MsExchHideFromAdderessLists and HideFromAddressLists are essentially the same attribute, however synchronizing can be interrupted for the reasons I just mentioned and the user remains in the GAL despite being disabled and move to a disabled OU. What I've noticed is that, depending on how synchronization is happening, where exchange is located, and how fast the m365 license is removed determines whether or not a user gets properly removed from the GAL. It should sync back to active directory from exchange online with bidirectional sync. If you are synchronizing in both directions then really you should just use exchange online and set the attribute HideFromAddressLists to true for the user. Once you do this it should remove them from the GAL, provided they have an active m365 and the user is still inside of a synchronizing OU. You'll also need to populate the mailNickName with the user's email address and set the other attribute to true. If you can't see that first attribute, you might need to extend your schema. Ah yes, something I have done many a times.Īssuming you are set up as a hybrid synchronizing from active directory to azure active directory, you will need to find the attributes msExchHideFromAdderessLists and mailNickname in active directory.
0 kommentar(er)
