OWA, GALS and Security

Posted on 2006-06-02
Last Modified: 2012-06-21
I have two gals.

One simply has our support email address in it and nothing else, the other has all users who are hosted on the exchange server.

What I want to do is set it up, so if a new user is coming online I can add them to a security group calls "new exchange user" this would allow them to see the gal with all the users.

Once they are setup they are removed from the group and they can now only see the gal with our support address in it.

This works very well until you start using rpc+http and OWA

OWA always shows the Gal with everyone in it.

From what I can see owa uses an ldap query to look up the GAL. So maybe I can apply security there? I'm not sure.

Please help!
Question by:kspgroup
    LVL 104

    Expert Comment

    Did you change your OAB? That is attached to a address book.
    For OWA, it uses the default GAL by default.

    How did you deploy these multiple GALs?
    Have you blocked access to the default GAL?

    LVL 1

    Author Comment

    Yes, in fact I setup security group and what what I found was that OWA would pull up BOTH gals.
    LVL 1

    Author Comment

    I should note, I have been unsuccessful in block a OWA user from a GAL. I'm not sure who exactly to block.
    LVL 104

    Accepted Solution

    What did you do with the default GAL?
    Are you still trying to use it?

    You should block ALL access to the default GAL, then create two new address lists.

    LVL 1

    Author Comment

    I had left the default gal still there. I will try that out today.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Integrate social media with email signatures

    Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now