Module 6: Managing

Address Lists

Contents

Overview 1
Lesson: Introduction to Address Lists 2
Lesson: Managing and Customizing
Address Lists 9
Discussion: Managing Address Lists 32
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious,
and no association with any real company, organization, product, domain name, e-mail address,
logo, person, place or event is intended or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part
of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted
in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or
for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.

 2003 Microsoft Corporation. All rights reserved.

Microsoft, MS-DOS, Windows, Windows NT, Windows Server, ActiveSync, ActiveX, Active
Directory, Hotmail, MSDN, MSN, Outlook, PowerPoint, Visual Basic, and Windows Media are
either registered trademarks or trademarks of Microsoft Corporation in the United States and/or
other countries.

The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
 Module 6: Managing Address Lists iii

Instructor Notes
Presentation: This module presents an overview of how the Microsoft® Active Directory®
30 minutes directory service stores and replicates data, what address lists are, and when to
use the different types of address lists. This module then describes the common
Practices: tasks that administrators perform to manage and customize Microsoft Exchange
65 minutes address lists. Students then complete practices and perform these tasks.
After completing this module, students will be able to:
! Explain when to use the different types of address lists.
! Manage and customize address lists.

Required materials To teach this module, you need the following materials:
! Microsoft PowerPoint® file 2400B_06.ppt
! Module 6 video file 2400B_06_v05.wmv
! Module 6 animation, How Exchange Uses Active Directory to Store and
Replicate Data, 2400B_06A_05.html

Important It is recommended that you use PowerPoint 2002 or later to display

the slides for this course. If you use PowerPoint Viewer or an earlier version of
PowerPoint, all the features of the slides may not be displayed correctly.

Preparation tasks To prepare for this module:

! Read all of the materials for this module.
! Complete the practices and review the discussions and assessment
questions. Where possible, anticipate alternate answers that students may
suggest and prepare responses to those answers.
! Complete the demonstration regarding how to use Connectix Virtual PC,
which is in the Introduction module of this course. All students must watch
you perform this demonstration. It is crucial that students become familiar
with the virtual environment that is used in the practices before they attempt
to complete the first practice in this module on their own.
! Review the links and suggested additional readings for this module.
Document your own suggested additional readings to share with the class.

Classroom setup The classroom should be set up to use Connectix Virtual PC software, as
discussed in the Manual Classroom Setup Guide. No additional classroom setup
is needed.
iv Module 6: Managing Address Lists

How to Teach This Module

This section contains information that will help you to teach this module.
Instructor notes have been written only for the topics that required them.
If no student practice is included in a How-to topic, consider demonstrating the
task for students.
How to start Start this module by telling students that there are two lessons. The first lesson
is brief, and in it they must prove that they understand the different types of
address lists and when to use them. The second lesson is the hands-on lesson in
which students get to manage and customize address lists.
Then, show the brief video from the Northwind Traders’ employee. To start the
video, click the video button on the overview slide, or open the Web page on
the Student Materials compact disc, click Multimedia, and then click the title
of the video.
Time to teach this We anticipate that your total presentation time will be about 30 minutes. The
module majority of the time spent on this module should be time that students get to
complete hands-on practice activities, view the multimedia presentation, and
participate in class discussions. In addition to your presentation time, we
anticipate that hands-on time for students will be about 65 minutes.

Tip When this symbol appears on the lower-right corner of a slide, it indicates
that there is an inline practice for students to complete before you move on to
the next slide:

Practices Some practices in this module require initial startup time. Consider having
students perform the initial step in these practices before you begin the lecture
on the related content. If a practice begins with a procedure titled “To prepare
for this practice,” then it requires initial startup time.

Lesson: Introduction to Address Lists

This section describes the instructional methods for teaching this lesson.
Multimedia: How You can launch this animation by clicking the projector button on the slide.
Exchange Uses Active This animation provides an overview of how Active Directory stores and
Directory to Store and replicates Exchange data—providing a link between what students know and
Replicate Data what this module is about.
Make sure students understand that although the animation goes beyond the
concept of address lists, it is important for them to understand the dependency
that Exchange has on Active Directory and Active Directory replication. This
will help students better understand how Active Directory provides Exchange
users with the address lists that are available to them and how Active Directory
keeps those address lists up-to-date. Students must also understand how
different Exchange clients access the membership of address lists.
 Module 6: Managing Address Lists v

What Is an Address If students meet the prerequisites for this course, they will likely have some
List? experience with address lists. Use this slide to quickly verify that all students
have a correct understanding of what an address list is.
When to Use Different Use this slide to teach the differences between the types of address lists that are
Types of Address Lists supported by Exchange. If it is apparent that all of your students understand the
differences, move on to the next lesson. However, if students are confused or
have questions, use this slide to answer their questions and make sure that they
understand the differences between the types of address lists before you move
on to the next lesson.

Lesson: Managing and Customizing Address Lists

This section describes the instructional methods for teaching this lesson.
Guidelines for Use the animated slide to show students an example of an administrator
Supporting Multiple creating multiple global address lists (GALs) and then to discuss the guidelines
GALs for supporting multiple GALs.
How to Create GALs This slide shows a picture that is similar to the one in the previous topic.
Discuss the high-level steps with the students and let them know that they will
be creating a GAL in an upcoming practice.
How to Create a Custom Use the animated slide to step the students through an example of an
Address List administrator creating a custom address list. Tell students that they will be
creating a custom address list in an upcoming practice.
How to Customize The picture on the slide is just a cue for students to see what this task entails.
Address List Discuss the high-level steps with the students and let them know that they will
Membership be customizing address list membership in an upcoming practice.
Additional Ways to This topic is an extension of the previous topic. Exchange System Manager also
Customize Address List provides these two additional ways to customize address list membership:
Membership creating filter rules and performing custom searches.
How to Change Which Use the animated slide to show an example of an administrator changing the
Address Lists Users Can address list that a user can see. Then discuss the high-level steps for configuring
See permissions to secure an address list and the high-level steps for hiding an
address list. Tell students that they will be configuring permissions to secure an
address list in the practice that follows.
Practice: Creating and This practice has students use what they learned in the previous five topics.
Customizing Address Make sure that students complete both procedures and answer any questions
Lists that they have.
How to Create an Offline Use the animated slide to show an example of an administrator creating an
Address List offline address list and then step through the high-level steps of creating an
offline address list. Then have the students complete the inline practice to create
an offline address list and answer any questions that they have.
vi Module 6: Managing Address Lists

How to Customize The slide shows an example of an administrator customizing display names to
Display Names change them from displaying First name Last name to Last name First name.
Step through the high-level steps for customizing display names. Tell students
that making a change like the one in this topic only updates new user accounts
as they are created and that they must create a script or manually change display
names to modify existing user accounts. Then have the students complete the
inline practice to customize display names and answer any questions that they
have.
Note that there is a space between the comma and the second percent symbol in
the following entry:
%<sn>, %<givenName>
What Is Recipient Discuss what Recipient Update Service is.
Update Service?

How to Force Address Use the slide to discuss the high-level steps to force an address list to be
Lists to be Updated updated. Then have the students complete the inline practice and answer any
questions that they have.

Discussion: Managing Address Lists

The scenarios in this discussion were designed to allow students to reflect on
what they did in the module and to give them an opportunity to ask any
remaining questions that they have. Use the discussion scenarios to provide a
summary of the module content. You can also return to the Module overview
slide and use it to help summarize the lessons covered in this module.
You can do this activity with the entire class. Or, if you have time, have
students work in small groups to come up with solutions to the problems in the
scenarios and then present and discuss their ideas with the class.
Before taking part in the discussion, students should have completed all of the
practices. Students who have not completed the practices may have difficulty
taking part in the discussion.

Assessment
Assessment questions for this module are located on the Student Materials
compact disc. You can use the assessment questions in whatever way you think
is best for your students. For example, you can use them as pre-assessments to
help students identify areas of difficulty, or you can use them as post-
assessments to validate learning. Consider using the questions to reinforce
learning at the end of the day or at the beginning of the next day. If you choose
not to use the assessment questions during class, show students where they are
so that they can use them to assess their own learning outside of class.
 Module 6: Managing Address Lists 1

Overview

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Introduction People who use Microsoft® Exchange Server as their e-mail server typically
search for other e-mail users in their company by using the global address list
(GAL), which includes all the e-mail messaging recipients, including contacts
with external addresses and distribution groups, in the Exchange organization.
You can use Exchange System Manager in Exchange Server 2003 to simplify
management of address lists. You can also use Exchange System Manager to
create custom address lists that meet users’ specific needs and that help them
find e-mail addresses faster.
Objectives After completing this module, you will be able to:
! Explain when to use different types of address lists.
! Manage and customize address lists.
2 Module 6: Managing Address Lists

Lesson: Introduction to Address Lists

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Introduction This lesson presents an overview of how Exchange uses the Microsoft Active
Directory® directory service to store and replicate data. This lesson then
describes what address lists are and explains when to use different types of
address lists.
Lesson objectives After completing this lesson, you will be able to:
! Explain how Exchange uses Active Directory to store and replicate data.
! Explain the purpose of an address list.
! Explain when to use the different types of address lists.
 Module 6: Managing Address Lists 3

Multimedia: How Exchange Uses Active Directory to Store and

Replicate Data

*****************************ILLEGAL FOR NON-TRAINER USE******************************

When you create users, contacts, groups, and public folders in Active Directory
and then mailbox-enable or mail-enable them, they become objects that appear
in Exchange address lists. This animation provides an overview of how
Exchange uses Active Directory to store and replicate Exchange data, including
the objects that appear in address lists, in your Active Directory forest.

Tip To view the presentation How Exchange Uses Active Directory to Store
and Replicate Data later on your own, open the Web page on the Student
Materials compact disc, click Multimedia, and then click the title of the
presentation.
4 Module 6: Managing Address Lists

Discussion question 1 Your company is planning to deploy an Exchange 2003 organization. During a
planning meeting, you are asked to explain how Exchange information is
replicated throughout your existing Active Directory forest. What should you
tell the meeting attendees?
Exchange uses Active Directory to store Exchange information. Each
Exchange object is represented in the Active Directory global catalog.
When an object is changed, Active Directory replicates the change
throughout the forest.
Exchange stores information in three Active Directory partitions and relies
on Active Directory to replicate that information throughout the forest:
• The domain partition contains all Exchange e-mail and mailbox-
enabled objects. Active Directory replicates the domain partition to all
domain controllers in the domain.
• The configuration partition contains information about the Exchange
organization, including the topology, protocols, connectors, and services
settings. Active Directory replicates the configuration partition to all
domain controllers in all domains in the forest.
• The schema partition contains object types, which Active Directory can
create, and their attributes. The schema partition is replicated to all
domain controllers in the forest.
________________________________________________________________

________________________________________________________________

________________________________________________________________

________________________________________________________________

Discussion question 2 During the same planning meeting, one of the attendees mentions that users in
your company are using a variety of Outlook client versions. She expressed
concern that the older Outlook clients will not be able to access information in
Active Directory. Meeting attendees are concerned that users will not be able to
address messages by using a GAL. What should you tell the meeting attendees
to reassure them that all of your Outlook client versions will be able to use the
global address list?
Exchange objects are represented in the Active Directory global catalog.
Exchange uses directory service proxy or DSProxy to provide access to
Exchange users to Active Directory information:
• Exchange provides Outlook 2000 or later clients with a referral to
direct all future directory requests, after the initial request to
Exchange, to the global catalog server.
• Exchange proxies directory requests from older Outlook clients and
Outlook Web Access clients to the global catalog servers on their
behalf.
________________________________________________________________

________________________________________________________________

________________________________________________________________

________________________________________________________________
 Module 6: Managing Address Lists 5

Discussion question 3 Your planning meeting has gone well and your company is ready to proceed
with your Exchange deployment. Just before the planning meeting ends, one of
the attendees remembers that you have some remote users that use Internet
Message Access Protocol version 4, revision 1 (IMAP4) client software. He
asks you to explain what configuration changes need to be made to the client
software to allow the users to be able to address messages by using a GAL.
What should you tell the meeting attendees about configuring the IMAP4 client
software to access Active Directory?
IMAP4 uses Lightweight Directory Access Protocol (LDAP) to access
information in Active Directory. The IMAP4 client software will need to be
configured with a directory service that has the name or IP address of
either the Exchange server or the global catalog server entered for the
service.
_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________
6 Module 6: Managing Address Lists

What Is an Address List?

*****************************ILLEGAL FOR NON-TRAINER USE******************************

An address list is a collection of recipient objects that are returned by using a
Lightweight Directory Access Protocol (LDAP) query and based on attributes
in Active Directory. Each address list can contain one or more types of recipient
objects—for example, users, contacts, groups, or public folders. Exchange 2003
address lists also provide administrators with a mechanism to divide mail-
enabled objects in Active Directory so that users can more quickly locate the
recipients to whom they want to send e-mail. Address lists are dynamic, which
means that as new recipient objects are added or changed, membership of the
address lists change automatically.
You create address lists in the child containers within the Recipients container
in Exchange System Manager.
 Module 6: Managing Address Lists 7

When to Use the Different Types of Address Lists

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Exchange 2000 and later support four types of address lists: default, global,
offline, and custom address lists.
What is a default A default address list is an address list that is automatically created based on
address list? the values of specific attributes of Active Directory objects. Default address
lists are available to Exchange users without any administrator action.
Exchange includes five default address lists that you can use in their default
state: All Contacts, All Groups, All Users, Public Folders, and Default Global
Address List. Use the default address lists if the users in your organization do
not need any address list customization, such as having the lists grouped by
office location or by job titles.
What is a global address A global address list is a list that contains all Exchange recipients in the
list? organization. The GAL is retrieved from the global catalog servers in Active
Directory and used by Exchange clients to address e-mail messages or find
information about recipients in the organization. When you first install
Exchange, a default GAL is created automatically. The GAL is the default
address list that users will use in their address book.
What is an offline An offline address list is a collection of address lists that are available to
address list? Exchange users when they are working offline. Exchange administrators can
choose which address lists are available for their users who work offline by
associating the offline address list with a mailbox store. Exchange users can
download an offline, local copy of address lists. Users can search the content of
the offline address lists, compose e-mail messages, and address the messages
without being connected to the server. Then, the next time that the user is
online, these messages are sent automatically.
8 Module 6: Managing Address Lists

When you first install Exchange, a default offline address list is created based
on the default GAL. You can create additional offline address lists and associate
them with the users’ mailbox store to allow your users on that store to
download smaller address lists to use when they are offline—this saves users’
time when they are offline and looking for other people in their address book.
For example, suppose that you work for a large company that has many
locations and that your GAL is very large. The users in the European Sales
division tell you that when they travel, they communicate only with other users
in the Europe division. You can create an offline address list that only has
recipients from your Europe division in it to reduce the size of the offline
address book that these users must download and search. Typically, the default
GAL is used as the source for generating additional offline address lists,
because it is the most comprehensive address list.

Note For more information about the offline address list public folders in
Exchange 2003, see Tip #57 OAB Folders in the job aid Joint Development
Program (JDP) - Technical Reference Guide under Job Aids on the Web page
on the Student Materials compact disc.

What is a custom A custom address list is an address list that you create to meet the specific
address list? needs of your Exchange organization—typically, to make it easier for people to
find other e-mail users in their address books. For example, you might create a
custom address list for users in the Marketing department because they want to
be able to more quickly find other users in the Marketing department. You can
create and nest multiple address lists, and the address lists that you create can be
based on recipient categories or fields, which can be used as filters to search
Active Directory.
 Module 6: Managing Address Lists 9

Lesson: Managing and Customizing Address Lists

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Introduction This lesson describes common tasks that administrators perform to manage and
customize Exchange address lists and explains how to do these tasks.
Lesson objectives After completing this lesson, you will be able to:
! Describe the guidelines for supporting multiple GALs.
! Create a GAL.
! Create a custom address list.
! Customize address list membership.
! Describe additional ways to customize address list membership.
! Change which address lists users can see.
! Create an offline address list.
! Customize display names.
! Describe what Recipient Update Service does.
! Force address lists to be updated.
10 Module 6: Managing Address Lists

Guidelines for Supporting Multiple GALs

*****************************ILLEGAL FOR NON-TRAINER USE******************************

When do you need You will need to create additional GALs when you need to:
multiple GALs?
! Provide address lists that have memberships that are different from the
default address lists. Although you can modify the permissions on default
address lists, you cannot change their memberships. If you create an
additional GAL, you can provide your Exchange users with a simplified
view of the recipients in the organization.
! Ensure that users in different companies that you support will only see their
own GAL. The default GAL allows all users to see all of the other recipients
who are in the Exchange organization. If you work for a company that
requires your Exchange organization to host multiple customer companies,
such as for an application service provider (ASP), you may not want all of
the users to see all of the other users who are in the other companies that
you support. By creating additional GALs—one for each customer company
that you are hosting in the system—you can ensure that users can only see
and select the addresses of users who are in their own company.

Guidelines for When supporting multiple GALs, consider the following guidelines:
supporting multiple
GALs ! Establish criteria to filter GAL recipients. For example, if you use the
E-mail Address Ends With filter for contoso.msft, it will return a list of all
of the mailbox recipients that have e-mail addresses that end in
contoso.msft.
! Include customer-specific public folders in the filter for the GAL if
customers want their public folders to appear in the GAL. By default, public
folders are mail-enabled. However, although public folders are hidden from
the GAL in a mixed-mode Exchange 2000 or later organization, they are not
hidden, by default, if they are mail-enabled in a native-mode organization. If
a customer chooses to make its public folders visible in the GAL, you must
include public folders in the recipient filter for that customer’s GAL.
 Module 6: Managing Address Lists 11

! Set security permissions DACLs (discretionary access control lists) for each
GAL. Set security permissions so that only the respective customer can view
list membership.
! Understand which address list will appear in the address book. If you
provide multiple GALs, only one will be shown in the Outlook address
book. The following list shows the order in which an address list appears in
a user’s Outlook address book:
a. The GAL to which the user has access.
b. The GAL of which the user is a member.
c. The GAL that is largest.
For example, the fictitious organization Contoso, Ltd. has an Exchange
organization that contains multiple GALs. Sharon, a Contoso, Ltd. user, has
access to all of the GALs and is also a member of all of them. In this
scenario, the largest GAL will appear in her address book first. However, if
Sharon only had access to the GAL for Contoso, Ltd., that GAL would
appear in her address book.

Note For more information about hosting multiple customer companies in

your Exchange organization see the Hosted Exchange page of the Microsoft
Web site at http://www.microsoft.com/serviceproviders/hostedexchange/.
12 Module 6: Managing Address Lists

How to Create GALs

*****************************ILLEGAL FOR NON-TRAINER USE******************************

To create GALs The high-level steps to create a GAL are as follows:
1. In the Exchange System Manager console tree, browse to Recipients\
All Global Address Lists.
2. Right-click All Global Address Lists, point to New, and click Global
Address List.
3. Specify the name of the new address list and filter rules for it.

Detailed steps for creating a GAL are included in the practice titled Practice:
Creating and Customizing Address Lists, later in this lesson.
 Module 6: Managing Address Lists 13

How to Create a Custom Address List

*****************************ILLEGAL FOR NON-TRAINER USE******************************

You can create custom address lists in the All Address Lists container in
Exchange System Manager.
To create a custom The high-level steps for creating a custom address list are as follows:
address list
1. In the Exchange System Manager console tree, right-click the All Address
Lists container, point to New, and click Address List.
2. Specify a name for the new list, and then click Filter Rules.
3. Use the Find Exchange Recipients dialog box to restrict membership to the
address list as follows:
• Restrict membership in the address list to specific recipient types, such
as users with Exchange mailboxes or mail-enabled groups, by using the
General tab.
• Specify the server on which the recipient’s mailbox is stored by using
the Storage tab. This can be any server, a specific server, or a specific
mailbox store.
• Restrict membership by creating field-based filter rules by using the
Advanced tab.

Detailed steps for creating a custom address list are included in the practice
titled Practice: Creating and Customizing Address Lists, later in this lesson.
14 Module 6: Managing Address Lists

How to Customize Address List Membership

*****************************ILLEGAL FOR NON-TRAINER USE******************************

To customize address The high-level steps for customizing address list membership are as follows:
list membership
1. In the Exchange System Manager console tree, double-click the Recipients
container.
2. Expand the All Address Lists or All Global Address Lists container to
find the address list that has the memberships that you want to configure,
and then click Properties.

Note You cannot customize the members of any default address lists in the
All Address Lists or All Global Address Lists container. You can only
customize the member of any new address lists you create.

3. Define the search filters for address list membership. You can define the
filters in one of the following three ways:
• By using the Exchange recipients search category.
• By using the users, contacts, and groups search category.
• By using the custom search category.

Detailed steps for configuring membership in address lists by using Exchange

System Manager are in the practice titled Practice: Creating and Customizing
Address Lists, later in this lesson.
 Module 6: Managing Address Lists 15

Additional Ways to Customize Address List Membership

*****************************ILLEGAL FOR NON-TRAINER USE******************************

There are two additional actions that you can take to further specify which
recipients should be allowed membership to your address list. You can:
! Create filter rules. Multiple filter rules for an address list can be created to
address membership requirements. By default, all filter rules use a logical
AND to form an LDAP query, which means that all the conditions of the
rule must be met for the recipient to be a member of the address list.
Exchange 2000 and later list the fields separately for users, contacts, groups,
public folders, and query-based distribution groups. You can use these fields
to build your filter.
! Perform custom searches. Instead of building a query by choosing the fields
and specifying conditions and values, you can directly type in the LDAP
query code. Directly typing in the LDAP query code is known as
performing a custom search. The search results are added to the custom
address list. Custom queries can be used to address complex search
requirements. Custom searches provide even more flexibility in determining
address list membership.

To create filter rules You create filter rules by defining the field, condition, and value that the rule
will use when generating the address list. For example, to create an address that
contains all users in the Marketing department, you would select the
Department field for users, select the Is (exactly) condition, and specify the
value as Marketing. The value that you specify in the Find Exchange
Recipients dialog box is compared against the value in Active Directory for the
recipients to identify which recipients are to be added to the address list. The
conditions that are available for building filter rules include: Starts with, Ends
with, Is (exactly), Is not, Present, and Not present.
16 Module 6: Managing Address Lists

To perform a custom Filter rules do not allow you to specify the OR operator as a condition. You
search to configure could specify multiple Is not conditions to accomplish a logical OR query, but
address list membership if you have a large number of conditions that you want to meet, this method
will become tedious. Using a custom search is the easiest way to accomplish a
complex query.
For example, you are the Exchange administrator for Contoso, Ltd., and you
want to create an address list that contains members from the Finance or the
Marketing departments of your company. To perform this custom search:
1. In Exchange System Manager, browse to Recipients\All Address Lists or to
Recipients\All Global Address Lists.
2. In the Properties dialog box for the address list on which you want to
perform the search, click Modify.
3. In the Find box, select Custom Search.
4. On the Advanced tab, type the following LDAP query in the Enter LDAP
query box:
(&(&(objectCategory=user)(|(department=Marketing)(department=
Finance))))

In this example, the objectCategory field contains the type of object to query.
The objectCategory is set to user, which means that this query will search
through all the user account objects. The OR operator (|) indicates that the
department field may contain the value of Marketing or Finance.

Note The LDAP query statement must conform to RFC 2254. For more
information about the syntax and operators that are available for custom
searches, see RFC 2254. Request For Comments (RFCs) can be found at
http://www.rfc-editor.org/rfc.html.

To simplify the creation of your LDAP query, before you create it, define the
membership by using filter rules and make it as similar as possible to the actual
membership criteria. The LDAP query code that is generated appears on the
General tab in the Properties dialog box of the address list. You can then use
this code as a basis for your custom query.
 Module 6: Managing Address Lists 17

How to Change Which Address Lists Users Can See

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Users in your Exchange organization will see the GAL and any default or
custom address lists that have been created, unless you either configure
permissions to secure the address lists or hide the address lists:
! Configuring permissions to secure address lists. You secure address lists to
control which users or groups can open them to view the recipients. Use
Exchange System Manager to configure the Open Address List permission
on the Security page of the address list that you want to secure.
! Hiding address lists. Although you can prevent users and groups from
viewing the contents of an address list by using the Open Address List
permission, this action does not prevent users from viewing the address list
itself. To hide an address list, create an empty address list that acts as a
container for the other address lists that contain recipients. Then, if you
deny the user the Open Address List permission on a container address list,
the user will not be able to view its contents.

To configure The high-level steps to configure permissions to secure an address list are:
permissions to secure
an address list 1. In the Exchange System Manager console tree, browse to Recipients\
All Address Lists or to Recipients\All Global Address Lists.
2. Right-click the GAL in which you want to configure permissions, and then
click Properties.
3. Use the Security tab to select a group or user name, and use the Deny and
Allow check boxes to specify the permissions that you want the group or
user to have.
18 Module 6: Managing Address Lists

Caution Due to group membership, you can cause unintended effects when
you deny a recipient access to an address list if you select the Deny check box
instead of clearing the Allow check box. If you select the Deny check box for a
permission, you are denying a permission to an object that may have inherited
the permission from its parent.

Detailed steps for configuring permissions to secure access to lists are included
in the following practice.
 Module 6: Managing Address Lists 19

Practice: Creating and Customizing Address Lists

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Instructions Complete the following procedures to create a GAL and then customize its
membership.
Practice 1: Creating and In this practice, you will create an additional GAL. Complete the following
configuring an procedures.
additional GAL
! To prepare for this practice
1. Start 2400_London-Virtual PC, if it is not already started.
2. Log on as NWTraders\LondonAdmin with a password of P@ssw0rd.
3. Start 2400_Acapulco-Virtual PC.
4. Log on as NWTraders\TailspinUser with a password of P@ssw0rd.

Note This procedure may take five minutes to complete before you can
continue.

! To create an Outlook profile for Tailspin User

1. On 2400_Acapulco-Virtual PC, click Start, right-click E-Mail Microsoft
Outlook, and then click Properties.
2. In the Mail dialog box, click Add. It may take a few minutes for Microsoft
Office Professional Edition 2003 to initialize. While you wait for Outlook
processing to occur, you can move on to the procedure titled “To configure
membership of the Tailspin Toys security group.” You will need this profile
to verify that address lists are configured correctly.
3. In the New Profile dialog box, type Tailspin User and then click OK.
4. On the E-mail Accounts page, click Next.
5. On the Server Type page, click Microsoft Exchange Server, and then
click Next.
20 Module 6: Managing Address Lists

6. On the Exchange Server Settings page:

a. In the Microsoft Exchange Server box, type London
b. Clear the Use Cached Exchange Mode check box.
c. In the User Name box, type Tailspin User and then click Next.
7. On the Congratulations page, click Finish.
8. In the Mail dialog box, click OK.

! To configure membership of the Tailspin Toys security group

1. On 2400_London-Virtual PC, in Active Directory Users and Computers,
browse to NWTraders.msft\Managed Objects\Security Groups.
2. In the Security Groups details pane, right-click Tailspin Toys and then
click Properties.
3. In the Tailspin Toys Properties dialog box, click the Members tab.
4. On the Members tab, click Add.
5. In the Select Users, Contacts, Computers, or Groups dialog box, click
Advanced.
6. In the Select Users, Contacts, Computers, or Groups dialog box, click
Columns.
7. In the Choose Columns dialog box, in the Columns available box, click
Company, click Add, and then click OK.
8. In the Select Users, Contacts, Computers, or Groups dialog box, click
Find Now.
9. In the Search results box, use the SHIFT key to select all users with a
company attribute set to Tailspin Toys, and then click OK.
10. In the Select Users, Contacts, Computers, or Groups dialog box, click
OK, and then in the Tailspin Toys Properties dialog box, click OK.

! To configure the new global address list

1. Switch to Exchange System Manager, and then, in the console tree, browse
to Recipients\All Global Address Lists.
2. Right-click All Global Address Lists, point to New, and then click Global
Address List.
3. In the Create Exchange Address List dialog box, type Tailspin Toys and
then click Filter Rules.
4. In the Find Exchange Recipients dialog box, in the Find box, click Users,
Contacts, and Groups.
5. In the Find Users, Contacts, and Groups dialog box, click the Advanced
tab.
6. On the Advanced tab, click Field, point to User, and then click Company.
a. In the Condition box, click Is (exactly).
b. In the Value box, type Tailspin Toys and then click Add.
c. Click Find Now to verify that the Tailspin Toys users are identified.
 Module 6: Managing Address Lists 21

7. In the Find Users, Contacts, and Groups dialog box, click OK.
8. In the Create Exchange Address List dialog box, click Finish.

! To verify which address list is displayed

1. On 2400_Acapulco-Virtual PC, click Start, and then click E-Mail
Microsoft Outlook.
2. In the User Name dialog box, click OK.
3. In Outlook, on the toolbar, click Address Book.
4. In the Address Book dialog box, in the Show Names from the box, verify
that Global Address List is selected, and then use the company property for
users in the list to determine which GAL is being displayed.

Based on the names that appear, which GAL is being displayed? Why
is this list displayed?
The default GAL is displayed because users with the company
name of Tailspin Toys, as well as users with the company name of
Northwind Traders, are also displayed.
You are logged on as TailspinUser who is a member of the default
GAL and also a member of the Tailspin Toys GAL. Because the
default GAL is the largest address list, it is the one that is
displayed.

5. Close Outlook.

! To configure global address list permissions

1. Switch to 2400_London-Virtual PC.
2. In the details pane of All Global Address Lists, right-click Default Global
Address List and then click Properties.
3. In the Default Global Address List Properties dialog box, click the
Security tab.
4. On the Security tab, click Advanced.
5. In the Advanced Security Settings for Default Global Address List
dialog box, clear the check box so that permissions are no longer inherited
from parent objects, and then click Copy.
6. In the Advanced Security Settings for Default Global Address List
dialog box, click OK, and then click Yes twice to acknowledge the
warnings.
7. On the Security tab, click Add.
8. In the Select Users, Computers, or Groups dialog box, type Tailspin Toys
and then click OK.
9. In the Default Global Address List Properties dialog box, click Tailspin
Toys, and then for the Full control permission, click Deny. Click OK.
22 Module 6: Managing Address Lists

! To verify that the address list permissions are configured correctly

1. Switch to 2400_Acapulco-Virtual PC.
2. On 2400_Acapulco-Virtual PC, click Start and then click E-Mail
Microsoft Outlook.
3. In Outlook, on the toolbar, click Address Book.
4. In the Address Book dialog box, in the Show Names from the: box, verify
that Global Address List is selected.

Based on the names that appear, which global address list is being
displayed? (Hint: To help you determine which GAL is displayed, view
the Company field for the names listed.) Why is this list displayed?
The Tailspin Toys GAL is displayed because only users with the
company name of Tailspin Toys are displayed.
You are logged on as TailspinUser and are a member of the
Tailspin Toys security group. The Tailspin Toys security group
only has access to the Tailspin Toys GAL, which is the one that is
displayed.

5. Close Outlook.

Practice 2: Creating and In this practice, you will create a custom address list. Complete the following
configuring a custom steps:
address list
1. On 2400_London-Virtual PC, in the Exchange System Manager console
tree, browse to Recipients\All Address Lists\All Users, right-click All
Users, point to New, and then click Address List.
2. In the Create Exchange Address List dialog box, in the Address List
name box, type Building 3 Users and then click Filter Rules.
3. In the Find Exchange Recipients dialog box, click the Advanced tab.
4. On the Advanced tab, click Field, point to User, and then click Office
Location. In the Condition box, click Is (exactly). In the Value box, type
Building 3 and then click Add.
5. In the Find Exchange Recipients dialog box, click Find Now to verify that
the address list membership is defined correctly, and then click OK.
6. In the Create Exchange Address List dialog box, click Finish.
7. Verify that the Building 3 Users address list appears in the All Users
container.
8. Switch to 2400_Acapulco-Virtual PC and open Outlook.
9. In Outlook, on the toolbar, click Address Book.
10. In the Address Book dialog box, in the Show Names from the box, verify
that you can select the Building 3 Users address list and view membership.
 Module 6: Managing Address Lists 23

11. Close Outlook.

If your Outlook profile is configured to use locally cached data, what

would you need to do differently in order to view a new custom address
list?
You would need to update your local cache. Until the cache is
synchronized with the server, changes made to address lists will not
be available to the Outlook client.
24 Module 6: Managing Address Lists

How to Create an Offline Address List

*****************************ILLEGAL FOR NON-TRAINER USE******************************

When you install the first server that is running Exchange 2000 or later in an
organization, a default offline address list, based on the default GAL, is created
in the Offline Address Lists container. If you want to create a smaller offline
address list for all the users on the same mailbox store to download, then you
must create another offline address list.
To create an offline You must associate offline address lists that you create with mailbox stores so
address list that users with mailboxes on that store can download the address list and work
offline. The high-level steps to create an offline address list are as follows:
1. In Exchange System Manger, right-click the Offline Address Lists
container, point to New, and then click Offline Address List.
2. Specify a name for the offline address list.
3. Click Browse and select which Exchange server will store the list.
4. Specify which existing address lists will be included in the new offline
address list.

Detailed steps for creating an offline address list are included in the following
practice.
Practice: Creating an In this practice, you will create an offline address list that can be associated
offline address list with a mailbox store. Complete the following steps:
1. In Exchange System Manager, in the console tree, expand the Recipients
container.
2. In the console tree, right-click Offline Address Lists, point to New, and
then click Offline Address List.
3. In the New Object – Offline Address List dialog box, in the Offline
address list name box, type All Users and then click Browse.
4. In the Select Exchange Server dialog box, in the Enter the object name to
select box, type London and then click OK.
 Module 6: Managing Address Lists 25

5. In the New Object – Offline Address List dialog box, click Next.
6. In the next New Object – Offline Address List dialog box, click Add.
7. In the Select Address Lists dialog box, type All Users and then click OK.
8. In the New Object – Offline Address List dialog box, click Default
Global Address List, click Remove, click Tailspin Toys, click Remove,
and then click Next.
9. Read the warning that indicates that this new offline address list will not be
available to clients until the store maintenance period is complete. If you
have not changed your store maintenance schedule, the maintenance will
occur daily between 1:00 A.M. and 5:00 A.M. Click Next, and then click
Finish.
10. In the console tree, click Offline Address Lists. In the details pane, verify
that the All Users offline address list exists.

In step 9, you are warned that the offline address list will not be
available until your store maintenance period is complete. How can you
force the store maintenance to complete earlier? What would be the
impact of forcing store maintenance to complete earlier?
You can configure the store maintenance period on the server
property pages to use a custom schedule that causes maintenance
to begin earlier. This will impact server performance. You should
configure store maintenance to occur only during a company’s
non-business hours.
26 Module 6: Managing Address Lists

How to Customize Display Names

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Why customize display You customize display names to meet the specific needs of your organization.
names? For example, if you have a large Exchange organization, you may want the
names in the address list sorted by last name (surname). Exchange displays
address lists based on the Full Name field in Active Directory. By default, the
Full Name field contains recipient names in this order: First Initial Last (First
I. Last). Although you can change the Full Name field on a recipient object,
you can also change the default on the Exchange 2000 or later server.
To customize display You can change the way the Full Name field is generated by modifying the
names display specifier for a user or contact. The high-level steps for customizing
display names by using the Active Directory Service Interface (ADSI) Edit
Microsoft Management Console (MMC) snap-in are as follows:
1. Browse to the following location in the ADSI Edit snap-in:
Configuration Container, CN=Configuration…,
CN=DisplaySpecifiers, CN=409

Note 409 is the name of the local container for US-English. For more
information about locales, see the Table of Language Identifiers page of the
Microsoft Web site at http://msdn.microsoft.com/library/default.asp?url=/
library/en-us/intl/nls_238z.asp.

2. Modify the createDialog property of the user-Display or contact-Display

object to specify how the Full Name field is generated. For example, if you
want the Full Name to be Last, First, type the following entry for the value
of the createDialog property:
%<sn>, %<givenName>

Note The text added in the createDialog property is case sensitive.

 Module 6: Managing Address Lists 27

In this example, sn stands for Surname, which is the LDAP field name for
Last Name, and givenName (case sensitive) stands for Given Name, which
is the LDAP field name for First Name. Detailed steps for customizing
display names by using the ADSI Edit snap-in are included in the following
practice.

Note Changes to the way display names are generated only apply to new
recipient objects. Existing recipients are not modified and would require
scripting to automate updating existing recipient objects. If you plan to change
how display names are generated, you should perform the change early in your
Active Directory deployment.

Practice: Customizing In this practice, you will customize the way that Active Directory generates
display names by using display names.
the ADSI Edit snap-in
Important To perform the following practice you must have the Windows
Support Tools installed on the London computer. If you do not have the
Windows Support Tools installed, install them by running the file Suptools.msi
located in the c:\moc\2400\Practices\Mod01\Suprttools folder. The Windows
Support Tools were installed in the practice titled Practice: Installing Windows
Support Tools, in Module 1, “Installing and Upgrading to Exchange Server
2003,” of Course 2400, Implementing and Managing Exchange Server 2003.

Complete the following steps:

1. From the desktop, click Start, click Run, type ADSIEdit.msc and then
click OK.
2. In ADSI Edit, right-click ADSI Edit, and click Connect to.
3. In the Select a well known Naming Context box, click Configuration, and
then click OK.
4. In Console Root, expand ADSI Edit, expand
Configuration (london.nwtraders.msft), expand
CN=Configuration,DC=nwtraders,DC=msft, expand
CN=DisplaySpecifiers, and then click CN=409.
5. In the details pane, browse to CN=user-Display, right-click
CN=user-Display, and then click Properties.
6. In the CN=user-Display Properties dialog box, in the Attributes box,
click createDialog, and then click Edit. Then, in the Value box, type
%<givenName> %<sn> to cause Active Directory to automatically
generate the display name in the form first name last name for newly
created accounts. Note that there is a space between the first > and the
second %. Click OK.
7. In the CN=user-Display Properties dialog box, click Apply, and then click
OK.
8. Close ADSI Edit, and click Yes to save changes.
28 Module 6: Managing Address Lists

9. To verify that new user accounts are created with a default display name of
First name Last name, switch to Active Directory Users and Computers and
create a new account.

Does configuring this property have any effect on display names that
have already been generated? What should you do?
No. You should configure this property before creating any
accounts. If you configure this property after accounts are created,
your address lists will not display users consistently.
 Module 6: Managing Address Lists 29

What Is Recipient Update Service?

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Recipient Update Service is a service that builds and maintains address lists. It
runs as a thread of the System Attendant service. Recipient Update Service
polls Active Directory for updated recipient information on a predetermined
schedule, which is once a minute by default. If there are new recipients, new
address lists, or changes to the existing address lists, Recipient Update Service
updates the address lists. This ensures that you always have accurate address
list memberships that reflect all modifications that you have made.
Recipient Update Service also updates the e-mail addresses of recipients based
on the settings of recipient policies. Recipient policies can be used to add or
modify recipient e-mail addresses based on filter rules. By default, two
Recipient Update Service objects are created:
! Recipient Update Service (Enterprise Configuration). This object updates
the e-mail addresses of the objects that are in the configuration partition of
Active Directory, such as the Exchange Information Store object, the
message transfer agent (MTA) object, and the System Attendant object.
! Recipient Update Service (installation Active Directory domain). This
object is created for each Active Directory domain that has an installation of
Exchange 2000 or later. It updates e-mail addresses for recipient objects in
Active Directory, and it updates address lists based on changes in recipient
objects in that domain.

Note Recipient policies that modify e-mail addresses are applied to all
recipients based on the filter rules set on the policy. If there are any recipients
that match the filter rules that you do not want the e-mail address changes
applied to, you must clear the Automatically update e-mail addresses based
on recipient policy check box on the E-mail Addresses tab of the recipient
object before you apply the recipient policy.
30 Module 6: Managing Address Lists

How to Force Address Lists to Be Updated

*****************************ILLEGAL FOR NON-TRAINER USE******************************

You can manually update an address list instead of waiting for scheduled
updates to occur. The manual updating process incorporates the changes that
you have made to address list memberships since the last scheduled update.
You can force an address list to be updated by running Recipient Update
Service.
To run Recipient Update To run Recipient Update Service, you can perform an update operation or a
Service rebuild operation:
! Update operation. If you perform an update operation, proxy e-mail
addresses are generated immediately for all new users. This operation forces
address book membership to be recalculated for recently altered Exchange
recipients. Perform an update operation if you are running the Recipient
Update Service on a schedule, and you want to complete mailbox creation
before the next scheduled update runs.
! Rebuild operation. If you perform a rebuild operation, all proxy e-mail
addresses are recalculated and all address list memberships are verified.
Perform a rebuild operation if you make a change to organizational policy
on SMTP addressing (for example, if you change from a .com to a .net
location, or if you change the DNS domain name). A rebuild operation may
take several hours; it is recommended that you perform this operation only
during hours when the network is not busy.

To run an update or a The high-level steps for performing an update or rebuild operation are as
rebuild operation follows:
1. In the Exchange System Manager console tree, browse to
Recipients\Recipient Update Services.
2. In the details pane, right-click the Recipient Update Service instance that
you want to run, and then click either Update Now or Rebuild.

Detailed steps for forcing Recipient Update Service to update the GAL are
included in the following practice.
 Module 6: Managing Address Lists 31

Note For more information about forcing the GAL to be updated, search for
the article “HOW TO: Work with the Recipient Update Service in
Exchange 2000” on the Product Support Services page of the Microsoft Web
site at http://support.microsoft.com.

Practice: Forcing In this practice, you will force Recipient Update Service to run, which will
Recipient Update update the GAL with any recent changes.
Service to update the
GAL ! To force Recipient Update Service to update the GAL
1. In the Exchange System Manager console tree, browse to
Recipients\Recipient Update Services, and click Recipient Update Service.
2. In the details pane, right-click Recipient Update Service (NWTRADERS),
and then click Update Now.

If you do not force the Recipient Update Service to update the GAL,
when will the GAL be updated?
By default, the Recipient Update Service is configured to always
run. This means that it will run approximately every 15 minutes.

! To prepare for the next module

1. In 2400_Acapulco-Virtual PC, on the menu, click PC, and then click Shut
Down.
2. In the Shut Down dialog box, click Save PC state and keep changes,
verify that the Commit hard drive changes now check box is selected, and
then click OK.
3. In 2400_London-Virtual PC, on the menu, click PC, and then click Shut
Down.
4. In the Shut Down dialog box, click Save PC state and keep changes,
verify that the Commit hard drive changes now check box is selected, and
then click OK.
5. Restart 2400_London-Virtual PC.
32 Module 6: Managing Address Lists

Discussion: Managing Address Lists

*****************************ILLEGAL FOR NON-TRAINER USE******************************

Instructions Read the following three scenarios and then discuss possible solutions with the
class.
Scenario 1 You work at an ASP that hosts multiple companies. You are setting up a new
company that will be hosted on your Exchange servers. You must configure a
GAL for this new customer that only includes employees of that company.
What should you do?
To completely configure the new GAL for this customer, you must create a
new global address list for that company, configure permissions on the
GAL so that only users in the new company are allowed to access it, and
then configure a filter on the GAL that specifies that only users who are
employees of the new company are to be displayed in the GAL.
________________________________________________________________

________________________________________________________________

________________________________________________________________

________________________________________________________________

________________________________________________________________

________________________________________________________________
 Module 6: Managing Address Lists 33

Scenario 2 Your users have been complaining that it takes them a long time to find people
in their Outlook address book. Therefore, you must enable users to locate
message recipients in Outlook more quickly. You decide to create custom
address lists that correspond with the departments in your company. What steps
must you take to make this work?
To provide Outlook users address lists by department, you must first
create a custom address list in Exchange System Manager for each
department, and then you must specify a filter that includes the
department on each custom address list.
_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

Scenario 3 You are an administrator at Northwind Traders—a furniture import-export

company with multiple locations in Asia, Africa, Europe, South America, and
North America. When the Sales team members in your South American
division travel, they only need to communicate with people in the South
American and North American divisions, so you created an offline address list
that they can download and use while they are offline. What can you do to
make this list available to only the Sales team in your organization?
If you have configured all of your South American Sales users on the same
store or group of stores, associate the list with that store or group of stores.
If other users are on that same store and they require a different offline
address list, you must move them to a different store.
_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________

_______________________________________________________________
THIS PAGE INTENTIONALLY LEFT BLANK