Address Lists in Exchange 2007 (Part 2)

by Ilse Van Criekinge [Published on 28 July 2009 / Last Updated on 28 July 2009]

How to create and manage Custom Address Lists.

If you would like to read the other parts in this article series please go to:

Introduction

An exchange address list is a collection of addressees that can be browsed by multiple types of exchange recipients to retrieve one another. An address list in Exchange 2007 is either a Global Address List, a custom Address List, or an Offline Address Book. In the first part of this article series I spoke about Global Address Lists. In this second part of this article series I will come back to custom Address Lists and how you can create and manage them. In the last part of this article series I will cover Offline Address Books in more detail.

Custom Address List

After deploying an Exchange 2007 organization you will next have to the Default Global Address List, 5 custom address lists, as can be seen in Figure 1.


Figure  1: Built-In Address Lists

By default, the Security Principal Authenticated Users has been given the following two permissions: Read and Open address list, which will allow any authenticated user to open the address list, and see its members. These permissions can be seen, changed by using a tool like AdsiEdit, connecting to the Configuration Partition, and drilling down to CN=Services, CN=Microsoft Exchange, CN=your Exchange organization, CN=Address Lists Container, CN=All Address Lists, as can be seen in Figure 2 and 3.


Figure 2: CN=All Address Lists


Figure 3: Security Built-In Address Lists

It is possible to create new custom Address Lists, change the settings for an existing Address Lists, and delete existing (even the built-in) custom Address Lists.

Creating new custom Address Lists

To create a new custom address list, you can use both the Exchange Management Console, and the Exchange Management Shell. Using the Exchange Management Shell cmdlet New-Addresslist, allows you to use the parameter RecipientFilter, which enables you to create a filter based on other attributes than the ones by default available.

Using the Exchange Management Console

To create a new custom Address List, launch the Exchange Management Console, Organization Configuration, Mailbox, and right-click in the tab Address Lists, to select the task New Address List... as can be seen in Figure 4.


Figure 4: New Address List

You need to specify a name for the new Address List, and you can check which recipient types you want to include in this Address list (Figure 5).


Figure 5: Name and Recipient Types

After you have clicked Next, you can define the conditions a recipient has to meet in order to be made a member of the Address List. In the given example, in the Address List All employees located in the EMEA region, will group every mailbox-enabled user that has the attribute State/Province set to the value of EMEA, as seen in Figure 6.


Figure 6: Conditions Address List

Then you will need to specify when the Address List should be applied, and you can add the maximum length of time this process is allowed to run, as seen in Figure 7.


Figure 7: Schedule Address List

After clicking Next, Exchange will show you a summary of what you configured Exchange to do, and when clicking New, the Address List will be created as desired (Figure 8 and 9).


Figure 8: New Address List Summary


Figure 9: Completion New Address List

After clicking Finish, the new Address List will show up in the Exchange Management Console, and will be available for your users, as can be seen in Figure 10 and 11.


Figure 10: New Address List Created


Figure 11: Address Lists in Outlook

Once an Address List has been created, you may need to update it when you change properties of an existing Exchange recipient to be marked as a member of this address list. When you create a new Exchange recipient, the Microsoft Exchange System Attendant will make it a member of any Address Lists it should be a member of. In the following example, you will see how a change for a user called Ilse Van Criekinge, where the property for State/Province is set to EMEA, requires you to update the Address List before she will be added.

In Figure 12, you can see how the value is changed, in Figure 13 you can see how the Address List is updated, and how it changes the members of that Address List.


Figure 12: Change Properties User


Figure 13: Update-AddressList

You can also use the Exchange Management Console to update the Address List, as can be seen in Figure 14.


Figure 14: Update-AddressList using the EMC

Editing custom Address Lists

You can always change the conditions for an address list using the Exchange Management Console and the Exchange Management Shell. Using the Exchange Management Console, you can right-click the Address List you want to alter and select Edit (which will launch the Edit Address List wizard). In the following example, the Address List All Employees Located in EMEA Region will be changed to be included next to mailbox-enabled users and the mail-enabled users in your Exchange organization. Figures 15, 16, 17, 18, 19, and 20 show you the process of accomplishing this change.


Figure 15: Edit existing Address List


Figure 16: Edit existing Address List - Conditions


Figure 17: Edit existing Address List - Conditions cont'd


Figure 18: Edit existing Address List Schedule


Figure 19: Edit existing Address List - Configuration Summary


Figure 20: Edit existing Address List - Completion

Prevent Users from Opening an Address List

In order to prevent users from opening an address list, you can use the two previous permissions in this article. By default, on every address list you create, the Authenticated Users group will have the permissions Read and Open Address List. You can create a security group in Windows, and give that group an explicit deny for the permissions Read and Open Address List, as can be seen in Figure 21.


Figure 21: Deny Read and Deny Open Address List

When a member of the Universal group tries to open the Address List, the following error will be shown as in Figure 22.


Figure 22: Bookmark is not valid

If you do not want users to know that an address lists exists, you can create a so-called empty custom parent address list, and nest a new custom address list below that one. By denying those users on the parent address list for the permission Open Address List, they would not know about the existence of the child address list. They will be able to see the membership of the parent address list though.

Remove an Address List

To remove an Address List you can use the Exchange Management Shell, or the Exchange Management Console, as can be seen in Figure 23.


Figure 23: Remove Address List

You will need to confirm that you want to remove the Address List, as seen in Figure 24.


Figure 24: Confirm removal Address List

You would not be able to remove a parent Address List, until you remove all leaf objects!

Conclusion

An exchange address list is a collection of addressees that can be browsed by multiple types of exchange recipients to retrieve one another. An address list in Exchange 2007 is either a GAL, a custom Address List, or an Offline Address Book. In the first part of this article series I spoke about GALs, and how you can create additional GALs, and what you need to consider, making sure your users get the intended GAL. In this second part of this article series I went back to custom Address Lists and how you can create and manage them. In the last part of this article series I will cover the Offline Address Books in more detail.

If you would like to read the other parts in this article series please go to:

See Also

Featured Links