Hello all,
I'm trying to hide Contact objects from the GAL by setting the msExchHideFromAddressLists and ShowinAddressBook attributes, and I'm having a bit of trouble. My code performs a domain search and then attempts to set these 2 attributes on the objects it finds, but this code is not working:
cls
#SET THE QUERY YOU WANT HERE
$SearchFilter = "(&(objectcategory=person)(!useraccountcontrol:1.2.840.113556.1.4.803:=2))"
$SearchDomain = New-Object system.DirectoryServices.DirectoryEntry("LDAP://ou=the shire,ou=middle earth,dc=domain,dc=net")
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.SearchRoot = $SearchDomain
$Searcher.PageSize = 1000
$Searcher.Filter = $SearchFilter
$Searcher.SearchScope = "Subtree"
#SETTING THE PROPERTIES WE WANT RETURNED FOR EACH GROUP.
$PropertyList = "distinguishedname" > $null
foreach ($i in $PropertyList){$Searcher.PropertiesToLoad.Add($i)}
#FINDING ALL THE GROUPS THAT MEET THE $SearchFilter CRITERIA
"Getting search results... Please wait..."
$Results = $Searcher.FindAll()
#LISTING THE RESULTS. IF YOU ARE USING THE $DN -NOTLIKE FILTER HERE, THE $TOTAL VARIABLE
#WILL STILL BE LISTING THE TOTAL NUMBER OF GROUPS FOR THE BASIC SEARCH ABOVE, NOT THE MORE
#GRANULAR SEARCH YOU ARE PERFORMING BELOW.
ForEach($Result in $Results){
[string]$DN = $Result.Properties.distinguishedname
get-adobject $DN -pr msexchhidefromaddresslists, showinaddressbook | select name, msexchhidefromaddresslists, showinaddressbook
set-adobject $DN -replace @{msexchhidefromaddresslists="$true"} -WhatIf
set-adobject $DN -replace @{showinaddressbook="$null"} -whatif
}Running this code gives me a "set-adobject: The parameter is incorrect" error on the line where I set the "msExchHideFromAddressLists" attribute.
Running this code gives me a "set-adobject: replace" error on the line where I set the "ShowinAddressBook" attribute.
How can I set these 2 attributes using PowerShell?