In correct OAB been displayed

Posted on 2004-10-14
Medium Priority
Last Modified: 2008-02-01
I have several people using an Exchange 2003 server from Outlook 2003 via
the RPC over HTTPS connection method. It works fine, with the exception of
the GAL getting messed up at seemingly random times. I have 4 GAL's that
are set up, with permissions configured differently on each. Each user only
has permissions to view the GAL that they are a part of. Occasionally,
users will get a GAL that they have NO permissions to view. If I delete the
.oab files from their desktop system and restart Outlook, the problem
"fixes" itself for a while.

How can I keep people from downloading the wrong OAB? I've already tried
modifying the msExchUseOAB and the msExchQueryBaseDN value of each user
account in AD to the appropriate value. That's what I had to do to get it
to work after deleting the .oab files on their desktops. Each group of
users (in a GAL) are in their own OU in AD as well...so they're about as
separated as they can get.

Why the heck are they getting a list of GAL members to which they have NO
permissions ANYWHERE?????

Question by:sp_wiz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 21

Expert Comment

ID: 12314076
Are they getting GAL's they don't have permission to, or are they perchance getting the default GAL instead of their specific one?  I ask because I've seen situations where multiple OAB's existed, the schedule on one to build was set way too low (like 5 minutes), and since it didn't finish generating the client ended up getting the one that finished instead.  Now are you saying that you've seen this happen even after setting msExchUseOAB?

Author Comment

ID: 12316433
Yes they are getting a OAB that they do not have permission to see, and yes msExchUseOAB is set to there group.  The OAB is built once a day.

LVL 21

Expert Comment

ID: 12317320
The only reason I can think of that would cause msExchUseOAB to fail is if you were at an older build of Exchange 2000 (I believe SP1 or SP2 implemented this option).  So if its still getting a GAL that is not what is expected, it could be possible that the OAB itself is just being built wrong.  A long shot I know, but I'm just trying to come up with some ideas.  Would it be possible to narrow the scope of this down a bit more?  For example, if you could get answers to the following questions it would help a lot:

- Is there any pattern to this (certain users, certain days, certain OAB's, etc...), is it affecting everyone, or is it truly random?
- Does the default OAB still exist, or has that already been deleted?
- Has this been happening since these were created, or did it start recently?
- Is it only affecting RPC/HTTPS clients, or just Outlook 2003 clients in general?

One more thing... there is a log file that outlook creates when it downloads the OAB.  I don't remember the location off hand, but I know its there.  If you could somehow track down a log of a bad download, it may help us narrow this down more.  

Author Comment

ID: 12355798
We are using Exchange 2003 enterprise addition

No it seems to be truly random which is the annoying thing.

I think its been happening since we added extra companies
so the problem was always there just didnt notice it with a couple
of companies on it.

Its not down to RPC/Https as i have a vpn connection for 1 client and thats started doing
it this morning

Any thoughts as to where that log file might be for the OAB download.

LVL 21

Accepted Solution

marc_nivens earned 2000 total points
ID: 12367901
Its a little too much to paste here, luckily there is a q article that explains it:

843483 Description of Offline Address Book logging in Outlook 2003 Service Pack

One more question... you said that setting msExchUseOAB and deleting the .oab file let the correct address book sync.  Do clients that had these
steps carried out still have the problem?

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month8 days, 13 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question