I have 2 groups of user accounts that need to be hidden from the GAL for housekeeping reasons, but need to be accessible by some of our staff because they are shared accounts.
The account names are sequenced, like ABCUser01, ABCUser02 etc. so it would be easy to find them via wildcarding.
I want to create custom address lists to put these accounts in, and grant access to them using security groups for the folks who need to see them. This part I know how to do.
However, I can't hide them in the AD account GUI because they won't show in any list then.
I've seen some articles saying that you can use powershell to change an attribute on the user account to remove it from the GAL, but allow it to be published in a custom address list.
My questions are:
1. Is there an easy way to hide user accounts from the GAL but put them in a custom list?
2. If powershell or other scripted approach is the right way, can you show me how to do it?