Printout Header
RSS Feed

How to display all hidden Exchange recipients


We use the Active Directory attribute msExchHideFromAddressLists for this LDAP search, whose value is set to TRUE for hidden Exchange recipients. In Active Directory environments without Exchange mail servers, this attribute is not part of the directory schema. For the general explanation of LDAP searches read the SelfADSI chapter 'Searching LDAP objects in the directory'.

In addition to "normal" hidden recipients, there might be a number of hidden system folders in the public folder database (for free/busy information, offline address books and so on). We don't want these folders to be included in the search results - therefore we adjust the LDAP filter accordingly.


Finding all hidden recipients in the own domain


This script finds all the hidden Exchange recipients in the domain in which the current user is a member of:

ldapFilter = "(&(msExchHideFromAddressLists=TRUE)(!(objectClass=publicFolder)))" Set rootDSE = GetObject("LDAP://rootDSE") domainDN = rootDSE.Get("defaultNamingContext") Set ado = CreateObject("ADODB.Connection") ado.Provider = "ADSDSOObject" ado.Open "ADSearch" Set objectList = ado.Execute("<LDAP://" & domainDN & ">;" & ldapFilter & ";distinguishedName,mail;subtree") While Not objectList.EOF recipientDN = objectList.Fields("distinguishedName") recipientMail = objectList.Fields("mail") WScript.Echo recipientDN & ";" & recipientMail objectList.MoveNext Wend

Finding all hidden recipients in any domain / OU


This script finds all hidden Exchange recipients in the specified domain or OU. Use the suitable LDAP path for your desired domain or container. You could set also other credentials for the search (username and password specified):

searchDN = "DC=example,DC=com" 'insert your own search base container or domain name serverName = "192.168.0.66" 'insert your own DC's name or address userName = InputBox("Enter user name","Credentials") 'you could also just use a static username instead, like "EXAMPLE\userXYZ" password = InputBox("Enter password","Credentials") 'you could also just use a static password instead, like "P@ssw0rd" ldapFilter = "(&(msExchHideFromAddressLists=TRUE)(!(objectClass=publicFolder)))" Set ado = CreateObject("ADODB.Connection") ado.Provider = "ADSDSOObject" ado.Properties("User ID") = userName ado.Properties("Password") = password ado.Properties("Encrypt Password") = True ado.Open "ADSearch" Set objectList = ado.Execute("<LDAP://" & serverName & "/" & searchDN & ">;" & ldapFilter & ";distinguishedName,mail;subtree") While Not objectList.EOF recipientDN = objectList.Fields("distinguishedName") recipientMail = objectList.Fields("mail") WScript.Echo recipientDN & ";" & recipientMail objectList.MoveNext Wend

Finding all hidden recipients in the own entire forest


This script finds all hidden Exchange recipients in the Active Directory forest, in which the current user is a member:
ldapFilter = "(&(msExchHideFromAddressLists=TRUE)(!(objectClass=publicFolder)))" Set aoi = CreateObject("ADSystemInfo") 'evaluate global catalog search base gcBase = aoi.ForestDNSName Set ado = CreateObject("ADODB.Connection") ado.Provider = "ADSDSOObject" ado.Open "ADSearch" Set objectList = ado.Execute("<GC://" & gcBase & ">;" & ldapFilter & ";distinguishedName,mail;subtree") While Not objectList.EOF recipientDN = objectList.Fields("distinguishedName") recipientMail = objectList.Fields("mail") WScript.Echo recipientDN & ";" & recipientMail objectList.MoveNext Wend