I have some user account without email address in my active directory I , for example admins users, service users and so on.
I found them in the Global address list of Exchange 2013, how can I remove them? I want to leave only users with email address.
This is my current settings checked with Get-GlobalAddressList command (I think this is the default):
RecipientFilter : ((Alias -ne $null) -and (((((((((((ObjectClass -eq 'user') -or (ObjectClass -eq 'contact'))) -or (ObjectClass -eq 'msExchSystemMailbox'))) -or (ObjectClass -eq 'msExchDynamicDistributionList'))) -or (ObjectClass -eq 'group'))) -or (ObjectClass -eq'publicFolder'))))
LdapRecipientFilter : (&(mailNickname=*)(|(objectClass=user)(objectClass=contact)(objectClass=msExchSystemMailbox)(objectClass=msExchDynamicDistributionList)(objectClass=group)(objectClass=publicFolder)))
LastUpdatedRecipientFilter : ((Alias -ne $null) -and (((((((((((ObjectClass -eq 'user') -or (ObjectClass -eq 'contact'))) -or (ObjectClass -eq 'msExchSystemMailbox'))) -or (ObjectClass -eq 'msExchDynamicDistributionList'))) -or (ObjectClass -eq 'group'))) -or (ObjectClass -eq 'publicFolder'))))
Best Answer
Normally an user without Exchange attributes should not come up in the GAL (it also wouldn´t make sense to show them here). So there are multiple options:
1.) If the user is a exchange user you can simply hide it from the GAL. There is an option in every AD object which you can set via the Exchange GUI (more infos here). Via that way you can exclude the users you do not wish to come up in the GAL.
2.) I have seen that some admins copy AD objects and then perform some "hacks" in order to remove the propperies they do not need. Thats not a good option if the user is Exchange mail enabled as for example the following propperties showInAddressBook, msExchHideFromAddressLists, msExchHomeServerName, msExchUserAccountControl might not be removed, which therefore might cause such issues you experience as the system still discover them as valid Exchange users. So if those accounts are copies by hand, make sure that the accounts do not have Exchange attributes.
3.) Per out of the box the GAL filter is (taken from Exchange 2016):
That means only users which have an Exchange mailbox are added to the GAL. However in your environment it might mean the default GAL was adjusted or you are using an additional created GAL with a different setup. You should check the filter here and make sure that it is correct and is excluding the users which aren´t supposed to be in the GAL.