Offline Address Book

Sync Error: 0X8004010F

Paul Szymanski
MCSE
 Corrupted Offline Address Book

You may get a call from your customers informing you that they are getting the
following Sync error in their MS Outlook:

10:35:49 Microsoft Exchange offline address book

10:35:49 0X8004010F

and they will ask you to fix it. The customers may receive this error just after you
tried to fix another problem which was reported to you. For example, you were
asked to create a new user account called Joe Doe and the name you received
from HR was spelled as Jo Doae. You tried to correct the mistake, but for some
strange reason the changes you made have not reappeared in the Global
Address List and the user’s name was still listed as Jo Doae instead of Joe Doe.

The misspelled first or last name is a very common mistake usually caused by
what we called “fat fingers” syndrome. Sometimes, you try to rename a user
account because the user married and changed her last name. You may decide
to rename a user account when a person leaves a company. Instead of creating
a new user account and assigning appropriate access, it is easier to rename the
old account. However, after the change you realized that the name has not
changed in Global Access List. In other cases, you have multiple Global Address
Books and they get corrupted during the replication process, and you run into
problems trying to fix them.

The problems with Offline Address Book could be the symptoms of a larger
problem related to your Active Directory and Recipient Update Service.

Whatever the reason, you need to correct the problem and in the process of
doing so, you will quickly find out that it is not an easy task. There are a lot of
confusing solutions on the Internet and the MS Knowledge Base is not a very
helpful resource either because it will take you a lot of time to find a correct KB
article.

Global Access List Overview

Global Address List (GAL) is a directory that lists any mailbox-enabled or mail-
enabled object in an Active Directory forest where Exchange 2003 is installed. It
can contain not only an e-mail address of the user or an object in AD, but also
phone numbers, fax numbers, mailing addresses, and comments. The GAL is
basically an address/phone book that can be customized and accessed by
clients either when they are logged to the network or work offline. The LDAP
protocol (Lightweight Directory Access Protocol) is used to query this directory
and present the results to users in a logical fashion. LDAP queries can be
modified to fit the user’s needs. The Exchange System Manager gives you the
ability to build and customize LDAP queries.

1
The engine that generates the GAL in MS Exchange server is called the
Recipient Update Service (RAS). It is responsible for generating and updating
GAL base on the entries in the Active Directory. For example, if you rename an
e-mail enabled user account or an object in AD, the RAS will generate
appropriate changes in GAL that resides on your MS Exchange server and these
changes will be replicated to the Offline Address Book.

The GAL is located in the Recipient folder in the Exchange System Manager.
You can have more than one GAL, but in most cases you should stick to one
GAL. You could debate pros and cons of customizing GAL but, in general, there
is no need to customize GAL for small to medium size organizations. If you do
customize GAL, please make sure you have the excellent documentation and
you put a lot of thought into it, otherwise you will run into serious problems fast.
Also, keep in mind that MS Outlook can view only one Global Address List. Users
could have permissions to access more than one GAL. In this case, the one that
is the highest alphabetically will be displayed.

The recipient folder in the Exchange System Manager lists two directories: All
Address Lists and All Global Address Lists.

Yes, there is a reason why they are separated, but at the same time, there is one
small difference between GAL and All Address List. We must remember that all
e-mail enabled objects and contacts must exist in the Active Directory, otherwise
they will not show up in GAL or All Address List.

The main difference between All Global Address Lists and All Address Lists is
the ability to add e-mail addresses to a directory called All Contacts that contains
important contact information of users who are outside of your domain and do not
have mailboxes on your Exchange server. But because of the business needs,
the users on your domain must be able to access and query these e-mail

2
addresses and other contact information that are contained in the All Contacts
directory.

For example, you may want to create a directory of the outside suppliers for your
organization and allow the Manufacturing Department access this list. By doing
so, you most likely centralized several Personal Address Books that resided on
individual workstations. Such an action could improve contact information sharing
by providing one, centralized, and searchable address book. Believe it or not,
such a small improvement could make a huge positive difference in an
organization.

By default, All Address List contains the following four sub directories:

All Contacts: A contact is an Active Directory object that does not have
permissions to access domain resources. A contact usually represents someone
outside your Exchange organization, such as a partner or a customer. Contacts
cannot be given mailboxes on your Exchange server. However, you can specify
external e-mail addresses for contacts and add them to groups and GAL.
Contacts must be entered into the Active Directory to be listed in All Contacts.

All Groups: A group is an Active Directory object that can contain users,
contacts, public folders, and other groups. There are two main types of groups:
security groups and distribution groups. Security groups are used to collect
objects into a manageable unit for controlling access to resources; they can be
mail-enabled. Distribution groups are used only as e-mail distribution lists. Only
e-mail enabled groups will be listed in GAL and in All Groups on your Exchange
server.

All Users: Active Directory user accounts enable users to log on to computers
and domains with identities that can be authenticated and authorized for access
to domain resources. Users who log on to the network must have their own
unique user accounts and passwords. User accounts can also be used as
service accounts for some applications. Users can be added to groups and
appear in the global address list (GAL).

There is a difference between mail-enabled and mailbox-enabled users. A Mail-

enabled user is equivalent to a custom recipient and does not have permissions
to access domain resources. If a user account is mail-enabled but not mailbox-
enabled, the user can receive e-mail at an external e-mail address but cannot
store messages on your Exchange server. Again, only recipients with Active
Directory accounts can be mailbox-enabled to send and receive e-mail. You must
install Exchange to mailbox-enable a user. You then can specify the location of
the user's mailbox on the Exchange store.

3
Public Folders: A public folder is an Exchange-specific object that stores
messages or information that can be shared among users in your organization.
Unlike users and contacts, which are native Windows objects, public folders only
appear in the Active Directory if you mail-enable them.

In a native environment, no public folders are mail-enabled by default. Mail-

enabled public folders can be displayed in GAL and be added to groups.

MS Exchange allows you to create custom and searchable directories in All

Address Lists.

The All Global Address Lists contain one or multiple GAL’s. But you can have
only one Default Global Address List. GAL is basically a summary of all e-mail
enabled entities that exist in Active Directory and directories that can be found in
All Address Lists.

So why would MS Exchange separate All Address Lists and All Global Address
Lists? As I mentioned at the beginning, the LDAP protocol (Lightweight Directory
Access Protocol) is used to query directories listed in the MS Exchange and
present the results to users in a logical fashion. In other words, the MS Exchange
allows customization of address directories and LDAP queries. To better
understand this, let’s take a look at how these address directories are listed in
MS Outlook.

MS Outlook allows users to specify the order of directories in which it searches

for contact information. This search can be customized by the user or by the e-
mail administrator. You can modify this search by selecting Tools in the MS
Outlook tool bar and then Address Book, Tools and finally Options and you will
see the following window where you can specify which address directory should
be searched first:

4
You can also add specific address directories by clicking Add button:

As you can see in the graphic above, the address lists displayed correspond to
address lists that are available on the MS Exchange server. By adding or
removing the lists, the LDAP protocol can query them more efficiently.

The user can also sort and query these directories from the main menu of the
Address Book. By clicking a drop arrow in the Show Names from the: you will
see all address lists available to the user. Sometimes the GAL could be very
extensive and the logical sorting of the groups and users could be very beneficial
for the organization.

But again, it is important to remember that users that are not members of your
domain, but who are listed as e-mail enabled Contacts in the Active Directory,
will not be displayed in GAL, but they will appear in All Contacts.

Global Address List can be rebuilt and the content modified.

5
Offline Address Lists

The Offline Address Lists are used by MAPI clients such as Outlook 2003. They
allow the offline users to download offline address lists, so they can compose e-
mail messages even when they are disconnected from their Exchange server. To
make it possible, you must first create the address lists on the server.
By default, there is an offline address list named the Default Offline Address List,
which contains the global address list. If necessary, you can populate this list
with any other address list you have created. You can also create multiple offline
address lists that can be individually associated with each mailbox store in your
organization. If the users on your different mailbox stores share something in
common, such as all being part of the same division, you might want to provide
different offline address lists for each mailbox store.

The Offline Address Lists are stored on a local workstation in a user’s profile.
They can be found in a hidden directory called Application Data. The following is
the path to a directory that stores Offline Address Book: C:\Documents and
Settings\%username%\Local Settings\Application Data\Microsoft\Outlook. The

Offline Address Book is comprised of several files:

outlook.ost: Offline folder (.ost) file is an exact replica of your folders on the
Exchange Server 2003, and is updated by the server during client initiated
synchronization. A set of personal folders, on the other hand, is simply a storage
location on your hard disk or a server other than the Exchange Server 2003.

When you are working offline, you work with the contents of an offline folder
exactly as you do with a folder that is part of your mailbox on the Exchange 2003
Server. For example, you can change and move items in your offline Inbox and
send messages that are placed in your offline Outbox. When you connect your
computer to the network, you can manually or automatically synchronize the
offline folders. Your message in the offline Outbox will be transmitted to the
exchange server.

tmplts.oab: This file contains the dialog box strings and any information that is
static in accordance with the offline Address Book. This file does not increase in
size if you add additional objects to your directory.

rdndex.oab: This file holds the Parent Distinguished Names (PDNs), which are
stored at the beginning of the file. A block that contains the Relative
Distinguished Name (RDN) for each address entry follows the PDN block. The
RDNs are stored with a byte offset from the beginning of the file that points to the
appropriate PDN.

pdndex.oab: This file contains the changes to domain names and the lists there
of.

6
details.oab: This file contains all the object details (those included in the
generation of the offline Address Book), except the display name.

browse.oab: This is a core file. It contains the object type, the display name, and
a pointer to the Details.oab file for each object.

anrdex.oab: This file is an index for resolving ambiguous names.

Additionally, there are six Unicode file types:

Uanrdex.oab: This file is the Unicode version of the Anrdex.oab file.

Ubrowse.oab: This file is the Unicode version of the Browse.oab file
Udetails.oab: This file is the Unicode version of the Details.oab file.
Updndex.oab: This file is the Unicode version of the Pdndex.oab file.
Urdndex.oab: This file is the Unicode version of the Rdndex.oab file

Utmplts.oab: This file is the Unicode version of the Tmplts.oab file.

Microsoft Exchange System Attendant is responsible for generating the offline

address book. The System Attendant calls Oabgen.dll. This is a MAPI application
(referred to as OABGen) that reads from the Active Directory. On a server
running the Exchange Server 2003 SP2, the first time an offline address book is
created, OABGen creates the OAB Version 2, OAB Version 3a, and OAB
Version 4 folders. You can specify the versions of offline address books that are
generated.

7
Every time the OABGen runs, it performs several tasks:

• It connects to the Active Directory containers via NSPI (Named Service

Provider Interface) to it can read all of the objects it will put in the GAL.
• It creates the files for all offline address book versions.
• It compresses the files. It creates posts in the system folders for each
version of the offline address that it is configured to generate. The offline
address book files will be saved as attachments on the posts in the
folders.
• It creates incremental offline address book files containing daily changes.
The default setting in Exchange Server 2003 is to generate an offline
address book incremental file every morning at 05:00.

The Active Directory servers: are utilized in the offline address book
generation. Offline address book configuration data is stored in the Configuration
Naming Context partition in the Active Directory, making it available to all domain
controllers. In addition, global address list information is stored in global catalog
servers.

Recipient Update Service: although offline address book generation does not
require the Recipient Update Service, address lists do require this component.
The System Attendant calls the Recipient Update Service, which in turn
maintains the address list membership on recipients. If the address list is blank,
the offline address book generation will fail.

8
The Microsoft Exchange Server 200x: allows creation of multiple Offline
Address Books, but there could be only one default Offline Address Book. The
Offline Address Book can be rebuilt and the rebuild is very simple. You just right
click on the Offline Address Book and select “Rebuild” from the drop menu. You
must check the Application Logs to make sure the process was started and
successfully completed.

Troubleshooting issues with Global Address List and Offline Address Lists

When someone in your organization reports to you that the Sync Issue folder in
MS Outlook is filling up with the error:

10:35:49 Microsoft Exchange offline address book

10:35:49 0X8004010F

You want to ask yourself the following questions:

• When did this error start to occur?

• What changes were implemented to your Active Directory Domain
Controller and MS Exchange Server prior to this error?
• Who did those changes and why?
• How many MS Exchange servers do you have?
• How many Offline Address Lists do you have on your MS Exchange
Server?
• How many Global Address Lists do you have on your MS Exchange
server?
• Which of them are default Address Lists?
• Do you have a default offline address list associated with the mailbox
store this user resides on?
• Are the outlook users have sync issues and not applying the newly
downloaded oab files?

The answers to these questions will help you narrow down the scope of the
problem. A lot of organizations have complex e-mail exchange systems and in
many cases, documentation is outdated or completely missing. This error may
affect some users, but not others. Once you find out what has happened and
where to look for, then you should turn on the appropriate logs on your MS
Exchange server to get more diagnostic information.

9
Step 1

For example, let’s say you misspelled the user’s name in the Active Directory,
and after several corrections, it still does not appear correctly in the Global
Address List and Offline Address List that are displayed on clients’ workstations.
But the name change appears correctly in the Active Directory. You tried to
reload the Offline Address List on the clients MS Outlook, but each time you got
the Sync Errors and do not know what is going on.

First, you should turn on the diagnostic logging for the Offline Address List. It will
generate additional application events that can provide important information
which will help with further troubleshooting.

In order to turn on the diagnostic logging for the Offline Address List, you should
follow the steps:

1. In the Exchange System Manager, select the server on which you want to
turn on the additional diagnostic logging.
2. Right click on it and select properties.
3. From properties, select the Diagnostic Logging tab
4. Go to the MSExchangeSA service
5. Select OAL Generator and set the logging to Maximum.

10
Step 2

After you turn on the logging, the next step would be to rebuild the OAL.
1. Recipients
2. Offline Address Lists folder
3. Right click on OAL
4. From the drop down menu, select the “Rebuild” option
5. Go to the application log to verify if it was successful.

If the rebuild was successful, you should get the 9107 event id in the Application
Log:

11
You could also choose to rebuild the Offline Address List. You do not have to
delete the existing OAL. In order to do so, you just go to:

1. Recipients
2. Offline Address Lists folder
3. Recipients
4. Offline Address Lists folder
5. Right click on it and select New and the Offline Address List
6. Go to the application log to verify if it was successful

In most cases, the rebuild of the OAL should fix the sync issue problem.
However, sometimes the rebuild will not do the trick.

If you still have problems with rebuilding or creating Offline Address List, you
should examine the application event log on your server for the event id 9301.

12
If you want more information about the error that was displayed in the description
of the 9301 you can download the Microsoft Windows 2003 Error tool and do the
following:

C:\>err 80072030
# as an HRESULT: Severity: FAILURE (1), FACILITY_WIN32 (0x7), Code
0x2030
# for hex 0x2030 / decimal 8240
ERROR_DS_NO_SUCH_OBJECT winerror.h
# There is no such object on the server.
# 1 matches found for "80072030"

With this error you can now see that the object of the OAB is not being found in
the active directory and you can start your investigation there as to why we are
not finding this object. This could be caused by possible permissions issue,
missing or deleted objects, etc.

13
As I mentioned before, you can have multiple OAL’s, but only one of them can be
set as a default OAL. It is a good idea to check which Exchange server is used to
generate the OAL. You can check that by right-clicking the default OAL and
selecting Properties from the menu. You should see the following window:

Usually, the master Exchange server should generate the OAL based on the
information that is contained in the Global Address List. The GAL is hosted on
the master Exchange server and is generated by the Recipient Update Service
(RAS), based on the user information in the Active Directory. This master
Exchange server replicates the OAL to other Exchange servers in the domain.

You can verify which of the servers is a master server by going to:

1. Administrative Group
2. Routing Groups
3. Members

14
Step 3

You could modify existing or create a new Global Address List. As I mentioned
before, you can have multiple GAL’s but only one of them could be a default
GAL.

To create a new Global Address List you:

1. Right click on All Global Address Lists.

2. From drop down menu select the new Global Address List.
3. You will get the following window where you enter the name of the new
GAL and set the appropriate filter rules:

By default, all filter rules are selected:

15
But you can change these rules to fit your company’s e-mail policies. In most
cases, administrators leave them at default.

You can populate the filter rules when you create the new GAL or after you have
created it. The order does not matter, but you must generate filter rules because
without them, the new GAL is empty:

Once you press the button “Filter rules” and select the rules you want, you click
OK and the new GAL is ready. The properties should look like this:

16
If you click the “Preview” button, you will open the Address list Preview window
which allows you to modify individual user accounts. Here, you can physically
correct spelling mistakes of usernames, e-mail addresses, and other account
information. The changes will affect entries in the Active Directory.

Once you double click on any of the names in the Address List Preview, you can
enter the properties of that user account in the Active Directory. After you right
click on the user’s name, you can also change the user’s password or disable the
user from the Address List Preview. You can basically perform all tasks which
you normally perform in the Active Directory Users and Computers console.

17
However, there could be discrepancies between GAL on your Exchange servers
and you may have to correct them manually. The “Preview” option gives you the
ability to make these changes for each GAL.

If you have multiple Exchange servers you should verify the replication of the
Offline Address List between them.

Step 4

The Offline Address list can be replicated between the Exchange servers. The
instances of the OAL are located in two folders in the Exchange System
Manager:

• Public Folders Instances

• Public Folders

There are three versions of Offline Address Lists. They are listed as:

18
OAB version 2: The OAB Version 2 folder contains Offline Address Books with
ANSI characters and is used by Outlook 97 through 2003. Each object in the
system folder represents a created Offline Address Book (depending on the
interval of OAB generating). Outlook clients have only to download the delta
changes since the last full download. Changes between the last full download are
saved in a file called Changes.oab.

OAB version 3: Exchange Server 2003 introduces a new Offline Address Book
format called Offline Address Book v3a. Offline Address Book v3a is stored in a
system folder named OAB Version 3a. OAB Version 3a adds support for Unicode
format. These Offline Address Books are used by Outlook 2003. When Outlook
2003 logs on to the Exchange Server, it checks for the existence of the OAB
Version 3a folder and uses the Unicode files, if they are available.

OAB version 4: OAB v4 was designed to help remove some of the download
issues with the OAB. Some of the new OAB v4 features are:

• Generates local specific indexes based on the OAB.

• Uses LZX compression
• Uses a new Binpatch logic for applying multiple days worth the diff files
• Has sort orders for ambiguous name resolution (ANR) and browse files 1

All three versions must be replicated between the servers; otherwise you will get
the sync error:

10:35:49 Microsoft Exchange offline address book

10:35:49 0X8004010F

In order to replicate the Offline Address List, you should open the Exchange
System Manager and navigate to the server that has the OAL which you want to
replicate.

1. Public Folder Store

2. Public Folders
3. Right click on OAD version 2 and select properties

1
Offline Address Book - Best Practice, Author: Marc Grote, Published: Oct 27, 2005, by
http://www.msexchange.org
http://www.msexchange.org/tutorials/Offline-Address-Book-Best-Practice.html

19
4. Click on the Replication tab

5. Click Add button and add the server or servers which you want to replicate
Offline Address List to.

20
Please keep in mind that you must follow the same steps for all OAB instances
that are in the Public Folders store. You should also verify that these changes
appear in Public Folders Instances.

You should verify the replication status of OAB in the Replication Status Folder

If there are no replication problems and you are not getting any replication errors
in the event log, you should try to download the new Offline Address Book onto
the client’s workstation.

Step 5

To download the Offline Address Book form your MS Exchange server, follow the
following steps:

1. In the MS Outlook select “Tools” from the navigation bar

21
2. Select “Send/Receive”
3. From the drop down menu, select “Download Offline Address Book”
4. The following window will open:

5. You can leave the default options and click OK.

6. On a user’s workstation go to:
C:\Documents and Settings\%username%\Local Settings\Application
Data\Microsoft\Outlook
7. Verify the time and date of all the files with the *.OAB extension. If the
update was successful, their date and timestamp will change.

22
Final comments

The Offline Address Book Integrity (OABInteg) utility can be of great help when
troubleshooting the Offline Address Book (OAB) generation issues as well as the
OAB download issues.

There is a great article about this utility on www.msexchange.org web site which
can be found at: http://www.msexchange.org/articles/Offline-Address-Book-
Integrity-OABInteg-Utility-Explained.html

23