In correct OAB been displayed

Posted on 2004-10-14
Medium Priority
Last Modified: 2008-02-01
I have several people using an Exchange 2003 server from Outlook 2003 via
the RPC over HTTPS connection method. It works fine, with the exception of
the GAL getting messed up at seemingly random times. I have 4 GAL's that
are set up, with permissions configured differently on each. Each user only
has permissions to view the GAL that they are a part of. Occasionally,
users will get a GAL that they have NO permissions to view. If I delete the
.oab files from their desktop system and restart Outlook, the problem
"fixes" itself for a while.

How can I keep people from downloading the wrong OAB? I've already tried
modifying the msExchUseOAB and the msExchQueryBaseDN value of each user
account in AD to the appropriate value. That's what I had to do to get it
to work after deleting the .oab files on their desktops. Each group of
users (in a GAL) are in their own OU in AD as well...so they're about as
separated as they can get.

Why the heck are they getting a list of GAL members to which they have NO
permissions ANYWHERE?????

Question by:sp_wiz
  • 3
  • 2
LVL 21

Expert Comment

ID: 12314076
Are they getting GAL's they don't have permission to, or are they perchance getting the default GAL instead of their specific one?  I ask because I've seen situations where multiple OAB's existed, the schedule on one to build was set way too low (like 5 minutes), and since it didn't finish generating the client ended up getting the one that finished instead.  Now are you saying that you've seen this happen even after setting msExchUseOAB?

Author Comment

ID: 12316433
Yes they are getting a OAB that they do not have permission to see, and yes msExchUseOAB is set to there group.  The OAB is built once a day.

LVL 21

Expert Comment

ID: 12317320
The only reason I can think of that would cause msExchUseOAB to fail is if you were at an older build of Exchange 2000 (I believe SP1 or SP2 implemented this option).  So if its still getting a GAL that is not what is expected, it could be possible that the OAB itself is just being built wrong.  A long shot I know, but I'm just trying to come up with some ideas.  Would it be possible to narrow the scope of this down a bit more?  For example, if you could get answers to the following questions it would help a lot:

- Is there any pattern to this (certain users, certain days, certain OAB's, etc...), is it affecting everyone, or is it truly random?
- Does the default OAB still exist, or has that already been deleted?
- Has this been happening since these were created, or did it start recently?
- Is it only affecting RPC/HTTPS clients, or just Outlook 2003 clients in general?

One more thing... there is a log file that outlook creates when it downloads the OAB.  I don't remember the location off hand, but I know its there.  If you could somehow track down a log of a bad download, it may help us narrow this down more.  

Author Comment

ID: 12355798
We are using Exchange 2003 enterprise addition

No it seems to be truly random which is the annoying thing.

I think its been happening since we added extra companies
so the problem was always there just didnt notice it with a couple
of companies on it.

Its not down to RPC/Https as i have a vpn connection for 1 client and thats started doing
it this morning

Any thoughts as to where that log file might be for the OAB download.

LVL 21

Accepted Solution

marc_nivens earned 2000 total points
ID: 12367901
Its a little too much to paste here, luckily there is a q article that explains it:

843483 Description of Offline Address Book logging in Outlook 2003 Service Pack

One more question... you said that setting msExchUseOAB and deleting the .oab file let the correct address book sync.  Do clients that had these
steps carried out still have the problem?

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses
Course of the Month15 days, 22 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question