Solved

restrict users to modify Global Address  Distribution List member list

Posted on 2008-10-20
8
563 Views
Last Modified: 2009-10-06
Hi All,

I have exchange server 2007 environment. My problem is that , all the users in my Exchange can modify GAL Distribution List Member list. i want to restrict them . how to do this. please give me your suggestion.

Thanks
0
Comment
Question by:fextech
  • 3
  • 3
8 Comments
 
LVL 8

Expert Comment

by:greesh_hem
ID: 22755668
0
 

Author Comment

by:fextech
ID: 22755690

Thanks for comment Gressh, but i am looking for restriction, not allow .  in my environment users are able to modify the GAL . how it is happend , and how can i stop them for modification in GAL.
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22759596
Add-ADPermission -Identity:'Group Display Name -User:domain\username -AccessRights ReadProperty, WriteProperty -Properties 'Member' -deny
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:fextech
ID: 22765502
Thanks  Greesh, I want to deny writeproperty  for all users except administrator, how i can apply this on a particuler OU 's users or all users .
0
 
LVL 33

Expert Comment

by:Exchange_Geek
ID: 22765773
@fextech: Did the above command work for you using -deny switch ?? Or not ??
0
 

Author Comment

by:fextech
ID: 22766091
yes it worked, but i have a lots of users those have permission. and i want to restrict all of them. so how can i use this syntax.
0
 
LVL 33

Accepted Solution

by:
Exchange_Geek earned 250 total points
ID: 22766824
You need to have some thing common to those users (for example i am using customattribute1 common to all users in the following example)

$Users = Get-User | where {$_.customattribute1 -like "ABCD"}

Add-ADPermission -Identity:'Group Display Name -User "$Users" -AccessRights ReadProperty, WriteProperty -Properties 'Member' -deny

This worked on my lab.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Outlook keeps asking for credentials, and then does not except. 10 62
Exchange 2010 RU 16 5 27
Server timing 4 18
why is pst smaller? 11 11
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question