Monday, January 23, 2012

Hide from Address Book in Office 365

We are implementing more and more Office 365 infrastructures for our customers and we had some requests to hide users from Address Book. This should be an easy task, as stated in Microsoft as stated in this TechNet article http://technet.microsoft.com/en-us/exchangelabshelp/gg410928.

If you have an infrastructure where you have implemented ADFS when you run the command:

Set-Mailbox "Mailbox Name" -HiddenFromAddressListsEnabled $true

You will get an error like:

PS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Online Service s] Set-Mailbox "Mailbox Name" -HiddenFromAddressListsEnabled $true
The operation on mailbox "Mailbox Name" failed because it's out of the current user's write scope. The action 'Set-Mailbox', 'HiddenFromAddressListsEnabled', can't be performed on the object 'Mailbox Name' because the object is being synchronized from your on-premises organization. This action should be performed on th e object in your on-premises organization


If you have an local Exchange installation this task is easy, but if you don't you will notice quick that there is no place to step the required flag.

So, what is the solution? It’s simple, if you follow this procedure:

1. Download Exchange 2010 SP2 from Microsoft web site;
2. Extract it to a folder on a local machine running Windows 2008  (x64) or 2008 R2;
3. Run setup /prepareAD to extend your schema for Exchange 2010. It might be possible that you need to install some features in Windows to be able to run the setup;
4. Using ADSI Editor find the account that you need to hide and set to true the msExchHideFromAddressLists to true (see the picture);












5. Sync the local AD with Office 365.

If you want to revert the Hide from Address Book setting, you have to set the attribute to “Not set”