[ Exchange 2010 SP1 ][ WebsitePanel ] OAB Downloads not working for some Address Lists
-
Thursday, March 01, 2012 3:01 PMSo we're trying to run a greenfield scale-out hosted Exchange 2010 SP1 setup to cater to as many companies/customers as we can using:
"Exchange 2010 SP1 + WebsitePanel v1.2 + GAL AD segregation"
(We tested the Exchange 2010 SP1 /hosting switch first and decided that we needed more functionality so here we are. Please be gentle.)
We segregated the Global Address List (GAL) into sub-sets of Organization Units (OU) that have their own Address List... and do not get to read the contents of other Address Lists nor the GAL super-set.
(e.g. OU=Tofu would effectively have the \Tofu Address List which only contains users/mailboxes under that OU.)
The WebsitePanel hosting panel helps us subscribe users/mailboxes to their respective Address List and the Address Book by using Custom Attributes.
All our customers use either Outlook 2007/2010 via Outlook Anywhere (formerly known as RPC-over-HTTP) to download the Address Book from the Exchange 2010 SP1 setup. Autodiscover *seems* to be working for all our customers, because we've required them to create the CNAME records "autodiscover.customerdomain.com" to point to our Client Access Servers... and well, they haven't been asking for Manually Configure step-by-step instructions.
What's unusual is the Download Address Book (OAB) feature isn't working for users of *some* of the Address Lists.
Worse, Outlook 2007/2010 users trying to download these Address Lists get repeatedly asked for their email credentials, despite entering valid ones.
When the user clicks Cancel instead of entering the password, Outlook doesn't seem affected... its just that the Address Book doesn't get downloaded.
[Scope] So far we've verified that this issue applies to...
1. [Object-level] Mailboxes/profiles under those OUs that are at least 24 hours old.
( GAL by default refreshes every 24 hours, so Outlook won't find any newer mailboxes )
2. [Application-level] Outlook 2007 and 2010 both 64bit and 32bit.
3. [Infrastructure-level] This issue applies on Windows 7 64bit and 32bit laptops and freshly spun-up virtual machines (Hyper-V on Windows 2008 R2, Virtual Box on xubuntu 11.10)
So here we are wondering which configuration gotchas we fell into.
Any pointers or outright solutions (that won't involve calling for Premium Support) would be awesome.
All Replies
-
Friday, March 02, 2012 4:56 PM
Saffron, this might not be the answer you want to hear, but I will provide it anyway.
You shouldn't be using SP1 and WebSitePanel for doing multi-tenancy, not now SP2 is out. You won't get support from Microsoft for the Exchange multi-tenancy configuration using SP1. This is covered here: http://social.msdn.microsoft.com/Forums/en-US/wspsupport/thread/539276af-77f6-4669-934d-2eb8d1017d2a
What you need to do is work with the people developing the panel (and I know they are testing SP2) and get to SP2 as soon as you can. Spending time troubleshooting this might help in the short term, but you will still have an unsupported solution from Exchange's perspective.
Useful links: http://blogs.technet.com/b/exchange/archive/2011/12/06/exchange-2010-service-pack-2-and-hosting.aspx
-
Tuesday, March 06, 2012 11:02 AM
What have you set as the internal and external FQDN for OABvirtualdirectory? What authentication is enabled?
Look through the permissions on the OAB/address lists and parent containers in ADSI Edit . I'm not suggesting you change anything but it should contain a mix of Read, Read All Properties, Open Address List, List Contents and Download Offline Address Book.
I have deployed SP1 and SP2 with WSP 1.2 without running in to this problem. Before installing WSP did you set the pre-deployment permissions listed here, http://websitepanel.net/exchange-2007-2010-module/hosted-exchange-solution-pre-deployment-tasks?
Do all the OABs have web distribution enabled?
That's all I can think of right now.
Daniel Noakes | MCITP:EMA 2010 CM / MCITP:EMA 2007
-
Wednesday, March 07, 2012 2:53 PM
WSP have released 1.2.1 Beta supporting ABP, http://websitepanel.codeplex.com/releases/view/77278. It is Beta for lab testing only and you will still have to develop your own bits for Exchange to meet the multi-tenancy recommendations set out by the Exchange team.
Daniel Noakes | MCITP:EMA 2010 CM / MCITP:EMA 2007
.png)
