| Have your Exchange server installed, maintained or upgraded by Amset IT Solutions. Exchange 2000, 2003, 2003 SBS, 2007 More Information (UK only) |
Broadband - Exchange
Login Scripts - Net Admin
Outlook - Windows Mobile
Windows
Exchange and a
Dynamic IP Address
Global Mailbox Folder
Permissions from Server
Internal Email Address
for External People
Options when a Staff Member
Leaves
Prerequisites for Exchange
System Tools
Switching From POP3
to SMTP Delivery
| |||||||||||||||
Author: Simon Butler, Exchange MVP, MCSE
Last Page Review: 28/06/2007
Working with Distribution Groups Home Page
By default, all distribution groups that you create are visible to all users through the global address list.
In some cases you may want to create a list that is maintained through Exchange, but restrict is visibility. You cannot control the visibility from the server, so must use a work around.
There are two, depending on whether you want to hide the existence of the group or just the membership.
Hide the Existence of the Group
- Create the group as normal.
If the membership of the group is sensitive, don't populate it with members just yet. - Check that the group is visible in the Global Address List (GAL). If you are using Outlook 2003 in cached mode, then you may find that it cannot be seen on the client machines. Force the Offline Address Book (OAB) to update (see here)
- Go to each user who needs to see the address list and open up the GAL (Tools, Address Book).
If you cannot see the new list, and you are using Outlook 2003 in cached mode and have updated the OAB, then force it to download using Tools, Send/Receive, Download Address Book. - Right click on the new list and choose "Add to Contacts".
- Repeat on the other clients that need to use the list.
Remember to tell the users where the list is held. - Hide the list from the address book. Right click on the list, choose Properties and then "Exchange Advanced". Enable the option "Hide from Exchange Address Lists".
- Populate the list with the recipients of the list.
- Force the OAB to update again, so that the list disappears from the GAL.
Hide the Membership of the Group
There are two ways of hiding the group members.
Method 1
You can change the group properties.
- Open ADUC and find the group.
- Right click on the group and choose Exchange Tasks.
- Select "Hide Membership" from the list.
The drawback with this system is that once the changes have been made you cannot make any further changes to the security permissions of the group. If you need to be able to change the security permissions of the group, then you will have to use the second option.
Membership can still be seen
It can take a while for the membership to disappear, so do not expect immediate results. However if the membership continues to be seen then you should review this article at the MS KB: http://support.microsoft.com/default.aspx?kbid=812841
Method 2
It isn't possible to directly hide the membership of a group, but by using a workaround you can made it less obvious.
- Create the group as normal.
If the membership of the group is sensitive, don't populate it with members just yet. - Create a public folder with the name that you want to appear in the GAL using Outlook. You can also use one name for the group and then change the display name on the Properties of the group using Exchange System Manager (ESM) on the "Exchange General" tab. Change the option to "Use this name" and enter the name that you want the folder to appear under in the GAL.
Tip: Put a space in front of the name and the folder will appear at the top of the GAL - example. - In ESM, mail enable the group and give it an email address
- Ensure that "Hide from Address lists" is not enabled. This can be found on the "Exchange Advanced" tab. The public folder is what will be seen in the Global Address List.
- Click on the tab "Exchange General", then the "Delivery Options" button and put the group in the "Forward to".
Optional whether you want to keep a copy of this message in the folder as well. - Set the client permissions on the public folder. Click on the tab "Permissions" then "Client Permissions". The permissions that you set will depend on who needs to use the group.
- Right click on the folder and choose Properties. Click on the tab "Permissions".
- Set "Default" to None.
- Depending on who is sending to the group will decide the permissions.
In all cases, those who are sending to the group need to have contributor rights.
For example, if everyone needs to be able to send to this group, then set the permission of "Contributor" to "All Staff" - Ensure that someone is the folder owner. Use the "Email Admins Group" if appropriate. Other permissions can be set as required.
- Finally, hide the group from the GAL using the option on the Properties of the folder in Exchange System Manager.
The public folder will be visible to users on OWA and live Outlook users on Outlook 2002 (XP) or older immediately. Users on Outlook 2003 in cached mode will need to wait until the next update of the Offline Address Book.
By adjusting the forwarding options you can use this method to keep a copy of messages sent to the group.
28/06/2007
Back to the Top
Contact Us - Advertise on amset.info
Exchange Index - Home Page
Broadband - Exchange - Login Scripts - Network Admin - Outlook - Windows Mobile - Windows
© Amset IT Solutions Ltd. 1998 - 2008. All rights reserved. Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned on this site. This site is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.