If you would like to read the other parts in this article series please go to:
- Address Lists in Exchange 2007 (Part 1)
- Address Lists in Exchange 2007 (Part 3)
- Address Lists in Exchange 2007 (Part 4)
Introduction
An exchange address list is a collection of addressees that can be browsed by multiple types of exchange recipients to retrieve one another. An address list in Exchange 2007 is either a Global Address List, a custom Address List, or an Offline Address Book. In the first part of this article series I spoke about Global Address Lists. In this second part of this article series I will come back to custom Address Lists and how you can create and manage them. In the last part of this article series I will cover Offline Address Books in more detail.
Custom Address List
After deploying an Exchange 2007 organization you will next have to the Default Global Address List, 5 custom address lists, as can be seen in Figure 1.
Figure 1: Built-In Address Lists
By default, the Security Principal Authenticated Users has been given the following two permissions: Read and Open address list, which will allow any authenticated user to open the address list, and see its members. These permissions can be seen, changed by using a tool like AdsiEdit, connecting to the Configuration Partition, and drilling down to CN=Services, CN=Microsoft Exchange, CN=your Exchange organization, CN=Address Lists Container, CN=All Address Lists, as can be seen in Figure 2 and 3.
Figure 2: CN=All Address Lists
Figure 3: Security Built-In Address Lists
It is possible to create new custom Address Lists, change the settings for an existing Address Lists, and delete existing (even the built-in) custom Address Lists.
Creating new custom Address Lists
To create a new custom address list, you can use both the Exchange Management Console, and the Exchange Management Shell. Using the Exchange Management Shell cmdlet New-Addresslist, allows you to use the parameter RecipientFilter, which enables you to create a filter based on other attributes than the ones by default available.
Using the Exchange Management Console
To create a new custom Address List, launch the Exchange Management Console, Organization Configuration, Mailbox, and right-click in the tab Address Lists, to select the task New Address List… as can be seen in Figure 4.
Figure 4: New Address List
You need to specify a name for the new Address List, and you can check which recipient types you want to include in this Address list (Figure 5).
Figure 5: Name and Recipient Types
After you have clicked Next, you can define the conditions a recipient has to meet in order to be made a member of the Address List. In the given example, in the Address List All employees located in the EMEA region, will group every mailbox-enabled user that has the attribute State/Province set to the value of EMEA, as seen in Figure 6.
Figure 6: Conditions Address List
Then you will need to specify when the Address List should be applied, and you can add the maximum length of time this process is allowed to run, as seen in Figure 7.
Figure 7: Schedule Address List
After clicking Next, Exchange will show you a summary of what you configured Exchange to do, and when clicking New, the Address List will be created as desired (Figure 8 and 9).
Figure 8: New Address List Summary
Figure 9: Completion New Address List
After clicking Finish, the new Address List will show up in the Exchange Management Console, and will be available for your users, as can be seen in Figure 10 and 11.
Figure 10: New Address List Created
Figure 11: Address Lists in Outlook
Once an Address List has been created, you may need to update it when you change properties of an existing Exchange recipient to be marked as a member of this address list. When you create a new Exchange recipient, the Microsoft Exchange System Attendant will make it a member of any Address Lists it should be a member of. In the following example, you will see how a change for a user called Ilse Van Criekinge, where the property for State/Province is set to EMEA, requires you to update the Address List before she will be added.
In Figure 12, you can see how the value is changed, in Figure 13 you can see how the Address List is updated, and how it changes the members of that Address List.
Figure 12: Change Properties User
Figure 13: Update-AddressList
You can also use the Exchange Management Console to update the Address List, as can be seen in Figure 14.
Figure 14: Update-AddressList using the EMC
Editing custom Address Lists
You can always change the conditions for an address list using the Exchange Management Console and the Exchange Management Shell. Using the Exchange Management Console, you can right-click the Address List you want to alter and select Edit (which will launch the Edit Address List wizard). In the following example, the Address List All Employees Located in EMEA Region will be changed to be included next to mailbox-enabled users and the mail-enabled users in your Exchange organization. Figures 15, 16, 17, 18, 19, and 20 show you the process of accomplishing this change.
Figure 15: Edit existing Address List
Figure 16: Edit existing Address List – Conditions
Figure 17: Edit existing Address List – Conditions cont’d
Figure 18: Edit existing Address List Schedule
Figure 19: Edit existing Address List – Configuration Summary
Figure 20: Edit existing Address List – Completion
Prevent Users from Opening an Address List
In order to prevent users from opening an address list, you can use the two previous permissions in this article. By default, on every address list you create, the Authenticated Users group will have the permissions Read and Open Address List. You can create a security group in Windows, and give that group an explicit deny for the permissions Read and Open Address List, as can be seen in Figure 21.
Figure 21: Deny Read and Deny Open Address List
When a member of the Universal group tries to open the Address List, the following error will be shown as in Figure 22.
Figure 22: Bookmark is not valid
If you do not want users to know that an address lists exists, you can create a so-called empty custom parent address list, and nest a new custom address list below that one. By denying those users on the parent address list for the permission Open Address List, they would not know about the existence of the child address list. They will be able to see the membership of the parent address list though.
Remove an Address List
To remove an Address List you can use the Exchange Management Shell, or the Exchange Management Console, as can be seen in Figure 23.
Figure 23: Remove Address List
You will need to confirm that you want to remove the Address List, as seen in Figure 24.
Figure 24: Confirm removal Address List
You would not be able to remove a parent Address List, until you remove all leaf objects!
Conclusion
An exchange address list is a collection of addressees that can be browsed by multiple types of exchange recipients to retrieve one another. An address list in Exchange 2007 is either a GAL, a custom Address List, or an Offline Address Book. In the first part of this article series I spoke about GALs, and how you can create additional GALs, and what you need to consider, making sure your users get the intended GAL. In this second part of this article series I went back to custom Address Lists and how you can create and manage them. In the last part of this article series I will cover the Offline Address Books in more detail.
If you would like to read the other parts in this article series please go to: