Hi, There, just try to follow the steps. Hope its helpful to you. Add the User Principal Name Suffix of the Hosted Company Configure your Microsoft Active Directory directory service domain with the user principal name (UPN) suffix of the company that you want to host in Exchange. To do so, follow these steps: 1.. On a domain controller, start Active Directory Domains and Trusts. 2.. Right-click Active Directory Domains and Trusts, and then click Properties. 3.. In the Alternative UPN suffixes box, type the UPN suffix of the hosted company. For example, type contoso.com . 4.. Click Add, and then click OK. 5.. Quit Active Directory Domains and Trusts. Remove Existing Default Address Lists Remove the existing default address lists from your Exchange server. To do so, follow these steps: 1.. Start Exchange System Manager. 2.. Under your organization, expand Recipients, and then click All Address Lists. 3.. In the right pane, right-click the address list, click Delete, and then click Yes to confirm the removal of the default address list that is installed by Exchange. 4.. Quit Exchange System Manager. Create an Organizational Unit for the Hosted Company Create a new organizational unit where you can store the users from the hosted company. To do so, follow these steps: 1.. On a domain controller, start Active Directory Users and Computers. 2.. Right-click your domain, point to New, and then click Organizational Unit. Note You do not have to create this organizational unit directly under the domain container. You can also create this organizational unit inside another organizational unit. 3.. In the Name box, type the name of the company that you want to host in Exchange. For example, type Contoso . Click OK. 4.. In this new organizational unit ( Contoso ), create new accounts for the users of the hosted company or move the user accounts from another location to this organizational unit. Note Make sure that the User logon name value uses the UPN suffix for the hosted company. For example, make sure that you select @ contoso.com in the list that is next to the User logon name box. Additionally, when you create the Exchange mailbox for each user, select the mailbox store that is specific to the hosted company if you want to host the company mailboxes in a separate mailbox store. 5.. Configure the extensionAttribute10 attribute value for each user account. To do so, follow these steps: 1.. Right-click a user account, and then click Properties. 2.. Click the Exchange Advanced tab, and then click Custom Attributes. Note If the Exchange Advanced tab does not appear, click Cancel, and then click Advanced Features on the View menu in Active Directory Users and Computers. 3.. In the Attribute list, click extensionAttribute10, and then click Edit. 4.. In the extensionAttribute10 box, type test , and then click OK. 5.. Click OK, and then click OK. 6.. Right-click the organizational unit (for example, right-click Contoso ), point to New, and then click Group. 7.. In the Group name box, type a descriptive name for this group. For example, type contoso-DG . 8.. Under Group scope, click Global, click Distribution under Group type, and then click Next. 9.. Click to select the Create an Exchange e-mail address check box, click Next, and then click Finish. 10.. Configure the extensionAttribute10 value for the distribution group. To do so, follow these steps: 1.. Right-click distribution group, and then click Properties. 2.. Click the Exchange Advanced tab, and then click Custom Attributes. 3.. In the Attribute list, click extensionAttribute10, and then click Edit. 4.. In the extensionAttribute10 box, type test , and then click OK. 5.. Click OK, and then click OK. 11.. Add the hosted company's users to the new global distribution group. 12.. Right-click the organizational unit, point to New, and then click Group. 13.. In the Group name box, type a descriptive name for this group. For example, type Allusers@contoso . 14.. Under Group scope, click Global, click Security under Group type, and then click Next. 15.. Click Next, and then click Finish. 16.. Add the hosted company's users together with the distribution group to the new global security group. Note The Microsoft Windows 2000-based domain must be running in native mode to add the distribution group to the security group. Create a Recipient Policy for the Hosted Company Create a new recipient policy that is based on the extensionAttribute value of the members of the hosted company. To do so, follow these steps: 1.. On the Exchange server, start Exchange System Manager. 2.. Under your organization, expand Recipients, right-click Recipient Policies, point to New, and then click Recipient Policy. 3.. Click to select the E-Mail Addresses check box, and then click OK. 4.. In the Name box, type a descriptive name for this policy. For example, type All Contoso Recipients . 5.. Click Modify, click Custom Search in the Find list, and then click the Advanced tab. 6.. Type the following LDAP query in the Enter LDAP query box, and then click Find Now: (&(mailnickname=*)(extensionattribute10= test )) Make sure that the hosted company's users together with the distribution group are returned. 7.. Click OK, and then click OK. 8.. Click the E-Mail Addresses (Policy) tab, and then click New. 9.. Click SMTP Address, and then click OK. 10.. In the Address box, type the hosted company's UPN. For example, type @ contoso.com . 11.. Click OK. 12.. In the Generation rules list, click to select the check box of the hosted company's Simple Mail Transfer Protocol (SMTP) address, and then click Set as Primary. The hosted company's SMTP address is bold. 13.. Click to clear the check box of the default SMTP address. For example, click to clear the @ example.com SMTP address (where example.com is your domain). 14.. Click OK. 15.. In the right pane, right-click the new recipient policy that you created, click Apply this policy now, and then click Yes to confirm that the policy is applied. Create a Global Address List for the Hosted Company Configure a new Global Address List for the users from the hosted company. To do so, follow these steps: 1.. In Exchange System Manager, expand Recipients, right-click All Global Address Lists, point to New, and then click Global Address List. 2.. In the Address List name box, type the name of the hosted company, and then click Filter Rules. 3.. In the Find list, click Custom Search, click the Advanced tab, type the following LDAP query in the Enter LDAP query box, and then click Find Now: (&(mailnickname=*)(extensionattribute10= test )) 4.. Click OK, and then click Finish. 5.. Right-click the new Global Address List that you created, and then click Properties. 6.. Click the Security tab, click to clear the Allow inheritable permissions from parent to propagate to this object check box, and then click Copy when you are prompted. 7.. In the Name list, click Authenticated Users, and then click Remove. 8.. In the Name list, click Everyone, and then click Remove. 9.. Click Add, and then add the Allusers@contoso security group that you created in steps 12 through 15 of the "Create an Organizational Unit for the Hosted Company" section of this article. 10.. Assign the Allusers@contoso security group the following Allow permissions in the Permissions list: Read Execute Read permissions List contents Read properties List object Open Address List Click to clear all other check boxes that are in the Allow column for the Allusers@contoso security group. Note You cannot remove the check mark from the Write check box until you click to clear the Write properties check box. 11.. Click Apply, click Yes in the message dialog box that states that Deny entries take priority over Allow entries, and then click OK. Create an Address List for the Hosted Company Create a new address list for the users from the hosted company. To do so, follow these steps: 1.. In Exchange System Manager, expand Recipients, right-click All Address Lists, point to New, and then click Address List. 2.. In the Address List name box, type the name of the hosted company (for example, type Contoso AL ), and then click Filter Rules. 3.. In the Find list, click Custom Search, click the Advanced tab, type the following LDAP query in the Enter LDAP query box, and then click Find Now: (&(mailnickname=*)(extensionattribute10= test )) 4.. Click OK, and then click Finish. Create an Offline Address List for the Hosted Company Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. Create a new offline address list for the users from the hosted company. To do so, follow these steps: 1.. In Exchange System Manager, expand Recipients, and then click Offline Address Lists. 2.. In the right pane, right-click Default Offline Address List, click Delete, and then click Yes to confirm the removal of the default offline address list. 3.. In the left pane, right-click Offline Address Lists, point to New, and then click Offline Address List. 4.. In the Offline address list name box, type the name of the hosted company (for example, type Contoso AL ). 5.. Click Browse, and then click your LDAP server. For example, locate a domain controller (global catalog server), and then click OK. 6.. Click Next. 7.. In the Select which Address Lists to include in this Offline Address List list, remove all address lists except the Contoso address list that you created. To do this, click an address list, and then click Remove. 8.. Click Next, click Next on the page that describes when the offline address list will be created, and then click Finish. 9.. Right-click the new offline address list, and then click Properties. 10.. Click the Security tab. If the security tab does not appear, edit the Windows registry to make this tab appear. To do so, follow these steps: 1.. Click Start, click Run, type regedt32 , and then click OK. 2.. Locate and then click the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin 3.. On the Edit menu, click Add Value. 4.. In the Value Name box, type ShowSecurityPage . 5.. In the Data Type list, click REG_DWORD, and then click OK. 6.. In the Data box, type 1 (one), and then click OK. 7.. Quit Registry Editor. Note This registry change is effective immediately. You do not have to restart the computer. 10.. Click to clear the Allow inheritable permissions from parent to propagate to this object check box, and then click Copy when you are prompted. 11.. In the Name list, click Authenticated Users, and then click Remove. 12.. In the Name list, click Everyone, and then click Remove. 13.. Click Add, and then add the Allusers@contoso security group that you created in steps 12 through 15 of the "Configure an Organizational Unit for the Hosted Company" section of this article. 14.. Assign the Allusers@contoso security group the following Allow permissions in the Permissions list: Dominic@india,mumbai ----- Original Message ----- From: "Mustafa Cicek" <mbcicek@xxxxxxxxx> To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx> Sent: Monday, January 24, 2005 1:36 AM Subject: [exchangelist] Re: Isolating of two different GALs? > http://www.MSExchange.org/ > > Hi Dominic! > Thanks for your response. > > Ist it really necessary to delete Default Global Address List? > > The most important thing to set security options. You wrote in 9. that I > should change permissions on All Address Lists. But which securoty > settings should has this container? Don't I need change security settings > also on each Global Address List container? > > Please more detailed information. You know it is critical to "play" with > permissions on Exchange 2003. > > Best Regards > Mustafa > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSEXchange.org Discussion List as: emaildominic@xxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Report abuse to listadmin@xxxxxxxxxxxxxx >