[Last Call] Learn how to a build a cloud-first strategyRegister Now


Problems accessing ExchangeOAB subfolders from Exchange 2010 server

Posted on 2012-08-24
Medium Priority
Last Modified: 2012-08-28
We have an Exchange 2010 setup with 12 servers at various AD sites and geographic locations. We noticed an issue with one of the sites where we have 1 multi-role server (CAS, Mailbox, Hub Transport). This server could not update the GAL and upon inspection we could open the ExchangeOAB share on the server generating the GAL but cannot open the subfolder containing the GAL updates the explorer window appears to hang then eventually reports:

xxxxxxxx is not accessible. You might not have permision to use this network resource. Contact the administrator of this server to find out if you have access permissions.

The Specified network name no is no longer available.

It also cannot open the c$ or other admin shares on the GAL server. Non-admin shares work fine with the exception of the aforementioned address book folder. I've tried creating a new GAL but the problem is the same with the new GAL subfolder. The OABGenerator server is the only one contactable by all exchange servers so i cant move the GAL to another server.

Doing some troubleshooting the problem only crops up if i install the Mailbox role, if i remove this it works fine. For the sake of troubleshooting we also removed all AV from the server.

We don't have this issue from the DC at the same site or from any of the other Exchange servers. We also dont have this problem from the same server to other exchange server c$ shares, including other servers at the same site as the OABGenerator server.

If i try to RDP to the OAB server, i get prompted for credentials, the window opens with just a black screen (no taskbar etc then after a few seconds i get:

The Remote Desktop Session has ended.

It generates the following error on the OAB server System log:

The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: xxx.xxx.xxx.xxx

RDP also works fine without the mailbox role installed.

All Exchange Servers are running Windows 2008 R2 Enterprise with latest updates and Service Packs.
Question by:graememutch
  • 3
  • 2
  • 2
  • +1
LVL 52

Accepted Solution

Manpreet SIngh Khatra earned 1500 total points
ID: 38329375
Did you check the permissions on the ExchangeOAB folder ?
If there is an issue when you do an update OAB you will get some error on the EMC or in Eventviewer.
Are all the Microsoft services running on the Exchange server ?

- Rancy

Expert Comment

ID: 38329395
Can you access OAB files from another CAS server --


Updates under ExchangeOAB folder is current? whats the date it got generated?

Author Comment

ID: 38330046
Can access the OAB files from all other CAS servers.

Updates to the OAB work, i see them generating when i force an update.
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 38330073
ExchangeOAB permissions are as follows:

System - Full Control
Organization Management - List Contents/Read
View-Only Organization Management - List Contents/Read
Exchange Servers -  - List Contents/Read
Administrators - Full Control

I can access the ExchangeOAB share itself, its the subfolder i cant get into, it has the same permission inherited from above.

OAB updates work fine to all other servers.

Just noticed i neglected to mention the MS Exchange Address Book service will also not start with the following error:

Unable to register the MSExchangeAB RPC interface. Failed with the error code The endpoint is a duplicate (1740)

I'm back at the client tomorrow and will look at port conflicts, also saw suggestions regarding NIC teaming being a problem which they do have setup but i would have expetced that to be a problem without the mailbox role installed as well. Possible the mailbox role is using the same port for something, theyre not statically assigned though.
LVL 33

Expert Comment

ID: 38331237
Here is what I would suggest you to do for MSExchangeAB RPC Interface (and yes !! this does cause issues for OAB)

=> Confirm whether this box is a DC or NOT, if it is a DC - you have to promote it to a GC and reboot the server.
=> If the box, where you're having issues with this service is also a hub server - in that stop transport service and then start AB RPC Server FIRST and then transport service and NOW check the OAB Issue
=> If from the above two steps you're issue doesnt get solved - run netstat -amo from you're command prompt, verify if an unknown service is working on ports 6002-6004.

Once done, reboot the box just once and provide us results.

Worst case scenario, we'll ask you to bump up the logging on MSExchangeSA\OAB Generator And MSExchangeFDS service.

Oh and please please do not forget to run Exchange Best Practice Analyzer tool.

LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38331726
MS Exchange Address Book service - thats the reason i asked to check all Exchange services :)

I'm back at the client tomorrow and will look at port conflicts, also saw suggestions regarding NIC teaming being a problem which they do have setup but i would have expetced that to be a problem without the mailbox role installed as well. Possible the mailbox role is using the same port for something, theyre not statically assigned though - Good catch ... update what you find and we can proceed

Hope we have a local GC server and also the RPCClient service is running :)

Please check the below article has helped a lot resolutions

- Rancy
LVL 33

Expert Comment

ID: 38340416
So, what solved the issue?


Author Comment

ID: 38340439
Thanks for all the replies. :)

Tracked this down to having Avaya IP Office Manager installed which we had to do temporarily and didn't remove. I got to that from chasing the Address book not starting as found in this thread:


This fixed everything, i and understand it causing the address book not to start but seems odd to cause the problems with RDP and Admin folder access, stopping the Address Book service after removing the Avaya software didnt cause the same symptoms so the conflict must have been deeper than that i guess.

Lesson learned, a mail server is for email not multi-purpose ;)

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question