[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1300
  • Last Modified:

Hosted Exchange Offline Address Book Woes

We are running a hosted exchange environment. Currently we have six companies using 6 differen't Global Address Lists. We have done everything listed in the article http://www.msexchange.org/tutorials/Shared-Hosting-Exchange-2003-Part2.html.

We did the ADmodify and used ADSI properly. Everything is exactly as it should be for pointing users to the correct OAB...updatying CN's for oWA...everything is right while users are working "online' or "connected' to exchagne.

Currently; users are not able to download the correct copy of the Offline Address book. We specified the mailbox stores to use the newly created OAB's associated with each company. The GAL's when looking at the "preview" show the correct names. When you first create an outlook profile; it lists the correct GAL when you open up a new mail message for that company. When you click "Send and Receive" then "Download Offline Address Book"; it reads "Full Details checked' but when you click the drop down; the only GAL it shows is "\Global Address List". It doesn' tlist the companies OAB that we specified. When you download the only one available; it shows the same company for all the different companies even thou the mailbox stores and msExchUseOAB for every user in each company is pointed to the correct Offline Address Book.

KEY NOTES!!!....

When you open system manager and expand "administrative groups; first administrative group; folders; public folders" and right click on a folder; click on permissions; then click on client permissions." it shows a GAL of the same company as the offline addrss book that gets downloaded for every company.

So for some reason; even thou the default global address list; and the default offline address book; were deleted; its picked its own to use instead of just showing a "blank" one while inside System Manager.

Again...all users while having an onlnie connection to the server show the correct users for everything to assign permission to calendars and contacts etc etc.

Its only when pulling down the offline address book from "send and receive" download offline addressbook; every company gets only one offline book.

any ideas would be helpful..

thanks
0
lorenetworks
Asked:
lorenetworks
  • 2
  • 2
  • 2
  • +1
1 Solution
 
Stacy SpearCommented:
Did you look at the Store in ADSIEdit and see if the OAB is listed correctly there? I had that issue once, the GC wasn't updating properly.

Which brings another thing to look at, is the GC that you are making changes on, the same GC that Exchange is looking at? If not, are the GCs replicating properly?
0
 
lorenetworksAuthor Commented:
The Hosted Exchange is the GC...its a all one box solution...i'll check the ADSI and see if the stores updated themselves after i selected them in system manager. tlak to you soon.
0
 
BradBazleyCommented:
I'm having exactly the same problem, and I used the same article by Ahmit Zinman to create the Shared Infrastructure. Based on what he says, it's definitely a permissions issue - there is an ACE somewhere that gives too much access to the Outlook Client and allows it to download a complete listing of entries in the GAL. I've looked over the Public Folder Instances of the OAB, and the Client/AD permissions there appear to be at defaults - perhaps this is where the Client is getting through? I'm honestly flying blind when I reach this far down into Exchange, and I understand that most people who have run into this issue are likely hosting orgs that don't necessarily want to give away the answers, but if anyone could give some direction or insight as to how we should proceed, it'd make my life a lot easier too!
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Stacy SpearCommented:
Seems like the default OAB should be denied to everyone, and they only get the special oabs. I must admit I haven't looked at the article.
0
 
Box293Commented:
Ahhh the memories.

If you had the same problem as I did then your issue lies with the offline address lists (OAL) and what address list it uses to build itself with.

Your problem is that your OAL's are based on a Global Address List (GAL) instead of being based on an identical All Address List (AAL).

An AAL is the only way to provide a filtered address list to an OAL. Create an AAL the same way as your would when creating your GAL (use the same LDAP query for instance). Then bind the OAL to the AAL.

Tip, don't delete the existing OAL, just go in and remove all address lists and then add in the correct AAL. Then right click the OAL and rebuilt the OAL. If you delete the OAL it can cause ongoing issues as it is stored in the public folders and can take a few days to purge out.

Let me repeat, do not create an OAL based on a GAL, it NEEDS to use an AAL.

I hope this helps as it caused me a couple of weeks agony.
0
 
BradBazleyCommented:
Tested overnight, and I can confirm that solution worked in my environment - thanks so much!
0
 
Box293Commented:
No problems, it's an easy one to miss. Ahmit Zinman does mention it in his article but not very clearly, it's very easy to miss even when re-reading the article for the 11th time ;o)

Glad to be of help.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now