Link to home
Start Free TrialLog in
Avatar of brainbolt
brainbolt

asked on

Exchange 2003 - Restrict modification of distribution groups in the Global Address List from Outlook

I run Exchange 2003 and I am finding that Outlook users can add or remove members of a distribution group in the global address list (GAL). For example, I have a group called "sales" (sales@xxx.com) that distributes to a specific group of people. Well, if Jennifer Receptionist opens her address book in Outlook and picks the Global Address List from the drop down, she can see the "sales" group and can add or remove members. Not a good thing. How do I restrict access to the modification of those groups in the GAL?
ASKER CERTIFIED SOLUTION
Avatar of Manzour
Manzour
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Manzour
Manzour
Sorry...I forgot to add Default Global Address List under All Global Address Lists!
Avatar of aa230002
aa230002
Flag of India image
These steps are to grant minimum permissions required for a owner to manage a DL using Outlook Client.
1. On the security tab, click Advanced and Click on "Add"
2. Select the user from the list and click "OK"
3. On the object tab,
      a) Apply onto: Scroll upto select: This object only.
      b) Permissions: Send As: ALLOW.
4. On the properties tab,
      a) Apply onto: Scroll upto select: This object only.
      b) Read Members: ALLOW
      c) Write Members: ALLOW
      d) Click "OK" all the way out.

You need to make sure that the user in question doesnt have these permissions.

thanks,
Amit Aggarwal.
Avatar of brainbolt
brainbolt

ASKER

Thanks, mqwaider. That is it. Looking into this has spured a follow-up question though... https://www.experts-exchange.com/questions/21860556/Exchange-2003-Inheritable-Permissions.html