Solved

Block viewing the default global address list in Exchange 2010 from OWA

Posted on 2010-11-20
5
2,126 Views
Last Modified: 2012-05-10
I have a new exchange 2010 server that I recently built but it is used to host many different organizations and domain names.  I just noticed that the new 2010 OWA app allows viewing the default global address list when you click the address book icon.  I need this to go away.

I have read articles already explaining how to use ADSI edit and Powershell to limit viewing of the GAL to each organizations OU, which I tested and does work.  However, there are too many people to script this way.

Is there a way to flat out block the GAL from OWA completely?  I don't want it searchable, viewable, or even noticeable in the Address Book that comes up when you click the icon.

The default GAL cannot be deleted and appears to have to properties.  Can I suppress it permanently (for all existing and new AD accounts created)?
0
Comment
Question by:netsmithcentral
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 49

Expert Comment

by:Akhater
ID: 34183654
0
 
LVL 12

Author Comment

by:netsmithcentral
ID: 34183958
Damn $%@#$%!

I understand.  That link is from May.  and they were "close" to approving the white paper.  It's november.  Is that white paper published?  After today, I will be on a 2010 Exchange environment only.  Any options for me?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 34184304
It is still not supported, i know a lot of experts in this site will tell you that they have used the 2007 method with success i wont recommended as long as it is not officially supported
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 34186230
will this be enough for you to just disable GAL from OWA ?

if so you can use

get-owavirtualdirectory | set-owavirtualdirectory -GlobalAddressListEnabled $false

get-owamailboxpolicy | set-owamailboxpolicy -GlobalAddressListEnabled $false
0
 
LVL 12

Author Closing Comment

by:netsmithcentral
ID: 34194143
Solution was absolutely perfect.  Dead on answer.  Well played sir!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question