2013 ABP issues

I have a peculiar problem I just can't seem to figure out. We are running exchange 2013 CU2. We are running multi-tenant, so we implemented Address Book Policies. The ABP seems to be working fine until we access the Address Book. For example, when in Outlook and a user is creating a new email they click on the "TO' button to bring up the Address List Dialog, and the list is blank. You can type something in the search box and click Go and it will surely find the user(s) no problem. But it is not displaying the entire list of names.

Did I forget something? All the users in the OU for that ABP have the Custom Attribute 1 set. I even added the Company name in the user properties. They have their own accepted domain and email SMTP address set. Everything seems to be set except for them not showing up in the AB. What am I missing?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

alansidlesAuthor Commented:
I have now installed CU3, but the problem remains. I could really use some help here. It is the same for the Outlook client as it is for OWA. See attached snipit.
Please check if you have assigned individual OAB, AL and GAL to each ABP. Also check if the user is assigned the ABP.

Also check if the above captured (in pic) GAL , AL when priviewed in EAC shows the list of users based on your custom attribute.

Also if you want offline mode you need to assign the corresponding Offline Address Book to the database where your user is located.
alansidlesAuthor Commented:
Yes, I have assigned individual OAB, AL and GAL to each ABP. As you can see from the attached file, the user is assigned the ABP.
User ABP assignment
The GAL shows the list of users. I don't know how to preview the AL.
GAL preview
I do want them available offline, so how do I assign the corresponding OAB to the database where the user is located. How do I check that?
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Can you change the view to name only (your first picture attached).
In OWA also I think you did not set the default AL.

You can do the same for your corresponding AL. Organization\Address Lists should show you the AL and then you can run the priview.

For assigning OAB, go to the Database properties/Client Settings.

Just run get-addressbookpolicy "Fabricloud ABP"|fl global*,addresslist*,offline*,room* and check if you have assigned the proper settings.

If the above all are OK, Looks like there are some AD permissions applied to the GAL and AL.

Can you check this attribute for the list of users in AD (ShowInAddressBook).
alansidlesAuthor Commented:
Yes I can change to name only, but the results are the same.

I apologize, but exchange isn't one of my strong points, so your comments about "In OWA also I think you did not set the default AL" and "You can do the same for your corresponding AL. Organization\Address Lists should show you the AL and then you can run the preview"
If you could detail how to set the default AL and corresponding AL I would appreciate it very much.
Here is the OAB assignment:
client settings
Using the command you gave me yields this:
ABP results
I have to do some digging in AD for the permissions you mentioned before I can comment.

Also, I created a set of powershell scripts for creating new companies and new users within a company. I've attached them for your reference in the event you see something there that may be causing my problems.  I could have very well shot myself in the foot somewhere along the trail. I changed our domain name in the docs to "DOMAIN" for security reasons. I had just added steps 11 & 12 in the newuser.ps1 and those steps are not yet tested.

Any insight you can give me is appreciated. I've been at this for weeks now and getting very frustrated.
alansidlesAuthor Commented:
I can preview the AL and all looks fine.
AL preview
alansidlesAuthor Commented:
Here are the 'showInAddressBook' settings in AD.
AD settingsHow do I check permission levels of the ALs themselves?
For Offline: Change the OAB assignment to "Fabricloud OAB".
For OWA: WHen you go to the Address Book, I suppose when you expand MY Contacts below the search option, you should see Fabricloud AL.

In your script I see msexchquerybasedn setting. I think this is not supported in Exchange 2013. Can you clear this setting in AD from one of the user and check.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
alansidlesAuthor Commented:
For Offline: I changed the OAB assignment as requested. I had it this way before without resolve. Also, how is this going to affect the other groups?, or are you just doing this for test purposes?
Fabricloud OAB
For OWA:  This illustrates the real issue I'm having. Take a look at these next two snips. It is the same result I get when in the Outlook client and I open the Address Book. No names show up until I do a search. But what OWA shows me that I don't see within Outlook is that it only finds the names when using the directory. This is a new clue for me, but I don't yet know what that means.
OWA People emptyOWA People searchedAnd as you can see....no Fabricloud list is showing.

Thank you for picking that up in my script. I removed it from user Tinn Cann. No immediate change noticed, so I'll wait the 4 hrs and recheck.
Thank you very much for helping. I feel so close, just can't put my finger on it, but I think that clue in OWA may lead to something.
alansidlesAuthor Commented:
UPDATE:  Just wanted to illustrate that Fabricloud is not showing up in the Address Book as expected.
No Fabricloud AB in Address Book list
alansidlesAuthor Commented:
I went back to your comment about  msexchquerybasedn and took a look at it in my script. it's then that it occurred to me that I was setting the search parameters for each individual user. Something necessary in 2007.

When I originally tested after your suggestion of removing it, I looked for another user (that I had changed - Tinn) with the one I was using (Joe). The light finally went off and I tested with Tinn and viola! I could see the Fabricloud AL. So I removed it from Joe and Tom and viola! They had it too. Checked in both the Address Book within Outlook and OWA and its there as well. I was looking at the issue backwards. Problem solved.  I have also removed that statement from my script.

I guess I had just been looking at it so long I couldn't see the forest through the trees. Thank you so much for helping me see this clearly. I can't tell you how relieved I am.

How it should look
alansidlesAuthor Commented:
The problem was in the msExchQueryBaseDN statement in our powershell script. Its a "left-over" from 2007. Once removed from the script and the individual user AD properties everything is working fine.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.