Solved

Active Directory AD question about hiding users

Posted on 2006-07-21
8
394 Views
Last Modified: 2009-12-16
I know there is an option to hide (but not delete) a user in AD. This allows the user to receive emails, but cannot be found in global address book etc.


My question now:

Is it also possible to hide certain users from just certain departments, or just certain office locations?
Or in other words,
Can certain users be shown only to certain offices?

if so, do you know how to do it?

thanks!
0
Comment
Question by:swisscommerce
  • 3
  • 2
8 Comments
 
LVL 3

Expert Comment

by:artthegeek
ID: 17159901
Are you talking about Exchange?  If so, to hide from Global address lists:

Open Active Directory Users and Computers
Open the Properties dialog box for the user account
On the Exchange Advanced tab, select the Hide from Exchange Address Lists check box.
(FYI - this will work for group accounts as well)

The DC will have to have the Exchange Admin tools installed on it to view this property tab (run the Exchange setup, install only the tools).  Or, do from the Exchange server itself.

I'm doubtful about hiding per group, but you may be able to set permissions on the group itself to prevent certain users from viewing the members - we'll have to research that one further.
0
 

Author Comment

by:swisscommerce
ID: 17160072
Thank you arttheqeek,

yes, this is about Exchange.

the reason why I am asking is because, our global address book has hundreds of users and now we want to introduce the resources functionalities to book conference rooms, projectors, catering directly from outlook 2003 etc.

having many office locations, it will become messy if we would add 3-6 conference rooms and 1-2 projectors etc as a resource for each location. Therefore, we are looking for a way to show those resources, only if your user Active Directory properties (credentials) are from the same office location, and if possible only show available and not already taken resources within that location for that time.

Thanks.
0
 
LVL 10

Accepted Solution

by:
ryangorman earned 500 total points
ID: 17168701
I see two methods of achieving this. I suggest just using the first one.

A. I would suggest creating an Address List per physical office. Then ask each user to configure their Outlook to display the address list for their office first (Outlook Tools/Address Book/Tools/Options/Show this address list first).

B. This is more dictatorial way and requires that you create multiple Address Lists as per B anyway. Create multiple Global Address Lists, each filtering per location as before. The secret is to secure the Address List via the Security tab so that users only have permission to view the required GAL. This 'forces' users to see the preferred GAL and gives them the ability to select the other Address Lists.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 10

Expert Comment

by:ryangorman
ID: 17168733
Correction
B. This is more dictatorial way and requires that you create multiple Address Lists as per B anyway.

should read

B. This is a more dictatorial method and requires that you create multiple Address Lists as per A anyway.
0
 

Author Comment

by:swisscommerce
ID: 17179415
ryangorman,

this sounds interesting. Just want to clarify on more specific level.


Example:

GLOBAL ADDRESS BOOK
NY OFFICE USERS
CA OFFICE USERS
FL OFFICE USERS


RESOURCES NY (ADDRESS BOOK)
NY Conference Room 1
NY Conference Room 2
NY Conference Room 3
NY PROJECTOR
RESOURCES CA (ADDRESS BOOK)
CA Conference Room 1
CA Conference Room 2
CA Conference Room 3
CA PROJECTOR
RESOURCES FL (ADDRESS BOOK)
FL Conference Room 1
FL Conference Room 2
FL Conference Room 3
FL PROJECTOR

Now, for a NY OFFICE user, it is possible to hide the Resources FL and Resources CA  so that only Resources NY is shown when he uses outlook to invite users for a meeting?
0
 
LVL 10

Expert Comment

by:ryangorman
ID: 17182416
Run System Manager and navigate to Recipients | All Global Address Lists. This normally contains one GAL called "Default Address List". This GAL filters all mail-enabled objects and is accessible by all authenicated users. You could change the filter to exclude any resource mailboxes but i'd recommend against that for the time being.

Now navigate to Recipients | All Address Lists. This normally contains three ALs - All Contacts, All Groups and All Users. Right click on Resources NY and display its properties. Click the security tab and amend the permissions as follows.

Remove the Anonymous Logon, Everyone and Authenticated Users.
Add a security group containing NY users and give them Read, List and Open Address List access.

Repeat these steps for the other address lists.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Instant VM Recovery 4 101
heat agent push through GPO 2 63
inactive users 13 82
Unknown AD user under VMWare OU 4 67
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question