Solved

Cannot setup outlook without access to default GAL

Posted on 2008-10-16
7
411 Views
Last Modified: 2012-05-05
I have created several Default Global Address Lists in Exchange 2007 SP1.  Let's say I have 3 total named 1,2 & 3.  Now let's say I have 3 security groups also named 1, 2, & 3.  All groups have been denied read and open address list rights to all other groups..... Including the Default Global Address List.

Now I want to setup Outlook using RPC over HTTPS.  I get an error stating "can not match name to user in global address list" (or something like that) and I can't setup outlook.  If I remove the DENY permissions from the Default Global Address List then I can setup Outlook BUT they can also see all users!

I want all users in each group to ONLY see their respective GAL & I don't want outlook to give me grief when trying to setup a profile for the first time.  

Any solutions?
0
Comment
Question by:damien1234
  • 5
  • 2
7 Comments
 
LVL 23

Accepted Solution

by:
Justin Durrant earned 500 total points
ID: 22737568
0
 
LVL 1

Author Comment

by:damien1234
ID: 22753174
I've tried this and it simply does not work!  No matter what I do I cannot setup a new Outlook profile without getting the message "The name cannot be matched to a name in the address list"

I tried this particular solution a few months ago and it didn't work.  I think I've read the instructions about 100 times, plus all supporting articles.  I feel extremely comfortable with my understanding of the documents but I can't help but feel there is something I'm missing....
0
 
LVL 1

Author Comment

by:damien1234
ID: 22753263
Ok, here is a new thought but keep the following in mind:
1) I am trying to connect using RPC over HTTPS and consequently I use "Exchange in cached mode"
2) I know for a fact that I have a problem with my OAB distribution

Is it possible that the problem is has to due with OAB not functioning correctly?  I suppose the real question is "When initially connecting via RPC over HTTPS in cached mode does Outlook try to pull user info from the OAB instead of the GAL?"  Just a thought....
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 1

Author Comment

by:damien1234
ID: 22753651
During this whole process I lost my ability to see the GAL.  I reversed everything I did and my access was still gone.  I theorized that there was some cache in Exchange which might be causing this.  So I rebooted the Exchange server... no change... I waited a few hours and voila my access returned.  Maybe I'm just to impatient in expecting my results?  Maybe I should make all these changes and wait a good 3-4 hours before rendering judgement?
0
 
LVL 23

Expert Comment

by:Justin Durrant
ID: 22757406
Yea... it can take a bit for the GAL to regenerate.
0
 
LVL 1

Author Comment

by:damien1234
ID: 22757710
So I tried a different method than you mentioned.  I simply denied access to the appropriate company GAL's so each company can only view their own.  The drawback to this is that each company can still see the title of the other 2 GAL's BUT they can't access them.  It's also more tedious to setup a 4th and 5th company.  The other method is much better overall if I could just get it to work.  I don't have time this weekend but the following I will.  I'll start out on Friday night and I should know if everything is working by Saturday morning.  If not I'll have time to fix it before the week starts.

BTW this alternate method did not work last night.... It of course works fine this morning.  I really wish I knew how long I had to wait.  

Anyway, I'll reward the points after I retry the method (for the third time) in two weeks.

Thank you very much!
0
 
LVL 1

Author Closing Comment

by:damien1234
ID: 31506892
There were several factors at play which initially made this solution not work.  First was my test environment.  I was logged into a TS session with MY credentials and setup outlook with various users to access their own GAL's.  For some reason Outlook MUST have been passing on my own user credentials to exchange even when I was logging in as another user using RPC over HTTPS and Basic Authentication!  Lesson: login from a completely remote PC OR ONLY with that users credentials both in Windows and Outlook.  Second: Wait 24 hours for the GAL to be rebuilt before you come to any conclusions as to whether or not the solution works.  Three: DO NOT ADD ANYTHING TO THE ADDRESS BOOK ROOTS even though the instructions say so.  Yes, those same instructions do have a link regarding the issue.

Overall those instructions were exceptional.  And so was your help!  I doubt I ever would have waited for the GAL... I guess I'm just impatient!
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you unable to connect or configure Hotmail email account in Microsoft Outlook 2010, 2007? Or Outlook.com emails are not downloading to Outlook? Lets’ see the problem and resolve Outlook Connector error syncing folder hierarchy (0x8004102A).
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question