After a few days, new users still not showing up in Global Address list


I created four new users in the last few days and none of them are showing up in the global address list of the Outlook 2003 clients while the clients are in Cached Exchange mode, but the users do show up when you take Outlook 2003 out of cached exchange mode. I have gone throught the process of rebuilding the default offline address book in ESM and waited over three hours. Even after rebuilding and then downloading the address book again, the names still do not show up in the GAL,  UNLESS you take the client out of the cached Exchange mode.  I would like to be able to fix this without visiting 170 clients and taking them out of cached exchange mode. Any ideas?

I don't know if it has any bearing on the problem or not but a new domain controller was added a couple of weeks before the problem started; and an old one was retired. There are no errors in the logs regarding directory services or FRS. There are two global catalogs in the domain.  One of the DC's had conflicting roles (Infrastructure master and Global Catalog) so before I retired that server I also transferred the infrsatructure master to a different DC.  
Thanks in advance for your help!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cached mode uses the OAB, so that is where you have to concentrate your efforts.
Taking the client out of cached mode means that they get their information live, instead of out of the OAB.

Ensure that Exchange is using a valid domain controller.
Recipients, Recipient Update Services. Make sure that the DC listed is valid.

Check that there is a GAL listed for the OAB.
It is shown on the Properties of the OAB in ESM.

Do you have any errors in the event viewer about the OAB after attempting to force the OAB to update?

bradberAuthor Commented:

Thanks for your response. I checked and verified that under Recipients>Recipient Update Services>properties, the Windows domain controller is a valid entry, a Global catalog DC. THis is the same one that was there all along.  

The Default Global address list in listed under "address lists" in the properties of the "default Offline Address list".

There are no entries pertaining to the OAB  in the event logs.  It is as if the rebuild never happened. Are there other logs that I  could check for clues?  

How about if I change  the Windows domain controller to a differnt Global Catalog server - would that be potentially beneficial? Would it distupt service?  I am also thinking of flushing the DNS cache on the Exchange server - perhaps that would force the server to refresh it's connection to the global catalog server. How can I verfy that the  Exchange server can actually contact the GLobal Catalog server?

Make sure your outlook it not in Cache mode, as Sembee. If you create a new user and this user to domain security groups and it woorks fine then the replication is working. Make sure your outlook is NOT is cache mode. Create a new user profile if you have to.
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

I doubt whether this has anything to do with your domain controller change. If there was a problem with the DCs then it would affect the live GAL. The OAB is just a copy of the live GAL that has been generated in to a single file for the clients to download.

The OAB part of Outlook usually downloads just the changes. Try forcing it to download the full thing. There is a registry hack that can improve the download:

Registry hacks are easy to push out to the clients if required, login scripts, group policy etc.

Have you seen the troubleshooting guide for the OAB?

Have you tried deleting the OAB file, then restarting Outlook? That will force a download of the fresh OAB.

You might also want to take a look at this KB article:

Roshan25 - if you read the question you will note that part of the requirement is NOT to have to remove the clients from cached mode, so that simple fix (which isn't really a fix, just bypasses a non-functioning component) isn't a valid option.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bradberAuthor Commented:
Thanks for your responses guys,

OK, I will drop the domain controller track and focus on your other suggestions. The registry hack sound like a good option but before I try it, I want to look into the other options. I'm reading thru the troubleshooting guide. It says two events must occur before changes show up in Outlook 2003. The first event is that the  server must generate the OAB and include the changes in the differential file. How do I know that the first event ever took place?  I manually set off a rebuild last evening around 5 PM but there is nothing in the events logs to verify that. How do I know if the rebuild actually haappened?  If it did not happen, then what?

Here is another bit of info that may be relevant: In ESM, when I right click on a normal user's mailbox, I see"Exchange tasks" as an option. When I right-click on one of the new mailboxes that is not showing up in the GAL, the "Exchange Tasks" option does not exist.   Could this imply that there is something wrong with the accounts instead of there being a problem with the OAB?

When you created the new accounts, did they get email addresses automatically?

Normally, if there is a problem with the accounts, then they don't show up in the live GAL. If you can see the users in the live GAL or through OWA, then that would tend to scrub that as being the source of the problem.

bradberAuthor Commented:
Yes, they did get email addresses, I mean you can send email to them by manually typing in their address in Outlook, and they have confirmed that they are receiving email.  I jsut checked OWA, the new users do show up there but still not in Outlook 2003.

I am not convinced that the OAB is being generated correctly. The problem is how to get it out of that cycle.

Take a look at this article at MS:
In particular there are some articles at the end which may have to be used - specifically those about the system folders.

As a last clutch of the straws, ensure that all of the OAB folders have a replica listed.

bradberAuthor Commented:
The last article you mentioned is most helpful. Following the recommended steps, I was able to verify that the GAL on hte Exchange server is up to date. However, when I take the next step, to get the changes to be seen by the client, it does not work. Going to tools, send & receive, download address book appears to work and gives no errors but after that the new entries still do not appear.  

The article also recommends to check the replicas for hte Offilne address book on the exchange server itself. WHen I attemtp this, in ESM right clicking on Public folders and selecting "View System Folders" yeilds the following error: "The operation failed due to an invalid format in the HTTP request. Verify that the host header is correct for the virtual server. ID no:c103af0 Exchange system manager. " 

The recommended cure for this is:Troubleshooting

• Try setting the default Web site to All Unassigned and then reopen the ESM and try to expand public folders.
• Correct the host header value or remove it completely.
Can I do this without disrupting service?
Those changes will not upset the Exchange server - they can be done in production hours.

bradberAuthor Commented:
More info: Ran netdiag on all domain controllers. Two passed with no problem on three tests: the general test (no switches) the DcLIst and the DsGetDC.  The third  DC passed most tests but  had a failure related to DNS entries of the DC on a DNS server. Thought this would be fixed by netdiag - it said to wait 30 minutes for DNS server replication. Waited, then ran test:DNS and still had errors so I ran the /fix  option. Then I ran the netdiag /v /l general test and still got the failures, so I will need to track this down. Not sure if this is related to the problem, however.
bradberAuthor Commented:

I ended up doing the registry hack that you suggested to genetrate a full offline address book download

It took care of the problem. Many thanks, I really appreciate the help. 500 points for you!
Roshan25, thank you for your comments as well.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.