003 boxes into a school, one as a front end server for webmail and the other as a backend server. All the pupils in the school have an AD user account and an associated mailbox that they are only able to access thorugh webmail Via the front end server. The teachers and the admin staff at the school also have AD accounts and use outlook to connect directly to the back-end Exchange server.
What I now need to do is lock down the address lists so that none of the pupils can access any contact information on the staff. I need to do this while making sure that the teachers and admin staff can see any address on the address lists including all the pupils and the pupils can see the other pupils contact details.
All of the user accounts are in the same domain. I know that I can hide the teachers addresses from the GAL but this wont achieve the result I need. What I'm hoping I can do is create a 'teachers' address list and a 'pupils' address list and deny the pupils read access on the 'teachers' address list. Is this possible??