Hey, Scripting Guy! How can I configure the Hide From Exchange Address Lists property for all the contacts in a domain?
— MM
Hey, MM. You know what the say: you can run, but you can’t hide (especially from Microsoft Exchange!). But what they forgot to add is that you can hide, as long as you’ve set the value of the MSExchHideFromAddressLists attribute to True.
But you already knew that, didn’t you? What you really wanted to know was how you can configure this attribute for each and every contact in your domain, wasn’t it? Well, that’s easy; you just use a script like this one:
On Error Resume NextConst ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject(“ADODB.Connection”) Set objCommand = CreateObject(“ADODB.Command”) objConnection.Provider = “ADsDSOObject” objConnection.Open “Active Directory Provider” Set objCommand.ActiveConnection = objConnection
objCommand.Properties(“Page Size”) = 1000 objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE
objCommand.CommandText = _ “SELECT ADsPath FROM ‘LDAP://dc=fabrikam,dc=com’ WHERE objectClass=’contact'” Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst Do Until objRecordSet.EOF strContactPath = objRecordSet.Fields(“ADsPath”).Value Set objContact = GetObject(strContactPath) objContact.MSExchHideFromAddressLists = TRUE objContact.SetInfo objRecordSet.MoveNext Loop
If you look closely at the code (and we always hope that you do look closely at the code and don’t just take our word for it), you’ll see that this is an example of an Active Directory search script. As usual, we won’t take the time to explain each and every line of code here; if you need some background information on searching Active Directory, we recommend you take a look at our two-part series, Dude, Where’s My Printer? For now we’ll merely note that this is the query we use to retrieve a list of all the contacts in the domain:
objCommand.CommandText = _ “SELECT ADsPath FROM ‘LDAP://dc=fabrikam,dc=com’ WHERE objectClass=’contact'”
Yes, very simple: all we do is request all the items in Active Directory where the objectClass attribute is equal to contact.
Of course, then the question becomes this: once we have a collection of all the contacts what the heck do we do with it?
Well, as you probably know, Active Directory search scripts are read-only: although we can use queries to retrieve data from Active Directory we can’t write any sort of Update query that can go out and modify that data. Instead, what we need to do is individually bind to each contact and change the value of the MSExchHideFromAddressLists attribute.
Don’t worry; it’s not as hard as it sounds. (We’ve already done the hard part, retrieving a list of all the contacts in the domain.) To begin with, we set up a Do Until loop that will walk us through our recordset, contact-by-contact (the EOF, of course, is short for end of file, meaning this loop will keep running until we run out of records):
Do Until objRecordSet.EOF
For each contact we grab the value of the ADsPath attribute and then use the GetObject method to bind to the contact account in Active Directory. That’s what we do here:
strContactPath = objRecordSet.Fields(“ADsPath”).Value Set objContact = GetObject(strContactPath)
The ADsPath attribute, of course, looks something like this:
LDAP://cn=Ken Myer, ou=Finance, dc=fabrikam, dc=com
That’s why you don’t see us reference the LDAP provider when we call GetObject: we don’t need to reference the provider because it’s included in the ADsPath.
After binding to the contact account we set the MSExchHideFromAddressLists attribute to True, then call the SetInfo method to write the updated information to Active Directory:
objContact.MSExchHideFromAddressLists = TRUE objContact.SetInfo
Don’t leave out the SetInfo method: if you do, the changes you make will not be saved to the contact account in Active Directory. And don’t leave out this line of code, either:
objRecordSet.MoveNext
This is the cue for the script to move from one record in the collection to the next. If you leave this out, your script will continue working with the first record in the collection from now until the end of time. (Which, in some ways, would be kind of cool, but not exactly what you had in mind.)
And that’s it: your contacts will now be hidden from the Exchange address lists. Now if only we could hide from email that easily ….
0 comments