Home / server / Questions / 229031
In Process
Abdullah
Asked: 2011-02-01 00:26:55 +0800 CST

"Hide from exchange address lists" not working in Exchange 2007

  • 772

Hiding a user by checking the "hide from exchange address lists" from exchange management console is not working. The user still shows up in GAL.

When I ran Get-Mailbox -Identity _user_ | FL I got HiddenFromAddressListsEnabled : True

So the check-box is working but the user still shows up. It's been over 3 weeks since hiding the user so it's not a time issue.

This is what I have tried:

  • Using Outlook in online mode
  • Using OWA
  • Regenerating GAL
  • Un-checking then re-checking the "hide" check-box
exchange-2007 exchange outlook

3 Answers

  1. This sounds like it might be a permissions issue on the Active Directory attributes of this user. I suspect the user is currently in (or was once in) one of the Active Directory protected groups (listed here).

    You have 2 options depending on what situation you are trying to hide the user.

    • If this is a user who has left, remove the user from the protected groups and enable inheritable permissions on the user object.
    • If this is an account which still requires admin permissions, you can enable inheritable permissions and immediately rebuild the offline address book. The inheritable permissions flag is reset once an hour, so provided you rebuild your OAB before it is reset, you should be fine.

    To enable inheritable permissions on the user object, follow this procedure.

    • In Active Directory Users and Computers on the View menu, click Advanced Features
    • Go to the properties of the affected user object, go to the Security tab and hit the Advanced button
    • Check the box labelled Allow inheritable permissions from parent to propagate to this object and all child objects
    • 2

  2. My experience is with Exchange 2010 and Outlook 2007:

    We use vbScript to set the "msExchHideFromAddressLists" value to TRUE. In the Exchange Management Console we see the check mark next to 'Hide from Exchange address lists'. However, when we check in our Outlook 2007 client, the user's email is NOT hidden (even after giving it time to replicate to other DCs.)

    Our work-a-round is not automated. For each user in our log file that has been automatically set "msExchHideFromAddressLists" to TRUE, we manually go into our Exchange Management Console, and uncheck "Hide from Exchange address lists" press Apply, then check again "Hide from Exchange address lists" and click Apply/OK. When using the GUI it behaves differently than simply using the backdoor vbScript to set msExchHideFromAddressLists to TRUE and we have not solved what additional processing the GUI performs.

    • 0

  3. The problem is a Microsoft decision to change procedure without telling - in a hotfix Applied about a year ago (july-oct 2014) - They only use the HiddenFromAddressListsEnabled variable on the object (if you use VBS) as a GUI enabler - the action part (which is new and not announced by MS) is "ShowInAddressBooks" - It is so lame to expierence such changes without ANYONE explaining it on the net - just because powershell should be used...We are quite a few who spend hours on automated vbs scripts in large organizations who do not like to debug un-annonced Microsoft changes in variable interpretations:->

    • 0