In correct OAB been displayed

I have several people using an Exchange 2003 server from Outlook 2003 via
the RPC over HTTPS connection method. It works fine, with the exception of
the GAL getting messed up at seemingly random times. I have 4 GAL's that
are set up, with permissions configured differently on each. Each user only
has permissions to view the GAL that they are a part of. Occasionally,
users will get a GAL that they have NO permissions to view. If I delete the
.oab files from their desktop system and restart Outlook, the problem
"fixes" itself for a while.

How can I keep people from downloading the wrong OAB? I've already tried
modifying the msExchUseOAB and the msExchQueryBaseDN value of each user
account in AD to the appropriate value. That's what I had to do to get it
to work after deleting the .oab files on their desktops. Each group of
users (in a GAL) are in their own OU in AD as they're about as
separated as they can get.

Why the heck are they getting a list of GAL members to which they have NO
permissions ANYWHERE?????

Who is Participating?
marc_nivensConnect With a Mentor Commented:
Its a little too much to paste here, luckily there is a q article that explains it:

843483 Description of Offline Address Book logging in Outlook 2003 Service Pack

One more question... you said that setting msExchUseOAB and deleting the .oab file let the correct address book sync.  Do clients that had these
steps carried out still have the problem?
Are they getting GAL's they don't have permission to, or are they perchance getting the default GAL instead of their specific one?  I ask because I've seen situations where multiple OAB's existed, the schedule on one to build was set way too low (like 5 minutes), and since it didn't finish generating the client ended up getting the one that finished instead.  Now are you saying that you've seen this happen even after setting msExchUseOAB?
sp_wizAuthor Commented:
Yes they are getting a OAB that they do not have permission to see, and yes msExchUseOAB is set to there group.  The OAB is built once a day.

The only reason I can think of that would cause msExchUseOAB to fail is if you were at an older build of Exchange 2000 (I believe SP1 or SP2 implemented this option).  So if its still getting a GAL that is not what is expected, it could be possible that the OAB itself is just being built wrong.  A long shot I know, but I'm just trying to come up with some ideas.  Would it be possible to narrow the scope of this down a bit more?  For example, if you could get answers to the following questions it would help a lot:

- Is there any pattern to this (certain users, certain days, certain OAB's, etc...), is it affecting everyone, or is it truly random?
- Does the default OAB still exist, or has that already been deleted?
- Has this been happening since these were created, or did it start recently?
- Is it only affecting RPC/HTTPS clients, or just Outlook 2003 clients in general?

One more thing... there is a log file that outlook creates when it downloads the OAB.  I don't remember the location off hand, but I know its there.  If you could somehow track down a log of a bad download, it may help us narrow this down more.  
sp_wizAuthor Commented:
We are using Exchange 2003 enterprise addition

No it seems to be truly random which is the annoying thing.

I think its been happening since we added extra companies
so the problem was always there just didnt notice it with a couple
of companies on it.

Its not down to RPC/Https as i have a vpn connection for 1 client and thats started doing
it this morning

Any thoughts as to where that log file might be for the OAB download.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.