How to Hide a Shared Mailbox from the Global Address List in a Hybrid Exchange Setup?

0
18
Asked By TechSavvyNinja87 On

I have a hybrid setup with on-prem Active Directory and Exchange Online. Recently, a user left the company, and I converted their mailbox into a shared mailbox and delegated access to another user. I disabled the original user account and changed the mailbox address to [email protected]. I also set up a transport rule to reject incoming emails. Everything's working fine, but the problem is that this shared mailbox is still visible in the Global Address List (GAL). When I try to hide it from the address lists in Exchange Online, it says the object is managed on-premises. I went into the on-prem AD and set the msExchHideFromAddressLists attribute to TRUE, and then I ran both a delta sync and a full sync using Entra Connect. However, when I check in Exchange Online PowerShell, the mailbox still indicates that it's not hidden from the address lists. I've read that others have faced this issue, too. How can I ensure this mailbox is hidden in the GAL when the settings seem correct on-prem?

5 Answers

Answered By CloudWhisperer99 On

You might want to try changing the hide flag directly in the Exchange Admin Center for Exchange Online instead of just relying on the on-prem AD. It sounds like your Entra Connect isn't mapping that particular attribute correctly. It's worth checking on that.

AdminGuru007 -

Yeah, I think that missing attribute could definitely be the issue. Also, don’t forget that some clients can take a while before they reflect changes in the GAL, so it’s best to wait at least 24 hours after setting everything up.

Answered By FieldTechFan On

I remember a similar issue where the hide flag wasn’t syncing to Exchange Online unless another field in AD was filled. If I recall correctly, it was something like the mailNickname field—make sure that’s populated properly.

Answered By MailboxWhiz On

One strategy that worked for me in the past was to add a license back to the account, hide it from the GAL on-prem, and after it disappears, you can remove the license again. This has cleared some visibility issues before.

Answered By SyncExpert21 On

If you’re seeing that the `HiddenFromAddressListsEnabled` status isn't changing after a full sync, it might be that the hide flag isn’t being processed correctly in Exchange. A couple of things you can do: try setting this via on-prem Exchange tools instead of just raw AD attributes. Alternatively, temporarily set the mailbox to cloud-managed with `Set-Mailbox -IsExchangeCloudManaged $true`, hide it in Exchange Online, and revert later if needed.

Answered By OnPremMaster On

I usually go straight into the on-prem Exchange Admin Center. You can either check the hide option there or run this command: `Set-Mailbox -HiddenFromAddressListsEnabled $true`. If it helps, you might change the SoA for the account temporarily, hide it, and then switch it back just to see if that triggers the change.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.