AppRiver Technical GuidesAppRiver Microsoft Office 365Office 365 - AD Sync ArticlesHide AD Synced Contacts from the GAL in O365 when msExchHideFromAddressLists is missing

Hide AD Synced Contacts from the GAL in O365 when msExchHideFromAddressLists is missing

This article walks through a way to hide contacts that are synced with AD from the GAL in O365. NOTE: This method is not required if the AD Schema has been extended to include the msExchHideFromAddressLists attribute.

1. On the server where Azure AD Connect is installed open the Synchronization Rules Editor. You can find the Synchronization Rules Editor by clicking Start then typing "Sync".

2. In the Synchronization Rules Editor window select the "In from AD - Contact join" rule then click Edit. In the Edit Reserved Rule Confirmation window click Yes to disable the current rule and create an editable copy.

3. In the Edit inbound synchronization rule window enter a number between 50 and 99 in the Precedence field then click the Transformations button.

4. In the Transformations section click Add transformation to add a new transformation. Next, under FlowType choose Expression from the drop down menu. Under Target Attribute select msExchHideFromAddressLists from the drop down menu. In the Source column enter the following value exactly as shown below (we recommend using copy and paste). Once all values are entered click Save. In the Expression Warning window click Yes.

IIF(IsPresent([msExchAssistantName]),IIF([msExchAssistantName]="HideFromGAL",True,False),NULL)

5. In the Warning window click OK then close the Synchronization Rules Editor window.

6. Next, we need to force a synchronization through Windows Powershell. To do this click Start then enter the word Powershell. Once Windows Powershell is shown in the search results right-click Windows Powershell then click Run as administrator.

7. In the Powershell window enter the following command then press enter to force an AD Synchronization. Once you see the Success result you can close the Powershell window.

Start-ADSyncSyncCycle -PolicyType Initial

8. Next we need to confirm you can see required attributes in Active Directory Users and Computers. To do this open Active Directory Users and Computers then click the View tab and verify Advanced Features is selected.

9. In Active Directory Users and Computers find a contact you would like to hide from the GAL then right click it and choose Properties.

10. In the Properties window click the Attribute Editor tab then find the msExchAssistantName attribute. To hide the contact from the GAL in O365 edit the msExchAssistantName attribute then enter HideFromGAL as the value then click OK. Note: HideFromGAL is case sensitive and it contains no spaces. Once you've entered the value click OK, Apply, then OK again.

NOTE: If you need to unhide a contact that was hidden using this method simply modify the msExchAssistantName attribute again then click Clear to remove the value.

11. Lastly, you'll need to force an AD Synchronization again to push the new changes to O365. To do this open Powershell, as described in step 6, then enter the following command and press enter.

Start-ADSyncSyncCycle -PolicyType Delta

Congratulations!!! You've successfully hidden an AD synced contact from the O365 GAL. Note: it can take up to 48 hours for changes to appear in the O365 GAL. You can verify a contact has been successfully hidden by navigating to the Exchange Admin Center then click Recipients > Contacts > double-click the contact in question > here you can confirm if "Hide From Address Lists" is checked or unchecked.