Partition address book by Organizational unit

I happen to run across this rather unknown setting the other day while working with a customer and thought it was interesting. I'm not sure why anyone would use it, but thought I'd share the information because I'm sure someone out there has a need to do this. Say you wanted to limit your user's ability to search the address book and only allow it to return users and groups that are in the same OU as the user. You didn't want them to be able to search for anyone else. They can still IM other users, they just can't search for them. Well, there is a setting to do that. In order to do it you need to make the change in WMI. So, we have to do the following:

1. Click 'Start' -> 'Run' and type 'WBEMTEST'

2. Click 'Connect'

3. Under 'Namespace' type 'root\cimv2' and click 'Connect'

4. Click 'Enum Classes'

5. Click 'Recursive' and then 'OK'

6. Locate MSFT_SIPAddressBookSetting and double-click it

7. Click 'Instances'

8. Double-click the instance

9. Under 'Properties' find 'PartitionOutputByOU' and click 'Edit Property'

10. The default value is FALSE, change this to TRUE

11. Click 'Save Property'

12. Click 'Save Object'

13. Click 'Close'

14. Click 'Save Object'

15. Click 'Close'

16. Click 'Exit'

Now you need to restart the services. What you will see is in the output location for the Address Book files there will be new folders created that correspond to the OU structure in AD. Each of these folders will have their own set of LSABS and DABS files in them. When users logon to OCS, they will get the address book files that correspond to the OU to which their user account belongs.