Many companies, not wanting to invest a lot of money in an expensive contact management solution use Outlook public folders for their purpose. They add this folder to the Outlook Address Book, and voila, they’ve got contacts sorted according to categories and put into distribution lists, ready to be e-mailed, faxed of harassed using other means before any major holiday by the people from marketing.
However, using MAPI folders for this is slow, especially if you’ve got hundreds of contacts. Trying to search them will definitely test your patience and scripts I’ve written, for example, let say, looking for contacts that are not members of any distribution lists take a long long time to run.
So, the wise sysadmin comes up with a plan: Why don’t we move everything to Active Directory? Everybody knows Active Directory is faster than a speeding bullet and you can do all kinds of easy programming manipulations on it. With Exchange 2000 it is also quite easy to view Active directory mail enabled contacts using Outlook. Everybody is happy and the office managers spend a few days entering all the contacts and mail enabling those using Active Directory Users and Computers snap-in. Maybe the sysadmin is wise in the ways of scripting and spends a couple of days writing a script to automate the process.
So, the day comes and the Global Address List is suddenly populated with hundreds of contacts and no one can find the actual employees of the company in the GAL. The CEO is not very happy too and she sends him an e-mail saying he better solve this pronto or else.
Unfortunately for the sysadmin some of the company’s employees work outside the company and have mail enabled contacts instead of mailbox enabled users so he cannot filter just contacts.
To a problem of this kind you can add some kind of value to the one of the free extension attributes present in Exchange 2000 forests.
Since the customer contacts and the users are usually in different OUs you write a script using ADSI to do this that will look like this:
On Error Resume Next
Set domainObject = GetObject(“LDAP://dc.domain.com/OU=Company Users,DC=company,DC=com”)For Each object in oDomain
Set oDomain = Nothing
What it does basically is look through all the objects in an OU such as users, contacts or groups and places the value “ShowInGAL” in Extension Attribute 1. You can use it for you domain, just change the LDAP entry in line 2 to reflect you OU location. If you’re not sure, go through one of my earlier articles explaining this.
Now you need to edit the GAL. How can you do this? When you go to Exchange System Manager the modify button is grayed out:
Those of you can see in the above screenshot that I’ve already edited the GAL for my own needs. How can this be done?
To do, this create a regular address list in Exchange System Manager Recipients à All Address Lists container. In this case I’ve created one called “tes”t and chose a rule matching the Extension Attribute 1 to the value “ShowInGAL”.
Then I copied off the results from the Filter Rule that look something like this:
(&(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder) )))(objectCategory=user)(extensionAttribute1=ShowInGAL)))
A rather nasty looking LDAP query string though I’ve seen worse. Also, it has bug. Also the first part of it is fine (look for anything on that is Exchange enabled) the last part limits it to users and contacts. To fix this the part that says (objectCategory=user) needs to be erased, by editing it in notepad or another text editor to look like this:
(&(&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder) )))(extensionAttribute1=ShowInGAL)))
Now you can copy this to the GAL by using ADSIEdit from the Windows 2000 support tools.
- Run Adsiedit.msc
- Open the configuration container of your domain.
- Expand the Services, Microsoft Exchange, your Org name, Address List Container, All Global Address Lists and the open the property page for the Default Global Address List.
- Look for that attribute “purportedSearch” and paste the LDAP query string above this value and press the “Set” button.
- Now, restart you Exchange server. If you are testing this using Outlook, restart it too since it caches the GAL.
Now open Outlook and you have a brand new GAL showing only the users you want to. The downside of this is that every mail enabled anything should have Extension Attribute one with the right value so whoever creates them needs to be aware of this. The upside is that you now can control not only whether an object appears in the Exchange Address Book, but also whether he, she or it appears in the GAL.