OAB 0x8004010F | HAFNIUM Fix | Outlook Address Book Deep Dive FixThere are 2 things at play here - the regeneration of the Offline Address Book on the exchange side, and the downloading of the address book in Outlook.
You can control the regeneration of the OAB through the Exchange Control Panel, however you cannot change how often outlook downloads the OAB from exchange - it's an automatic every approximate 24 hours.
You can force it to download the address book through send/receive > Download Address book - but you can't set it up automatically as far as I know.
check if the OAB has been tagged to the database, if it's blank, that means you're using the default OAB:
Get-MailboxDatabase | Ft Name, offlineaddressbook
Update the OAB and check if it's successfully updated:
Get-OfflineAddressBook | Update-OfflineAddressBook
Navigate to the following and check the files are recently created:
%ExchangeInstallPath%\ClientAccess\OAB\<ObjectGuid>
Check the Event Viewer for Event 17001 and 17002:
Get-WinEvent -LogName Application |?{$_.id -eq "17001" -or $_.id -eq "17002"} | select -First 3
Get-WinEvent -LogName Application |?{$_.id -eq "17001" -or $_.id -eq "17002"} | select -First 3 |fl
Check the following log and search for "error":
C:\Program Files\Microsoft\Exchange Server\V15\Logging\OABGeneratorLog
Check to see the the url of the OAB:
Get-OabVirtualDirectory| fl Identity, *url*
Get-OabVirtualDirectory -ADPropertiesOnly |fl Identity, *url*
Get-OabVirtualDirectory |fl Identity, *Auth*
Get-OabVirtualDirectory -ADPropertiesOnly |fl Identity, *Auth*
In Exchange 2013, OAB is processed by mailbox server role which owns the copy of the database of the Arbitration system mailbox with OAB PersistedCapabilities. OAB resides on the mailbox server in the folder “C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\OAB”. The database homing the System mailbox should be active and mounted. Clients will contact the mailbox server on which the OAB files are and downloads directly using AutoDiscover.
Get-OfflineAddressBook |fl generatingmailbox,guid
GUID: 534234b8-9177-465a-b5fb-867ef091f721
SystemMailbox{bb548c35-97f1-4cb9-8ff7-d53741de928c}
Make sure the server where the Arbitration-Mailbox is located is the same as where the DatabaseCopyStatus is located:
Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like “*OAB*”} | ft Name, Servername, Database
Get-MailboxDatabaseCopyStatus <database name>
See the details of the arbitration-mailbox:
get-mailbox -arbitration | ?{$_.PersistedCapabilities -like "*OAB*"} |fl
Compare the MAXSEND size with the acutal size:
get-mailbox -arbitration | ?{$_.PersistedCapabilities -like "*OAB*"} |fl *max*
%ExchangeInstallPath%\ClientAccess\OAB\<ObjectGuid>
Set-OabVirtualDirectory -ExternalUrl https://exchange.domain.tld/OAB
Visit the ExternalURL: https://exchange.domain.tld/OAB
Prompt for login.
Nothing.
If AutoDiscover is not able to retrieve the AutoDiscover.XML file with all URL’s to Outlook, then the client will have trouble – not just with OAB but with EWS and other features.
-hold CTRL
-right-click OUTLOOK mini-icon
-click TEST-EMAIL-AUTOCONFIGURATION
-click XML
There is no line for OAB
Local system:
del "C:\Users\%USERNAME%\AppData\Local\Microsoft\Outlook\Offline Address Book"
Nothing in folder.
https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/offline-address-books/offline-address-books?view=exchserver-2019
-the OAB is generated every 8 hours.
-outlook updates every 24 hours.
-OAB distribution to clients depends on Internet Information Services (IIS) virtual directories and the Autodiscover service.
https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/offline-address-books/oab-procedures?view=exchserver-2019#use-the-exchange-management-shell-to-configure-any-virtual-directory-in-the-organization-to-accept-download-requests-for-the-oab
Get-OfflineAddressBook |fl *virt*
VirtualDirectories : {SYSTEM-EXCHANGE\OAB (Exchange Back End)}
Get-OfflineAddressBook |fl *distrib*
PublicFolderDistributionEnabled : False
GlobalWebDistributionEnabled : False
WebDistributionEnabled : True
ShadowMailboxDistributionEnabled : False
Official docs recommend the following:
get-offlineaddressbook |Set-OfflineAddressBook -VirtualDirectories $null -GlobalWebDistributionEnabled $true
I guess the HAFNIUM changes/fixes took the OAB in a state of inaccessibility until a post-mortem could be done.