.png?width=100&auto=webp&quality=80&disable=upscale "Picture of John Savill")
.png?width=400&auto=webp&quality=80&disable=upscale "John Savill")
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
How do you add an additional Global Address Book or another view to the global address book?
John Savill
December 21, 1999
2 Min Read
A. This would be useful so, for example, you could separate outvendors email addresses (internet mail) from your actual post office users.
This can not be done easily.
You would have to create Address Book Views. This would divide GAL any wayyou wanted based on criteria that you provide.
But you have to assign search rights to everyone and if you make onemistake, NO ONE will be able to see anything of Address lists
Here is the procedure for setting up Container Level Search Control usingAddress Book Views. This allows you to create virtual Exchange Serverorganizations within a single Exchange Server organization or site. This isuseful if you have multiple companies or departments within one Exchange Serverorganization and you want to prevent these companies or departments fromviewing the mailboxes of other companies or departments in the Global AddressList.
To set up Container Level Search Control using Address Book Views, performthe following steps:
Set up an anonymous account in the properties of the DS Site Configurationobject in the Exchange Administrator program. This can be any Windows NTaccount.
Open User Manager for Domains and create Global Groups for each departmentor company (depending on how you wish to separate the organization). Add therespective Windows NT User Accounts to each Global Group. These will be neededfor step 4.
Set up an Address Book View. You can use any name for the Display andDirectory names. Click the Group By tab in the properties for the new AddressBook View, and choose either Company or Department for the Group items by:field (this depends on how you wish to separate the organization).
Open the newly created Address Book View so that you can see the separatecompanies or departments listed below it. Open the properties of each of these,click the Permissions tab, and add the respective Global Group created in step2 to the Windows NT accounts with permissions with a role of Search.
In the Exchange Administrator program, click Tools then Options. Click thePermissions tab. Ensure that the two check boxes that read "ShowPermissions Page for all objects" and "Display Rights for Roles onPermissions page" are checked.
Open the properties of the Organization object and click the Propertiestab. Add the Search right to the Exchange Service Account.
NOTE: Before changing the rights of the Exchange Service Account, make surethat at least one other Windows NT account or group has at least thePermissions Admin Role on the Organization object.
After you perform these steps, you should be able to log on to an ExchangeSever mailbox. Open the Address Book and choose "Show Names fromthe:" Global Address List. You should only see mailboxes and/or customrecipients from the Address Book View that your mailbox is associated with.
This will not work for any mailbox whose associated Windows NT account haspermissions on objects that give them inherited rights to the Address BookViews. These mailboxes will still be able to view the complete Global AddressList.
About the Author
You May Also Like
.png?width=700&auto=webp&quality=80&disable=upscale)