Solved

Intermittent Issues querying Outlook Global Address List

Posted on 2014-01-31
3
450 Views
Last Modified: 2014-03-20
Hi guys,

We are currently experiencing an issue with users querying the GAL.  Throughout the day we have about 20+ users out of 400 who complain about the fact they can't view the GAL.  it just errors.  We find if we change their hosts file tempoarily  by adding the domain IP ... 10.*.*.* domain.com we can usually fix it.
We have recently built an additional DC for a site, which in a rush, had to build up in our main site and simulate the routing, but for some reason I believe DNS and replication did not fully replicate.  This server is now in the physical site and is setup within sites & services.
with correct subnet etc.
I have run dcdiag on all DCs in all sites and all looks to be healthy.  But we are still having users complain about this issue.  It seems to be incorrect information in ther GC on a particular DC which the clients are querying.
Could anyone point us in the right direction to diagnose this.  I can't find much on the internet as to understand the exact steps the outlook client will query a DC apart from its primary DNS server, it looks at the list of DC that host a GC and I guess it queries these to confirm they are alive and round robins every hour ?!?  I f can understand this better I might help me to pin point exactly when to look in DNS.

Just to also note.  We are currently in transition between AD2003 and DS2008r2


Kind regards,

Jim
0
Comment
Question by:macleandata
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39824407
First off, what is the error you are getting? What are the users using for Outlook "cached mode or online mode"? The users that are running into the issue, if they try OWA are they able to see the GAL without issue?

If the users are using Outlook with cached mode enabled the GAL will be presented using the Offline Address Book. If the user has a corrupted OST or profile this could be causing the issue.

I would test with 1 users having the issue first and see if creating a new OUtlook profile correct the issue. If not, i would then look and see about creating a new OAB as it might be the generation server which is encountering the issue.

Will.
0
 

Accepted Solution

by:
macleandata earned 0 total points
ID: 39824457
Hi Will,

I think I have just cracked this.  I was a limit on one of the GC with NSPI connections which has a limit in 2008 to 50 per user.  the user it related to was exchsrv20$ which is one of our exchange nodes.  I found out how to increase the size of this, but 1 a reboot is out of the question during the day and 2 need to understand why it is hitting this limit.  So I enable a GC on one of the 2003 DCs and removed the 2008 GC which was showing the errors -

Event 2820 - ActiveDirectory_DomainService

NSPI max connection limit for the user has reached. You need to do NSPI unbind on old connections before making new connections.

So far so good.


To answer your questions,  I can't remember the exact error.  and clients are not running cached ex mode.

I will confirm if this has resolved the issue (hopefully) if not it's back the drawing board.

Thanks

Jim
0
 

Author Closing Comment

by:macleandata
ID: 39941760
Resolved the issue myself in the end
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question