sp_wiz
asked on
In correct OAB been displayed
I have several people using an Exchange 2003 server from Outlook 2003 via
the RPC over HTTPS connection method. It works fine, with the exception of
the GAL getting messed up at seemingly random times. I have 4 GAL's that
are set up, with permissions configured differently on each. Each user only
has permissions to view the GAL that they are a part of. Occasionally,
users will get a GAL that they have NO permissions to view. If I delete the
.oab files from their desktop system and restart Outlook, the problem
"fixes" itself for a while.
How can I keep people from downloading the wrong OAB? I've already tried
modifying the msExchUseOAB and the msExchQueryBaseDN value of each user
account in AD to the appropriate value. That's what I had to do to get it
to work after deleting the .oab files on their desktops. Each group of
users (in a GAL) are in their own OU in AD as well...so they're about as
separated as they can get.
Why the heck are they getting a list of GAL members to which they have NO
permissions ANYWHERE?????
the RPC over HTTPS connection method. It works fine, with the exception of
the GAL getting messed up at seemingly random times. I have 4 GAL's that
are set up, with permissions configured differently on each. Each user only
has permissions to view the GAL that they are a part of. Occasionally,
users will get a GAL that they have NO permissions to view. If I delete the
.oab files from their desktop system and restart Outlook, the problem
"fixes" itself for a while.
How can I keep people from downloading the wrong OAB? I've already tried
modifying the msExchUseOAB and the msExchQueryBaseDN value of each user
account in AD to the appropriate value. That's what I had to do to get it
to work after deleting the .oab files on their desktops. Each group of
users (in a GAL) are in their own OU in AD as well...so they're about as
separated as they can get.
Why the heck are they getting a list of GAL members to which they have NO
permissions ANYWHERE?????
Are they getting GAL's they don't have permission to, or are they perchance getting the default GAL instead of their specific one? I ask because I've seen situations where multiple OAB's existed, the schedule on one to build was set way too low (like 5 minutes), and since it didn't finish generating the client ended up getting the one that finished instead. Now are you saying that you've seen this happen even after setting msExchUseOAB?
ASKER
Yes they are getting a OAB that they do not have permission to see, and yes msExchUseOAB is set to there group. The OAB is built once a day.
Rob
Rob
The only reason I can think of that would cause msExchUseOAB to fail is if you were at an older build of Exchange 2000 (I believe SP1 or SP2 implemented this option). So if its still getting a GAL that is not what is expected, it could be possible that the OAB itself is just being built wrong. A long shot I know, but I'm just trying to come up with some ideas. Would it be possible to narrow the scope of this down a bit more? For example, if you could get answers to the following questions it would help a lot:
- Is there any pattern to this (certain users, certain days, certain OAB's, etc...), is it affecting everyone, or is it truly random?
- Does the default OAB still exist, or has that already been deleted?
- Has this been happening since these were created, or did it start recently?
- Is it only affecting RPC/HTTPS clients, or just Outlook 2003 clients in general?
One more thing... there is a log file that outlook creates when it downloads the OAB. I don't remember the location off hand, but I know its there. If you could somehow track down a log of a bad download, it may help us narrow this down more.
- Is there any pattern to this (certain users, certain days, certain OAB's, etc...), is it affecting everyone, or is it truly random?
- Does the default OAB still exist, or has that already been deleted?
- Has this been happening since these were created, or did it start recently?
- Is it only affecting RPC/HTTPS clients, or just Outlook 2003 clients in general?
One more thing... there is a log file that outlook creates when it downloads the OAB. I don't remember the location off hand, but I know its there. If you could somehow track down a log of a bad download, it may help us narrow this down more.
ASKER
We are using Exchange 2003 enterprise addition
No it seems to be truly random which is the annoying thing.
I think its been happening since we added extra companies
so the problem was always there just didnt notice it with a couple
of companies on it.
Its not down to RPC/Https as i have a vpn connection for 1 client and thats started doing
it this morning
Any thoughts as to where that log file might be for the OAB download.
Rob
No it seems to be truly random which is the annoying thing.
I think its been happening since we added extra companies
so the problem was always there just didnt notice it with a couple
of companies on it.
Its not down to RPC/Https as i have a vpn connection for 1 client and thats started doing
it this morning
Any thoughts as to where that log file might be for the OAB download.
Rob
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.