Can't see new GAL
Server 2003 Standard/Exchange 2003 StandardOutlook 2007I have a request from the Accounting head in my location to publish 40 distribution lists for the accounting department to use. All members of these DL's are external to the organization so I will be creating about 100 or so new contacts. I know that I can create the new Contacts, add them to the DL, and then hide them from the GAL, but I would also like to hide the DLs from the GAL.To get around this I have created a new GAL to test with complete with a different LDAP query. The Preview works fine as all of the test DLs that I have created are not visible. For testing purposes I denied my user account Open Address List permissions on the Default Global Address List and explicitly permitted my user account on the new Test GAL. I have added the new Test GAL to the Default Offline Address List. I have rebuilt the RUS as well as the Default Offline AddressList and exited Outlook but the new Test GAL is not visible. To top it off I still am able to open the Default GAL which I shouldn't since I denied myself Open Address List rights. I have also logged off and logged back on.I use my Outlook client in Cached mode. When I change it to be used Online, then the correct GAL is shown. When I change it back to cached mode the incorrect GAL is shown. I've deleted all .oab files in my local profile and then opened Outlook in cached mode and the correct GAL is shown. Once I download the address book the incorrect information is shown.What am I missing here??
October 29th, 2009 5:32pm

Ok, I went through and deleted the Default Offline Address Book and the Default Global Address List and created new ones. I waited a day for the maintenenace process to work. The new Offline Address Book was created. When I log open Outlook without cached mode it works fine, but when I put it back in cached mode the old OAB gets downloaded. Where in the world is this info coming from??
Free Windows Admin Tool Kit Click here and download it now
October 31st, 2009 10:57pm

Address List Segregation is not supported in 2003:http://blogs.msdn.com/dgoldman/archive/2008/02/17/exchange-2007-address-list-segregation-document-updates.aspxExchange 2003 / 2007 Address List Segregation Document - Updates!!
October 31st, 2009 11:53pm

On Sat, 31-Oct-09 19:57:21 GMT, unclerico wrote:>Ok, I went through and deleted the Default Offline Address Book and the Default Global Address List and created new ones. I waited a day for the maintenenace process to work. The new Offline Address Book was created. When I log open Outlook without cached mode it works fine, but when I put it back in cached mode the old OAB gets downloaded. Where in the world is this info coming from?? Exchange 2003? It comes from one of the OAB ssytem folders. If youour client is accessinga replica that isn't receiving updates?I'm not sure I understand what you expect the OAB to look like,though. The OAB isn't created using YOUR credentials so it'll onlycontain whatever the system account can access. And, if the systemaccount can access that TEST address list then everyone should see theTEST address list in the OAB.---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
November 1st, 2009 12:01am

Hi,Please restart the Microsoft System Attendant service, then rebuild Default Offline Address Book, then download the OAB again on the Outlook client. After that, please check this issue again.ThanksAllen
November 2nd, 2009 1:19pm

On Sat, 31-Oct-09 19:57:21 GMT, unclerico wrote:>Ok, I went through and deleted the Default Offline Address Book and the Default Global Address List and created new ones. I waited a day for the maintenenace process to work. The new Offline Address Book was created. When I log open Outlook without cached mode it works fine, but when I put it back in cached mode the old OAB gets downloaded. Where in the world is this info coming from?? Exchange 2003? It comes from one of the OAB ssytem folders. If youour client is accessinga replica that isn't receiving updates?I'm not sure I understand what you expect the OAB to look like,though. The OAB isn't created using YOUR credentials so it'll onlycontain whatever the system account can access. And, if the systemaccount can access that TEST address list then everyone should see theTEST address list in the OAB.---Rich MatheisenMCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP It uses the System credentials?? I guess I assumed that when my Outlook client would initiate the OAB download that it would check my credentials and download the OAB that I have permissions for and if there was no OAB that I had permissions for it would error out just as it does when you don't have permissions for an online address book.
Free Windows Admin Tool Kit Click here and download it now
November 2nd, 2009 8:27pm

On Mon, 2-Nov-09 17:27:34 GMT, unclerico wrote:client is accessinga replica that isn't receiving updates?I'm not sure I understand what you expect the OAB to look like,though. The OAB isn't created using YOUR credentials so it'll onlycontain whatever the system account can access. And, if the systemaccount can access that TEST address list then everyone should see theTEST address list in the OAB.---Rich MatheisenMCSE+I, Exchange MVP >--- Rich Matheisen MCSE+I, Exchange MVPIt uses the System credentials?? I guess I assumed that when my Outlook client would initiate the OAB download that it would check my credentials and download the OAB that I have permissions for and if there was no OAB that I had permissions for it would error out just as it does when you don't have permissions for an online address book. If the OAB isn't the one that's the default for the mailbox databaseyou'll have to use "set-mailbox" and the "-OfflineAddressBook"parameter to have another OAB downloaded.---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP
November 3rd, 2009 6:55am

On Mon, 2-Nov-09 17:27:34 GMT, unclerico wrote:client is accessinga replica that isn't receiving updates?I'm not sure I understand what you expect the OAB to look like,though. The OAB isn't created using YOUR credentials so it'll onlycontain whatever the system account can access. And, if the systemaccount can access that TEST address list then everyone should see theTEST address list in the OAB.---Rich MatheisenMCSE+I, Exchange MVP >--- Rich Matheisen MCSE+I, Exchange MVPIt uses the System credentials?? I guess I assumed that when my Outlook client would initiate the OAB download that it would check my credentials and download the OAB that I have permissions for and if there was no OAB that I had permissions for it would error out just as it does when you don't have permissions for an online address book. If the OAB isn't the one that's the default for the mailbox databaseyou'll have to use "set-mailbox" and the "-OfflineAddressBook"parameter to have another OAB downloaded.---Rich MatheisenMCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP Rich,Thanks again for replying. Just to re-iterate what I've done:- Created two GALs; All Users GAL and Accounting GAL- The All Users GAL has the Accounting security group with Deny Open Address List and the Accounting GAL has Authenticated Users removed from the ACL and Allow Open Address List, List Contents, Read rights for the Accounting security group- The Default Offline Address Book has been deleted and a new one labeled Global OAB has been created. The Global OAB has both the All UsersGAL as well as the Accounting GAL in the Address Lists area- The Global OAB has been added to the Mailbox Store as the Offline Address ListIn this scenario which OAB is the default?? I hope I'm making sense. Thanks.
Free Windows Admin Tool Kit Click here and download it now
November 3rd, 2009 4:24pm

On Tue, 3-Nov-09 13:24:40 GMT, unclerico wrote:? I guess I assumed that when my Outlook client would initiate the OAB download that it would check my credentials and download the OAB that I have permissions for and if there was no OAB that I had permissions for it would error out just as it does when you don't have permissions for an online address book. If the OAB isn't the one that's the default for the mailbox databaseyou'll have to use "set-mailbox" and the "-OfflineAddressBook"parameter to have another OAB downloaded.---Rich>MatheisenMCSE+I, Exchange MVP he Global OAB has both the All Users GAL as well as the Accounting GAL in the Address Lists area- The Global OAB has been added to the Mailbox Store as the Offline Address ListIn this scenario which OAB is the default?? I hope I'm making sense. Thanks. You only have one OAB named "Global OAB". That OAB includes twoaddress lists. I'm not sure why you think it isn't the default OAB.The address lists within the OAB aren't ACLed.I think, too, that deleting the default OAB you may be causing someproblems. Dave Goldman's blog on OABs is probably a good place to goto see if that's true:http://blogs.msdn.com/dgoldman/---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP
November 4th, 2009 7:07am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics