Forum Discussion
Hide User from Skype for Business Online GAL - Possible?
Loryan Strant Thank you for the response. it was just a scenario based question to make the point though. There are different scenarios we want to make sure we can use it for. The presence privacy mode option might work for what we are looking for.
Well for my organization we have users that leave that we would not like listed in the GAL.
Within AD you can hide the account through "Attribute Editor" search for "msExchHideFromAddressLists" change the Value to "True" this would remove the user from the GAL and SFB. :)
But your way is also a right way.
Damone PierreSetting the "msExchHideFromAddressLists" attribute is also how we choose to hide users from the GAL. However, we use AAD Connect to sync AD to Office 365 and I have found that setting this attribute only hides contacts in Outlook. If users search for the 'hidden' user in S4B or while logged into Office 365, the 'hidden' accounts are still visible.
The 'hidden' accounts are converted to shared mailboxes so that old email can still be accessed so the option of configuring an OU that does not sync to the tenant is not an option for us. I am doing some more testing around this and will report back anything useful.
I'm interested in any solutions to this issue. Same thing going on here.
Hi Bruce,
I found some suggestion that this may be due to having disabled the AD accounts prior to setting the "msExchHideFromAddressLists" attribute. I tested reversing that order but it made no difference, the 'hidden' accounts are still visible when searching via Skype or Outlook web.
Still needing a solution to this on our end so I'll update this if I find anything.
Regards,
I finally found a solution to this issue so hopefully this will assist others. Overview of our environment:
- Email in Office 365 tenant (migrated from on prem Exchange 2010)
- Setting the AD attribute 'msExchHideFromAddressList' to TRUE resulted in the mailbox being hidden from the GAL when using Outlook client but NOT when viewed in Web mail or Skype
- Requirement was to keep shared mailboxes in Office 365 (eg: could not simply stop synchronizing these users) for archive purposes but prevent those mailboxes from appearing when searching the GAL
I ended up doing some 'stare and compare' between users that were successfully hidden from the GAL everywhere and those that were not, it quickly became apparent the accounts that were originally created in Exchange and migrated to 365 were the accounts successfully being hidden from the GAL. I compared all AD attributes between a couple of accounts and found the users created after the migration did not have the 'mailNickname' attribute set - this is due to the fact you can make an account work on the Office 365 tenant by simply setting the 'proxyAddresses' attribute which is how all newer mailboxes had been commissioned.
Confirmed after manually setting the 'mailNickname' attribute and doing "start-adsyncsynccylce -Policytype Initial" the mailboxes were hidden from the GAL across the board.
