his is a multi-part message in MIME format.
You have to remove access to authenticated users for everybody. At this point no one will be able to see it except for system accounts like the system attendant that need to so it can rebuild the oab.
Create your security groups and add the users
Create your filtered address lists
Create your Offline Address lists
Associate each mailbox store with the offline address list you want them to download. If you dont do it this way you will need to set the msExchUseOAB attribute on each user object. This attrbute gets the DN of the OAB you want that user to download.
You have to set the msExchQueryBasedDN on all your user objects so they can be restricted to the OU you want them to be in as OWA clients dont use the GAL.
Put all your users in two OU's.
I should have a soultion posted on my blog site soon for Exchange 2003 and 2007.
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Dgoldman
http://blogs.msdn.com/dgoldman
Download OABInteg (http://gotdotnet.com/Community/UserSamples/Download.aspx?SampleGuid=A2338E73-F521-4071-9B1D-AAF49C346ACD)
"AndyJ" < XXXX@XXXXX.COM > wrote in message news: XXXX@XXXXX.COM ...
Hi all
Can someone help me in regards to partitioning the Exchange 2007 GAL.
I posted a message much earlier which didn't show so apologies if
there are two messages!
Anyway I am trying to host two exchange orgs on one server and cannot
find a way to restrict access to the default global address list. I
have created a new GAL using the shell and now I am attempting to
restrict clients to the different GALS. So far I have attempted to
deny access to all address lists apart from the new one I created for
company A, but this has done nothing and I can still access the
default global address list from the OL2007 client. Basically I have
created a universal security group to try to achieve this but whatever
I try doesn't seem to work. I am running OL in online mode and
therefore I would expect to see the changes I made taking effect
immediately.
I am desperately trying to get this to work so any help would be much
appreciated.
Thanks
AJ
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16441" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>You have to remove access to authenticated users
for everybody. At this point no one will be able to see it except for system
accounts like the system attendant that need to so it can rebuild the
oab.</FONT></DIV>
<DIV><FONT face=Arial size=2>Create your security groups and add the
users</FONT></DIV>
<DIV><FONT face=Arial size=2>Create your filtered address lists</FONT></DIV>
<DIV><FONT face=Arial size=2>Create your Offline Address lists</FONT></DIV>
<DIV><FONT face=Arial size=2>Associate each mailbox store with the offline
address list you want them to download. If you dont do it this way you will need
to set the msExchUseOAB attribute on each user object. This attrbute gets the DN
of the OAB you want that user to download.</FONT></DIV>
<DIV><FONT face=Arial s
by Andy » Sun, 27 May 2007 22:14:25