Solved

Active Directory AD question about hiding users

Posted on 2006-07-21
8
389 Views
Last Modified: 2009-12-16
I know there is an option to hide (but not delete) a user in AD. This allows the user to receive emails, but cannot be found in global address book etc.


My question now:

Is it also possible to hide certain users from just certain departments, or just certain office locations?
Or in other words,
Can certain users be shown only to certain offices?

if so, do you know how to do it?

thanks!
0
Comment
Question by:swisscommerce
  • 3
  • 2
8 Comments
 
LVL 3

Expert Comment

by:artthegeek
ID: 17159901
Are you talking about Exchange?  If so, to hide from Global address lists:

Open Active Directory Users and Computers
Open the Properties dialog box for the user account
On the Exchange Advanced tab, select the Hide from Exchange Address Lists check box.
(FYI - this will work for group accounts as well)

The DC will have to have the Exchange Admin tools installed on it to view this property tab (run the Exchange setup, install only the tools).  Or, do from the Exchange server itself.

I'm doubtful about hiding per group, but you may be able to set permissions on the group itself to prevent certain users from viewing the members - we'll have to research that one further.
0
 

Author Comment

by:swisscommerce
ID: 17160072
Thank you arttheqeek,

yes, this is about Exchange.

the reason why I am asking is because, our global address book has hundreds of users and now we want to introduce the resources functionalities to book conference rooms, projectors, catering directly from outlook 2003 etc.

having many office locations, it will become messy if we would add 3-6 conference rooms and 1-2 projectors etc as a resource for each location. Therefore, we are looking for a way to show those resources, only if your user Active Directory properties (credentials) are from the same office location, and if possible only show available and not already taken resources within that location for that time.

Thanks.
0
 
LVL 10

Accepted Solution

by:
ryangorman earned 500 total points
ID: 17168701
I see two methods of achieving this. I suggest just using the first one.

A. I would suggest creating an Address List per physical office. Then ask each user to configure their Outlook to display the address list for their office first (Outlook Tools/Address Book/Tools/Options/Show this address list first).

B. This is more dictatorial way and requires that you create multiple Address Lists as per B anyway. Create multiple Global Address Lists, each filtering per location as before. The secret is to secure the Address List via the Security tab so that users only have permission to view the required GAL. This 'forces' users to see the preferred GAL and gives them the ability to select the other Address Lists.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 10

Expert Comment

by:ryangorman
ID: 17168733
Correction
B. This is more dictatorial way and requires that you create multiple Address Lists as per B anyway.

should read

B. This is a more dictatorial method and requires that you create multiple Address Lists as per A anyway.
0
 

Author Comment

by:swisscommerce
ID: 17179415
ryangorman,

this sounds interesting. Just want to clarify on more specific level.


Example:

GLOBAL ADDRESS BOOK
NY OFFICE USERS
CA OFFICE USERS
FL OFFICE USERS


RESOURCES NY (ADDRESS BOOK)
NY Conference Room 1
NY Conference Room 2
NY Conference Room 3
NY PROJECTOR
RESOURCES CA (ADDRESS BOOK)
CA Conference Room 1
CA Conference Room 2
CA Conference Room 3
CA PROJECTOR
RESOURCES FL (ADDRESS BOOK)
FL Conference Room 1
FL Conference Room 2
FL Conference Room 3
FL PROJECTOR

Now, for a NY OFFICE user, it is possible to hide the Resources FL and Resources CA  so that only Resources NY is shown when he uses outlook to invite users for a meeting?
0
 
LVL 10

Expert Comment

by:ryangorman
ID: 17182416
Run System Manager and navigate to Recipients | All Global Address Lists. This normally contains one GAL called "Default Address List". This GAL filters all mail-enabled objects and is accessible by all authenicated users. You could change the filter to exclude any resource mailboxes but i'd recommend against that for the time being.

Now navigate to Recipients | All Address Lists. This normally contains three ALs - All Contacts, All Groups and All Users. Right click on Resources NY and display its properties. Click the security tab and amend the permissions as follows.

Remove the Anonymous Logon, Everyone and Authenticated Users.
Add a security group containing NY users and give them Read, List and Open Address List access.

Repeat these steps for the other address lists.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now