Objects Found in the Exchange 2010 GAL

I often say that being good at computing means being aware of subtle difference in Microsoft names.  Exchange 2010's mail objects is a case in point. 

Pay careful attention to the difference between a mailbox enabled user and a mail-enabled user; a security group and a distribution group.  Here is a list of the objects which you find the Global Address List.

• Mailbox enabled accounts.  Regular users with MAPI mailboxes Active Directory accounts.
• Mail-enabled users.  Contractors who have an Active Directory logon but no mailbox.  (No mailbox in your Exchange Organization.)
• Contacts.  Suppliers, customers, people with email address outside your organization.  No Active Directory account.  Thankfully, contacts have a different symbol in the GAL.
• Distribution groups. These can be Global or Universal Groups, but they are designed for email rather than security.  These are sometimes referred to as DLs - Distribution lists instead of distribution groups.  Pay attention to detail and examine the Members and MemberOf tabs.
• Query-based distribution groups.  Well worth setting up.  Again, note the different symbol from other groups.  Incidentally, I wish Microsoft would use different colors for different scopes of group. Say, Red for Universal and Green for Local Groups.
• Mail-enabled groups.  Security groups that have mailboxes.  Guy says that unless you have a good reason, favour the classic Distribution group and avoid Mail Enabled Security Groups.
• Public Folders.  Mail-enabled public folders if your users need an easy way to post.

How the Exchange 2010 GAL Works

All the address information is held by Active Directory.  To the left of the @ is the username, to the right of the @, the email domain name.  In fact, I think of the GAL as merely a fancy LDAP query which produces a list of addresses, for example guyt @ cp.com.  The final piece of the address jigsaw is RUS (Recipient Update Service.  RUS is the engine which generates and updates the email addresses that you see in the GAL.

If the GAL is slow to update, then look to the Global Catalog servers.  Make sure that there is Windows 2010 Global Catalog server near the Exchange 2010 server.  As you may know, the Global Catalog replicates a sub-set of all the user's properties, including Exchange features such as email address.  So if Exchange has access to a local Global Catalog server, then its GAL will be up-to-date.

Clients

Potentially, any client who can query Active Directory can access the GAL.  However, you can control who sees which list through read permission on the security tab found on the lists.

Summary - Exchange 2010 Global Address List (GAL)

It's only natural that Outlook users try and find each others email addresses in the GAL.  But why would an administrator need to configure Exchange 2010's GAL?  The most likely answers are: control how the names are displayed in the Global Address List, and possible the need for custom lists.