Offline Address Book Sync Error: 0X8004010F

Paul Szymanski MCSE

Corrupted Offline Address Book You may get a call from your customers informing you that they are getting the following Sync error in their MS Outlook:
10:35:49 Microsoft Exchange offline address book 10:35:49 0X8004010F

and they will ask you to fix it. The customers may receive this error just after you tried to fix another problem which was reported to you. For example, you were asked to create a new user account called Joe Doe and the name you received from HR was spelled as Jo Doae. You tried to correct the mistake, but for some strange reason the changes you made have not reappeared in the Global Address List and the user’s name was still listed as Jo Doae instead of Joe Doe. The misspelled first or last name is a very common mistake usually caused by what we called “fat fingers” syndrome. Sometimes, you try to rename a user account because the user married and changed her last name. You may decide to rename a user account when a person leaves a company. Instead of creating a new user account and assigning appropriate access, it is easier to rename the old account. However, after the change you realized that the name has not changed in Global Access List. In other cases, you have multiple Global Address Books and they get corrupted during the replication process, and you run into problems trying to fix them. The problems with Offline Address Book could be the symptoms of a larger problem related to your Active Directory and Recipient Update Service. Whatever the reason, you need to correct the problem and in the process of doing so, you will quickly find out that it is not an easy task. There are a lot of confusing solutions on the Internet and the MS Knowledge Base is not a very helpful resource either because it will take you a lot of time to find a correct KB article. Global Access List Overview Global Address List (GAL) is a directory that lists any mailbox-enabled or mailenabled object in an Active Directory forest where Exchange 2003 is installed. It can contain not only an e-mail address of the user or an object in AD, but also phone numbers, fax numbers, mailing addresses, and comments. The GAL is basically an address/phone book that can be customized and accessed by clients either when they are logged to the network or work offline. The LDAP protocol (Lightweight Directory Access Protocol) is used to query this directory and present the results to users in a logical fashion. LDAP queries can be modified to fit the user’s needs. The Exchange System Manager gives you the ability to build and customize LDAP queries.

1

The engine that generates the GAL in MS Exchange server is called the Recipient Update Service (RAS). It is responsible for generating and updating GAL base on the entries in the Active Directory. For example, if you rename an e-mail enabled user account or an object in AD, the RAS will generate appropriate changes in GAL that resides on your MS Exchange server and these changes will be replicated to the Offline Address Book. The GAL is located in the Recipient folder in the Exchange System Manager. You can have more than one GAL, but in most cases you should stick to one GAL. You could debate pros and cons of customizing GAL but, in general, there is no need to customize GAL for small to medium size organizations. If you do customize GAL, please make sure you have the excellent documentation and you put a lot of thought into it, otherwise you will run into serious problems fast. Also, keep in mind that MS Outlook can view only one Global Address List. Users could have permissions to access more than one GAL. In this case, the one that is the highest alphabetically will be displayed.

The recipient folder in the Exchange System Manager lists two directories: All Address Lists and All Global Address Lists. Yes, there is a reason why they are separated, but at the same time, there is one small difference between GAL and All Address List. We must remember that all e-mail enabled objects and contacts must exist in the Active Directory, otherwise they will not show up in GAL or All Address List. The main difference between All Global Address Lists and All Address Lists is the ability to add e-mail addresses to a directory called All Contacts that contains important contact information of users who are outside of your domain and do not have mailboxes on your Exchange server. But because of the business needs, the users on your domain must be able to access and query these e-mail

2

addresses and other contact information that are contained in the All Contacts directory. For example, you may want to create a directory of the outside suppliers for your organization and allow the Manufacturing Department access this list. By doing so, you most likely centralized several Personal Address Books that resided on individual workstations. Such an action could improve contact information sharing by providing one, centralized, and searchable address book. Believe it or not, such a small improvement could make a huge positive difference in an organization. By default, All Address List contains the following four sub directories:

All Contacts: A contact is an Active Directory object that does not have permissions to access domain resources. A contact usually represents someone outside your Exchange organization, such as a partner or a customer. Contacts cannot be given mailboxes on your Exchange server. However, you can specify external e-mail addresses for contacts and add them to groups and GAL. Contacts must be entered into the Active Directory to be listed in All Contacts. All Groups: A group is an Active Directory object that can contain users, contacts, public folders, and other groups. There are two main types of groups: security groups and distribution groups. Security groups are used to collect objects into a manageable unit for controlling access to resources; they can be mail-enabled. Distribution groups are used only as e-mail distribution lists. Only e-mail enabled groups will be listed in GAL and in All Groups on your Exchange server. All Users: Active Directory user accounts enable users to log on to computers and domains with identities that can be authenticated and authorized for access to domain resources. Users who log on to the network must have their own unique user accounts and passwords. User accounts can also be used as service accounts for some applications. Users can be added to groups and appear in the global address list (GAL). There is a difference between mail-enabled and mailbox-enabled users. A Mailenabled user is equivalent to a custom recipient and does not have permissions to access domain resources. If a user account is mail-enabled but not mailboxenabled, the user can receive e-mail at an external e-mail address but cannot store messages on your Exchange server. Again, only recipients with Active Directory accounts can be mailbox-enabled to send and receive e-mail. You must install Exchange to mailbox-enable a user. You then can specify the location of the user's mailbox on the Exchange store.

3

Public Folders: A public folder is an Exchange-specific object that stores messages or information that can be shared among users in your organization. Unlike users and contacts, which are native Windows objects, public folders only appear in the Active Directory if you mail-enable them. In a native environment, no public folders are mail-enabled by default. Mailenabled public folders can be displayed in GAL and be added to groups. MS Exchange allows you to create custom and searchable directories in All Address Lists. The All Global Address Lists contain one or multiple GAL’s. But you can have only one Default Global Address List. GAL is basically a summary of all e-mail enabled entities that exist in Active Directory and directories that can be found in All Address Lists. So why would MS Exchange separate All Address Lists and All Global Address Lists? As I mentioned at the beginning, the LDAP protocol (Lightweight Directory Access Protocol) is used to query directories listed in the MS Exchange and present the results to users in a logical fashion. In other words, the MS Exchange allows customization of address directories and LDAP queries. To better understand this, let’s take a look at how these address directories are listed in MS Outlook. MS Outlook allows users to specify the order of directories in which it searches for contact information. This search can be customized by the user or by the email administrator. You can modify this search by selecting Tools in the MS Outlook tool bar and then Address Book, Tools and finally Options and you will see the following window where you can specify which address directory should be searched first:

4

You can also add specific address directories by clicking Add button:

As you can see in the graphic above, the address lists displayed correspond to address lists that are available on the MS Exchange server. By adding or removing the lists, the LDAP protocol can query them more efficiently. The user can also sort and query these directories from the main menu of the Address Book. By clicking a drop arrow in the Show Names from the: you will see all address lists available to the user. Sometimes the GAL could be very extensive and the logical sorting of the groups and users could be very beneficial for the organization.

But again, it is important to remember that users that are not members of your domain, but who are listed as e-mail enabled Contacts in the Active Directory, will not be displayed in GAL, but they will appear in All Contacts. Global Address List can be rebuilt and the content modified.

5

Offline Address Lists The Offline Address Lists are used by MAPI clients such as Outlook 2003. They allow the offline users to download offline address lists, so they can compose email messages even when they are disconnected from their Exchange server. To make it possible, you must first create the address lists on the server. By default, there is an offline address list named the Default Offline Address List, which contains the global address list. If necessary, you can populate this list with any other address list you have created. You can also create multiple offline address lists that can be individually associated with each mailbox store in your organization. If the users on your different mailbox stores share something in common, such as all being part of the same division, you might want to provide different offline address lists for each mailbox store. The Offline Address Lists are stored on a local workstation in a user’s profile. They can be found in a hidden directory called Application Data. The following is the path to a directory that stores Offline Address Book: C:\Documents and Settings\%username%\Local Settings\Application Data\Microsoft\Outlook. The Offline Address Book is comprised of several files: outlook.ost: Offline folder (.ost) file is an exact replica of your folders on the Exchange Server 2003, and is updated by the server during client initiated synchronization. A set of personal folders, on the other hand, is simply a storage location on your hard disk or a server other than the Exchange Server 2003. When you are working offline, you work with the contents of an offline folder exactly as you do with a folder that is part of your mailbox on the Exchange 2003 Server. For example, you can change and move items in your offline Inbox and send messages that are placed in your offline Outbox. When you connect your computer to the network, you can manually or automatically synchronize the offline folders. Your message in the offline Outbox will be transmitted to the exchange server. tmplts.oab: This file contains the dialog box strings and any information that is static in accordance with the offline Address Book. This file does not increase in size if you add additional objects to your directory. rdndex.oab: This file holds the Parent Distinguished Names (PDNs), which are stored at the beginning of the file. A block that contains the Relative Distinguished Name (RDN) for each address entry follows the PDN block. The RDNs are stored with a byte offset from the beginning of the file that points to the appropriate PDN. pdndex.oab: This file contains the changes to domain names and the lists there of.

6

details.oab: This file contains all the object details (those included in the generation of the offline Address Book), except the display name. browse.oab: This is a core file. It contains the object type, the display name, and a pointer to the Details.oab file for each object. anrdex.oab: This file is an index for resolving ambiguous names. Additionally, there are six Unicode file types: Uanrdex.oab: This file is the Unicode version of the Anrdex.oab file. Ubrowse.oab: This file is the Unicode version of the Browse.oab file Udetails.oab: This file is the Unicode version of the Details.oab file. Updndex.oab: This file is the Unicode version of the Pdndex.oab file. Urdndex.oab: This file is the Unicode version of the Rdndex.oab file Utmplts.oab: This file is the Unicode version of the Tmplts.oab file. Microsoft Exchange System Attendant is responsible for generating the offline address book. The System Attendant calls Oabgen.dll. This is a MAPI application (referred to as OABGen) that reads from the Active Directory. On a server running the Exchange Server 2003 SP2, the first time an offline address book is created, OABGen creates the OAB Version 2, OAB Version 3a, and OAB Version 4 folders. You can specify the versions of offline address books that are generated.

7

Every time the OABGen runs, it performs several tasks: • • • It connects to the Active Directory containers via NSPI (Named Service Provider Interface) to it can read all of the objects it will put in the GAL. It creates the files for all offline address book versions. It compresses the files. It creates posts in the system folders for each version of the offline address that it is configured to generate. The offline address book files will be saved as attachments on the posts in the folders. It creates incremental offline address book files containing daily changes. The default setting in Exchange Server 2003 is to generate an offline address book incremental file every morning at 05:00.

The Active Directory servers: are utilized in the offline address book generation. Offline address book configuration data is stored in the Configuration Naming Context partition in the Active Directory, making it available to all domain controllers. In addition, global address list information is stored in global catalog servers. Recipient Update Service: although offline address book generation does not require the Recipient Update Service, address lists do require this component. The System Attendant calls the Recipient Update Service, which in turn maintains the address list membership on recipients. If the address list is blank, the offline address book generation will fail.

8

The Microsoft Exchange Server 200x: allows creation of multiple Offline Address Books, but there could be only one default Offline Address Book. The Offline Address Book can be rebuilt and the rebuild is very simple. You just right click on the Offline Address Book and select “Rebuild” from the drop menu. You must check the Application Logs to make sure the process was started and successfully completed. Troubleshooting issues with Global Address List and Offline Address Lists When someone in your organization reports to you that the Sync Issue folder in MS Outlook is filling up with the error:
10:35:49 Microsoft Exchange offline address book 10:35:49 0X8004010F

You want to ask yourself the following questions: • • • • • • • • • When did this error start to occur? What changes were implemented to your Active Directory Domain Controller and MS Exchange Server prior to this error? Who did those changes and why? How many MS Exchange servers do you have? How many Offline Address Lists do you have on your MS Exchange Server? How many Global Address Lists do you have on your MS Exchange server? Which of them are default Address Lists? Do you have a default offline address list associated with the mailbox store this user resides on? Are the outlook users have sync issues and not applying the newly downloaded oab files?

The answers to these questions will help you narrow down the scope of the problem. A lot of organizations have complex e-mail exchange systems and in many cases, documentation is outdated or completely missing. This error may affect some users, but not others. Once you find out what has happened and where to look for, then you should turn on the appropriate logs on your MS Exchange server to get more diagnostic information.

9

Step 1 For example, let’s say you misspelled the user’s name in the Active Directory, and after several corrections, it still does not appear correctly in the Global Address List and Offline Address List that are displayed on clients’ workstations. But the name change appears correctly in the Active Directory. You tried to reload the Offline Address List on the clients MS Outlook, but each time you got the Sync Errors and do not know what is going on. First, you should turn on the diagnostic logging for the Offline Address List. It will generate additional application events that can provide important information which will help with further troubleshooting. In order to turn on the diagnostic logging for the Offline Address List, you should follow the steps: 1. In the Exchange System Manager, select the server on which you want to turn on the additional diagnostic logging. 2. Right click on it and select properties. 3. From properties, select the Diagnostic Logging tab 4. Go to the MSExchangeSA service 5. Select OAL Generator and set the logging to Maximum.

10

Step 2 After you turn on the logging, the next step would be to rebuild the OAL. 1. Recipients 2. Offline Address Lists folder 3. Right click on OAL 4. From the drop down menu, select the “Rebuild” option 5. Go to the application log to verify if it was successful. If the rebuild was successful, you should get the 9107 event id in the Application Log:

11

You could also choose to rebuild the Offline Address List. You do not have to delete the existing OAL. In order to do so, you just go to: 1. 2. 3. 4. 5. 6. Recipients Offline Address Lists folder Recipients Offline Address Lists folder Right click on it and select New and the Offline Address List Go to the application log to verify if it was successful

In most cases, the rebuild of the OAL should fix the sync issue problem. However, sometimes the rebuild will not do the trick. If you still have problems with rebuilding or creating Offline Address List, you should examine the application event log on your server for the event id 9301.

12

If you want more information about the error that was displayed in the description of the 9301 you can download the Microsoft Windows 2003 Error tool and do the following: C:\>err 80072030 # as an HRESULT: Severity: FAILURE (1), FACILITY_WIN32 (0x7), Code 0x2030 # for hex 0x2030 / decimal 8240 ERROR_DS_NO_SUCH_OBJECT winerror.h # There is no such object on the server. # 1 matches found for "80072030" With this error you can now see that the object of the OAB is not being found in the active directory and you can start your investigation there as to why we are not finding this object. This could be caused by possible permissions issue, missing or deleted objects, etc.

13

As I mentioned before, you can have multiple OAL’s, but only one of them can be set as a default OAL. It is a good idea to check which Exchange server is used to generate the OAL. You can check that by right-clicking the default OAL and selecting Properties from the menu. You should see the following window:

Usually, the master Exchange server should generate the OAL based on the information that is contained in the Global Address List. The GAL is hosted on the master Exchange server and is generated by the Recipient Update Service (RAS), based on the user information in the Active Directory. This master Exchange server replicates the OAL to other Exchange servers in the domain. You can verify which of the servers is a master server by going to: 1. Administrative Group 2. Routing Groups 3. Members

14

Step 3 You could modify existing or create a new Global Address List. As I mentioned before, you can have multiple GAL’s but only one of them could be a default GAL. To create a new Global Address List you: 1. Right click on All Global Address Lists. 2. From drop down menu select the new Global Address List. 3. You will get the following window where you enter the name of the new GAL and set the appropriate filter rules:

By default, all filter rules are selected:

15

But you can change these rules to fit your company’s e-mail policies. In most cases, administrators leave them at default. You can populate the filter rules when you create the new GAL or after you have created it. The order does not matter, but you must generate filter rules because without them, the new GAL is empty:

Once you press the button “Filter rules” and select the rules you want, you click OK and the new GAL is ready. The properties should look like this:

16

If you click the “Preview” button, you will open the Address list Preview window which allows you to modify individual user accounts. Here, you can physically correct spelling mistakes of usernames, e-mail addresses, and other account information. The changes will affect entries in the Active Directory.

Once you double click on any of the names in the Address List Preview, you can enter the properties of that user account in the Active Directory. After you right click on the user’s name, you can also change the user’s password or disable the user from the Address List Preview. You can basically perform all tasks which you normally perform in the Active Directory Users and Computers console.

17

However, there could be discrepancies between GAL on your Exchange servers and you may have to correct them manually. The “Preview” option gives you the ability to make these changes for each GAL. If you have multiple Exchange servers you should verify the replication of the Offline Address List between them. Step 4 The Offline Address list can be replicated between the Exchange servers. The instances of the OAL are located in two folders in the Exchange System Manager: • • Public Folders Instances Public Folders

There are three versions of Offline Address Lists. They are listed as:

18

OAB version 2: The OAB Version 2 folder contains Offline Address Books with ANSI characters and is used by Outlook 97 through 2003. Each object in the system folder represents a created Offline Address Book (depending on the interval of OAB generating). Outlook clients have only to download the delta changes since the last full download. Changes between the last full download are saved in a file called Changes.oab. OAB version 3: Exchange Server 2003 introduces a new Offline Address Book format called Offline Address Book v3a. Offline Address Book v3a is stored in a system folder named OAB Version 3a. OAB Version 3a adds support for Unicode format. These Offline Address Books are used by Outlook 2003. When Outlook 2003 logs on to the Exchange Server, it checks for the existence of the OAB Version 3a folder and uses the Unicode files, if they are available. OAB version 4: OAB v4 was designed to help remove some of the download issues with the OAB. Some of the new OAB v4 features are:
• • • •

Generates local specific indexes based on the OAB. Uses LZX compression Uses a new Binpatch logic for applying multiple days worth the diff files Has sort orders for ambiguous name resolution (ANR) and browse files 1

All three versions must be replicated between the servers; otherwise you will get the sync error:
10:35:49 Microsoft Exchange offline address book 10:35:49 0X8004010F

In order to replicate the Offline Address List, you should open the Exchange System Manager and navigate to the server that has the OAL which you want to replicate. 1. Public Folder Store 2. Public Folders 3. Right click on OAD version 2 and select properties

1

Offline Address Book - Best Practice, Author: Marc Grote, Published: Oct 27, 2005, by http://www.msexchange.org http://www.msexchange.org/tutorials/Offline-Address-Book-Best-Practice.html

19

4. Click on the Replication tab

5. Click Add button and add the server or servers which you want to replicate Offline Address List to.

20

Please keep in mind that you must follow the same steps for all OAB instances that are in the Public Folders store. You should also verify that these changes appear in Public Folders Instances. You should verify the replication status of OAB in the Replication Status Folder

If there are no replication problems and you are not getting any replication errors in the event log, you should try to download the new Offline Address Book onto the client’s workstation. Step 5 To download the Offline Address Book form your MS Exchange server, follow the following steps: 1. In the MS Outlook select “Tools” from the navigation bar 21

2. Select “Send/Receive” 3. From the drop down menu, select “Download Offline Address Book” 4. The following window will open:

5. You can leave the default options and click OK. 6. On a user’s workstation go to: C:\Documents and Settings\%username%\Local Settings\Application Data\Microsoft\Outlook 7. Verify the time and date of all the files with the *.OAB extension. If the update was successful, their date and timestamp will change.

22

Final comments The Offline Address Book Integrity (OABInteg) utility can be of great help when troubleshooting the Offline Address Book (OAB) generation issues as well as the OAB download issues. There is a great article about this utility on www.msexchange.org web site which can be found at: http://www.msexchange.org/articles/Offline-Address-BookIntegrity-OABInteg-Utility-Explained.html

23

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.