0

We are offering hosted Exchange services and are in an Microsoft Exchange 2010 only environment with a Windows Server 2003 Domain Controller.

My problem is that all the customers have access to the GAL, which contains....all the customers. We obviously do not want that, but I have no idea on how to :

  1. Restrict access to the Global Address List to only me and my fellow administrators
  2. Create a Global Address List for each Organizational Unit and restrict access to it to the designed Organizational Unit
  3. We have also created regular Address Lists for each OU but all the customers also have access to these.
Ben Pilbrow
  • 12,041
  • 5
  • 36
  • 57
Philippe
  • 97
  • 2
  • 2
  • 13
  • Just to be clear, are you running a version of Exchange specifically designed for multi-tenancy (I'm thinking Exchange 2010 SP1 in hosting mode - not sure what existed before that)? If not, **you're violating the Microsoft Exchange licensing agreement**. With respect, if you're offering a hosted Exchange service with `a Windows Server 2003 Domain Controller` (singular), you seem the kind of person that would also use normal Exchange to try and pull this hosted service off. – Ben Pilbrow Jul 12 '11 at 20:39

1 Answers1

2

What you're looking for is GAL Segmentation. Unfortunately, there's currently no supported way to do this with Exchange 2010. Microsoft has clearly stated that if you do get this to work with Exchange 2010, your solution may not be supported (in other words, a future update may break it and if something's not working correctly don't expect to call into Microsoft).

You may either downgrade to Exchange 2007 and follow these instructions or wait for it to come to Exchange 2010. The MS Exchange team says it is coming. I would expect this feature to be released with SP2.

Jason Berg
  • 19,084
  • 6
  • 40
  • 55
  • I actually spent a good amount of time researching this yesterday. I came up with this exact result. No support till SP2. – HostBits Jul 12 '11 at 20:42