Community Pick: Many members of our community have endorsed this article.
Editor's Choice: This article has been selected by our editors as an exceptional contribution.

9 Steps to end OAB nightmares

I spent quite a bit of time testing this procedure in an Exchange 2007 SP3 on Windows 2008 lab (not SBS). So it should work for Exchange 2010 too. Take care when SBS or multiple CAS servers are involved. I have tried to include additional information for those 2 scenarios.

This procedure will help reset your OAB Virtual Directory back to it's default settings and permissions. It should also cause the Web Distribution of the OAB to start working, so then Outlook 2007/2010 clients can download it properly. If your public folders are available and you are doing PF distribution of the OAB then this procedure should cause the PF version of the OAB to be generated too.

Please try and be on the latest Service Packs for Windows and Exchange as this will solve lots of issues for you and is better for supportability.

If you find this article useful then please vote for it.

OAB Folder & Virtual Directory reset:


On the CAS server/s stop the Microsoft Exchange File Distribution Service. You can do this from the command prompt with 'net stop MSExchangeFDS'


Untick 'Enable Web-based Distribution' of OAB: From EMC-->Org-->Mailbox-->Offline Address Book-->double click on your Offline Address Book (normally called 'Default Offline Address Book')-->'Distribution' Tab-->Untick 'Enable Web-based Distribution' then press Apply. You can also do it from EMS with the command 'Get-OfflineAddressBook | Set-OfflineAddressBook -VirtualDirectories:$Null'. This should of resulted in the <Drive>:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB\<GUID> folder being removed from your CAS server/s


Open EMS and do "Get-OABVirtualDirectory | Remove-OABVirtualDirectory -confirm:$false". This will remove the OAB Virtual Directory from all of your CAS server/s. So use the -WebSiteName parameter if you have more than 1 CAS server and you only want to perform this reset on 1 server.


Delete/Rename the <Drive>:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB folder on the CAS server/s


Delete/rename the <Drive>:\Program Files\Microsoft\Exchange Server\ExchangeOAB folder on the OAB Generating server (usually a mailbox server).


Open EMS and do "New-OABVirtualDirectory -Server <CASServerName>". This will create the OAB Virtual Directory on the CAS server and will create the  <Drive>:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB folder on the CAS server too. Repeat this step for each of your CAS servers. If you only have one CAS server then you do not need the Server parameter. This will also set the InternalURL value of the OABVirtualDirectory to "http://<CASfqdn>/OAB" which is fine if you don't want to use SSL internally to download the OAB (this is the default Exchange setting). WARNING: SBS seems to default to HTTPs on the OAB VD because of the Bindings on the SBS Web Applications web site, so I suggest you use HTTPs, or if you really want to use HTTP then look at the Bindings and which HostNames will allow you to connect to the SBS Web Applications web site on port 80. on SBS use 'New-OABVirtualDirectory -WebSiteName "SBS  Web Applications"' To ensure the OAB VD is created under the correct web site.  


Open EMS and do 'Get-OfflineAddressBook | Set-OfflineAddressBook -VirtualDirectories "<CASServerName>\oab (default web site)"'. On a SBS server the (default web site) is normally (SBS Web Applications), so open IIS and confirm what the web site name is that contains your Exchange Virtual Directories and then use that value instead of (default web site) if you need to. You can do this step in EMC as you may find it easier, especially if you are running multiple CAS servers.


Open EMS and do "Get-OfflineAddressBook | Update-OfflineAddressBook". This will recreate and populate the <Drive>:\Program Files\Microsoft\Exchange Server\ExchangeOAB folder on the OAB Generating server (usually a mailbox server) and it will also share the folder out as ExchangeOAB.


On the CAS server/s start the Microsoft Exchange File Distribution Service. You can do this from the command prompt with "net start MSExchangeFDS". This will copy the <Drive>:\Program Files\Microsoft\Exchange Server\ExchangeOAB\<GUID> folder on the OAB Generating server to the  <Drive>:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB folder on the CAS server/s.
Recycle the MSExchangeAutodiscoverAppPool Application Pool in IIS, so autodiscover picks up the new OAB URLs. Then restart Outlook so it reads the new Autodiscover information about the OAB URLs and test Downloading the Offline Address Book from an internal Outlook 2007/2010 client and it should now work.

Additional Info:
If Outlook is hanging/stalling at OAB download then pay particular attention to step 6. If you have 'Require SSL' on your OAB VD then take it off and set the InternalURL value of the OABVirtualDirectory to http:// not https://. You can do this with this EMS command 'Get-OABVirtualDirectory | Set-OABVirtualDirectory -InternalURL:"http://<CAS Internal FQDN/OAB"' Once this has resolved the issue and you still want to use https then set both settings back.
By default OAB VD does not require SSL and Client Certificates = Ignore (Apart from in SBS where the default is to require SSL). If you require SSL then set the internalURL and externalURL values of the OABVirtualDirectory to contain "https://<valid resolvable name on cert>/OAB". The name on the cert should resolve to the internal IP address of your CAS server for internal users and it should resolve to the public IP of your CAS server for external users. Setup Split DNS if this is not the case because a lot of routers/firewalls will not allow internal traffic to come back in the external interface.
By default the Authentication mechanism on the OAB folder is Windows authentication and nothing else (apart from SBS08 which appears to use Basic and Windows). In IIS Manager under the OAB virtual directory Right click on Windows Authentication--> Advanced Settings and ensure that 'enable kernel-mode authentication' is NOT ticked.
There is no OAB folder in the install or Service Pack source and therefore no web.config file, so there should be no web.config file in the OAB folder, so remove or rename it if you are experiencing OAB download issues.
If you are using Outlook Anywhere, then don't forget to set an ExternalURL value on the OAB that matches your SSL certificate. e.g. 'Get-OABVirtualDirectory | Set-OABVirtualDirectory -ExternalURL  "https://<valid resolvable name on cert>/OAB"'
Disabling Web Distribution of the OAB, deletes the <GUID> subfolder from under the ClientAccess\OAB folder. Enabling it creates the <GUID> folder and sets the permissions on it for "Authenticated Users" = Read. It also assigns many other groups like "Exchange Servers" direct permissions on the <GUID> subfolder.
If you perform a Remove-OABVirtualDirectory then the offlineAddressBook will have no VirtualDirectories value and this must be re-assigned once the VD is recreated.
Test-OutlookWebServices does not appear to test the http://<CASfqdn>/OAB/<GUID>/oab.xml file, it just appears to contact the EWS service. Test-OutlookWebServices will even pass if there is no OAB VD on your CAS. So use Outlook's "Autoconfiguration Test" to see and contact the full OAB URL.
Failing 'Public Folder Distribution' methods of the OAB will not stop web distribution from happening i.e. if the PF store the OAB generating server is using is dismounted, the PF OAB will not get updated, but Web Distribution of the OAB will still happen.
Event Logging: by default Exchange doesn't log much about the OAB generation, so if you are still experiencing issues with the OAB generating then open EMS and do 'Set-EventLogLevel "<Server>\msExchangeSA\OAL Generator" -Level Medium' then run 'Get-OfflineAddressBook |Update-OfflineAddressBook' then watch the Application Event log on the OAB Generating server for OAL Generator events. You should get event ID 9106 (OAB Generation starting) and event ID 9107 (OAB Generation finished)

OAB recreation:
If you want to recreate your OAB then you can perform the following in EMS:


'Remove-OfflineAddressBook "Default Offline Address Book"'


"New-OfflineAddressBook -Name "Default Offline Address Book" -Server <server> -AddressLists "\Default Global Address List" -PublicFolderDistributionEnabled $true -VirtualDirectories "<CAS>\OAB (Default Web Site)" (once again, substitute 'default web site' with 'SBS Web Applications' if you are running SBS)


"Get-OfflineAddressBook |Update-OfflineAddressBook"


Wait 15 minutes (or until you see the 9107 event if you have event logging turned up to Medium)


Restart the Microsoft Exchange File Distribution service on your CAS servers


Wait 5 minutes or until you see the files appear in the <Drive>:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB folder on the CAS server/s


Test downloading the OAB in Outlook.

By now you should be rid of your OAB download errors. If not, drop a post on this article and I will try and help you.

If you have any questions or queries or additional info then feel free to post it below.



Comments (30)

Yes, you are right, I think I will... My issue is really around the OAB folder generation issue...  Like I said, my transition went very well, everything is working, including Public Folders, I recreated my GAL and OAL and they both show as valid and defaults (with GUIDs listed) and display correctly through OWA, my issue is that the ExchangeOAB folder will simply not create itself despite going through the entire process of the get and update cmdlet for the offline Address List as well as restarting the system attendant and FDS...

Very strange...


Hi all,

This procedure work for me, since November 2011at now it's valid with MS Exchange 2010 sp1, i had searching in many forums and sites but this is the only valid solution tested in real production environment, now OAB is working in all MS Outlook 2007 clients excepts Outlook 2003 clients who has the error appear of the object OAB is not found, i think because i am during migration from Ex 2003 to Ex 2010 which the old one can't take changes updates.

Thank you so much to help us with all your solutions, you are an exceptional Exchange Architect.

Great Work,
Exchange Administrator

This was the only thing i found that worked in fixing my OAB issue.

thank you.

View More

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.