Default GAL Showing even with Deny read enabled

Have a exchange 2007 hosted enviroment, ( yes I know not supported) but is working well. Some, not all my users can see the default GAL and in return are seeing other clients users.(not good)
I have verified that the each security group (each group has own security group) has a deny read on the default GAL. I keep removing the default GAL from the user attributes in AD show in address book setting but it keeps coming back.
Sorry my first post so if I missed some info please let me know.
Enviroment is a single windows 2008 standard server running exchange 2007 sp2
ele-JimAsked:
Who is Participating?
 
Renato Montenegro RusticiIT SpecialistCommented:
Note that you must uncheck the inheritance in each address book.

I really recommend that you read this document:

White Paper: Configuring Virtual Organizations and Address List Segregation in Exchange 2007
http://technet.microsoft.com/en-us/library/bb936719(EXCHG.80).aspx

It's a very complex setup and you must do it carefully. Make sure you have a System State backup at each move you make.
0
 
Renato Montenegro RusticiIT SpecialistCommented:
Is the "Authenticated Users" security principal denied? If it's not, your users will still be able to see the GAL.

Are your users working in cached mode? If they are, I am pretty sure you should set the permissions in the OAB branch too.
0
 
Renato Montenegro RusticiIT SpecialistCommented:
And, note that OWA will ignore those settings. You must force which Address Book the users will use by using a property in each user account. I don't remember the property. If you don't know, tell me and we will try to find out.
0
 
ele-JimAuthor Commented:
hard to tell if that did it or not. Authenticated users did have read rights on the GAL but was not listed on teh OAB. I added it with the deny. Any idea why the attribute settings in AD show address book keep reverting back and adding the default GAB. Almost acting like a policy but not sure where it gets it from.

Thanks so much hope this works,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.