Shared Exchange Global Address List Question

[f1y]

I have a shared exchange enviroment i'm maintianing.

The users are all listed in the Global Address List (GAL), so all 10 companies can see all contacts.

Under ADSIedit.msc, I've edited the value "showinaddressbook" to be each users respective Offline Address book like so:

CN=(value of address book),CN=All Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=btc,DC=local

where (value of address book) = the company address book I created under Organiztion Configuration > Mailbox
Then I created an offline address book to point to this.

I did for each single user, and it's worked like a charm!

Now, all users have a blank GAL. Because the default address book is the GAL, and everyone is just listed in their company address book.

How do I set a users default address book? I can set "company 1" as the default or "company 2" or "company 3" as the default through exchange management console. But I need to do this on a per user basis, because everyone will have a default GAL based on company name. I can't have 10 default address books, and I can't have everyone seeing all the contacts.

I need user 1 to see company 1, and user 2 to see company 2

How can I do this?

Exchange 2007
SBS 2008

 

[f1y]

tried the following, and it defaults to listing the user in the GAL

set-mailbox -identity USER -offlineaddressbook ADDRESSBOOK

no go in the exchange managment shell.

 

[f1y]

All my users are in Active Directory> domain.local> Users and Groups > Group name

I'm right clicking on domain.local and creating a new OUs and moving these groups to segregrate out my users.

I'll update with where I go from there. Gotta love cleaning up someone elses mess

 

[athlon1.2]

Let me know if you figure out a solution. GAL isn't too important for me, so I just disabled everyone from showing up. Never used 2007 but in 2010 there's a checkbox in ESM to disable it without having to edit LDAP manually.

 

[f1y]

Let me know if you figure out a solution. GAL isn't too important for me, so I just disabled everyone from showing up. Never used 2007 but in 2010 there's a checkbox in ESM to disable it without having to edit LDAP manually.

nothing yet, run around day 2. I may just have them all removed from GAL, but some user somewhere will call and say we deleted all their contacts.

there's this which a lot of articles link, but it doesn't seem to be doing anything. Even with exchange permissions, some shell commands they link like this:

get-adpermission "All Address Lists" | Where {($_.User -like 'NT Authority\Authenticated Users') -or ($_.User -like 'Everyone') -or ($_.User -like 'NT Authority\ANONYMOUS LOGON')} | FT User,AccessRights,ExtendedRIghts,IsInherited

don't net me output results

 

[Tee]

Default GAL's are set within outlook not exchange. (For a per user basis, I should say)

I don't have a good link on where to find instructions for this right now as I am mobile but do a google search.

 

[fluke420]

You can also setup a default GAL on each storage group.