?
Solved

Global Address Book Mystery

Posted on 2011-09-22
10
Medium Priority
?
426 Views
Last Modified: 2012-05-12
I was alerted today to 3 ad user accounts that had populated over to the GAB. I confirmed in Exchange that those accounts didn't have any active emails attached to them. They were for some reason members of a few distribution groups, but I removed them from those groups, and they were still located in the GAB. I verified there was no freak address put into AD as well. The user that noticed these addresses was not in cached mode, so I am thinking they populated within the last 24 hours. We have had no major changes to our Exchange server, so I believe we are just trying to delete out three non existent emails from the GAB.

Thanks
0
Comment
Question by:nlewallen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36584804
Try deleting and re-creating the users.. Hope this will work :)
0
 
LVL 4

Expert Comment

by:maxsmith5k
ID: 36585287
Hi,

If something is in the GAL, this just means that it has been stamped with the showinaddressbook attribute.
0
 
LVL 4

Accepted Solution

by:
maxsmith5k earned 1000 total points
ID: 36585290
This may be done by:

-Launch adsiedit
-browse to the user in question
-right click the user, go to properties
-Clear the showInAddressBook attribute

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 4

Expert Comment

by:maxsmith5k
ID: 36585293
Sorry, in my previous post, i meant that that was how to clear the attribute and thus remove it from the GAL.  :)
0
 
LVL 8

Expert Comment

by:rr1968
ID: 36586336
DO you mean the users that were not in GAL are appearing in GAL all of a sudden?
Did you check the "Hide the user from the GAL" on the user's property in AD?
0
 

Author Comment

by:nlewallen
ID: 36586437
Sorry, had to power down for the evening and recharge my batteries. I will explain these 3 AD accounts a little more. Each one is still in effect for a daily/weekly/monthly use for as a second account for running specific reports. None of these accounts have ever been set with email, thus when I look for them in exchange there is no "hide" property that is present within active email user accounts.

I have seen in some posts for AD that the Exchange tabs are populated directly onto the user's account within the "Users and Computers" plug-in, thus having the "Hide" property in AD but in my setup it isn't. I typically pop into the "Exchange" plug-in and look for the hide property on a user I don't want in the GAL and poof they are gone end of story. I have thought about trying to try a powershell script to pull them out, but wanted to make sure there wasn't something easier I was missing first.

Thanks for the replies back.
0
 
LVL 4

Expert Comment

by:maxsmith5k
ID: 36586506
did you check the attribute in ADSIedit?
0
 
LVL 8

Expert Comment

by:rr1968
ID: 36586532
Is it possible to delete and recreate these accounts?
0
 

Author Comment

by:nlewallen
ID: 36587532
In answer to the question about possible to delete and recreate, no as they use the accounts randomly.
Finally found the ASDIedit and dug through like you described. Worked like a charm, note for anyone who runs into this, make sure to check the disabled OU as your users may in the OU you originally looked in just buried one more layer in the disabled. Had two that were enabled and one disabled.

Danke Max.
0
 

Author Closing Comment

by:nlewallen
ID: 36587574
For all level one techs stumbling trying to find this in AD options, don't. It is it's own separate plug-in located within Admin tools.
Start-->Admin Tools-->ASDIedit

Straight forward LDAP spanning tree, if you are unsure of where your user would fall under check back with ad.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month14 days, 20 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question