In this article I will explain how the OAB Generation process discovers the domain controller that it will use for rebuilding an Offline Address List. Understanding this process can help you in troubleshooting.
As I have mentioned in other blog posts of mine, the System Attendant (MAD.exe) is the process that is responsible for invoking OABGen.dll (the OAB generation process). This happens one of two ways:
1. Via Schedule
To view the schedule for an Offline Address list you can do the following:
1. Open the ESM (Exchange System Manager)
2. Expand the Recipients Container.
3. Select the Offline Address List Container.
4. In the right hand pane highlight an Offline Address List.
5. Select Properties.
At the bottom of the Properties dialog box you will see an area that shows the Update Interval. This drop-down list box will control when the Offline Address List is generated. The list box will also show several predefined times:
· Run daily as 2:00 am
· Run daily as 3:00 am
· Run daily as 4:00 am
· Run daily as 5:00 am
· Never Run
· Use custom schedule
2. Via the ESM (Exchange System Manager)
1. Open the ESM.
2. Expand the Recipients Container.
3. Select the Offline Address List Container.
4. In the right hand pane right client an Offline Address List.
5. Select "Rebuild".
By selecting "Rebuild" you will force replication to occur. In doing so the System Attendant then becomes responsible for making sure that the selected Offline Address List is rebuilt.
But, the real question here is "how does the System Attendant find the domain controller??"
Well, in order for the OAB Generation process to connect to the Active Directory to make its NSPI queries, it must have a mechanism for doing so. This connection to the Active Directory will be facilitated by a MAPI profile.
What is a MAPI and what is a MAPI Profile?
MAPI stands for Messaging Application Programming Interface.
A MAPI Profile is a named list of message services and configuration data created by a user or service. A profile can contain any number of message services. Profiles will contain a session object and use service providers to do the work on the behalf of the user or system.
A MAPI Session is a period of fixed duration (logon time ---> logoff time) which the work is done. In the context of MAPI, work refers to a series of client requests to MAPI that are services by one or more service providers.
Once a scheduled rebuild or manual rebuild of an offline address list is performed, there are a few things that need to happen before OABGen.dll can even connect to the Active Directory:
1. The system attendant needs to force the Directory Service call to synchronize the Offline Address List.
2. After the Directory Service calls are made necessary security checks will be done to ensure that we have the proper credentials to make this call.
3. After the necessary security checks have been preformed we will make a call to the Active Directory to get the Configuration Domain Controllers DNS name. This is needed so we can obtain information like (Forest Name, Organization, Administrative Groups, Server Name, etc).
4. Once the Configuration Domain Controller's name is obtained a Session Object can be set up.
5. Now try to create one of the Directory Service objects, and read all of the information we need from the active directory (this is the data mentioned above).
6. Make a query to get the name of the offlineABServer.
7. Once the offlineABServer is found, get and use legacyExchangeDN to query that object in the active directory. (Example - "/dc=local/dc=OABGen/cn=Configuration/cn=Services/cn=Microsoft Exchange/cn=OABGen/cn=Administrative Groups/cn=First Administrative Group/cn=Servers/cn=W2K3-E2K3".
8. Next setup our tasks that are necessary for the OAB Generation (profile creation, obtain the public folder information store, etc).
9. Get the server name and add it to the MAPI Session that was previously created.
10. Logon to the Admin portion of the profile (System Attendant profile).
11. Obtain the system directory so we can find out where the MAPISVC.inf file resides.
12. Read in the service specific settings from the MAPISVC.inf file so the profile can be configured.
13. Check to see if we are a domain controller or not.
14. Get the mailbox name for this profile - "/o=OABGen/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=W2K3-E2K3/cn=Microsoft System Attendant"
15. Now log profile on to our session object using the MAPILogonEx API. For more information on the MAPILogonEx API please refer to: http://msdn.microsoft.com/library/en-us/mapi/html/9764438a-0e36-4124-af1e-8296759ed216.asp
16. Open the Address Book provider by creating a new IAB interface object.
17. Associate this Address Book with this MAPI session.
18. Load all of our necessary providers here for the profile.
19. Open the profile sections and also initialize emsabp.dll.
20. Load the Address Book data.
21. Look up the AB Server that will be responsible for holding the Offline Address List.
Here is where the magic is:
22. Check to see if the Address Book server can be contacted and is online. If we find that we are online then we need to Logon to the Directory Service.
23. Check to see if this server is an Exchange 2000 server.
24. Check the registry to see if we are hard coding the profile by using the following registry key [HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\Exchange Provider]. Please see this Knowledge Base Article for more information:
ID Q314737 - XADM: Offline Address List Generation Does Not Work on Exchange 2000 Server SP1
http://support.microsoft.com/default.aspx?scid=kb;EN-US;314737
NOTE: Using this registry key is not a recommended or supported method, and should not be used unless directed by a Microsoft PSS Support Professional for troubleshooting purposes only!!
25. Open Address Book profile section in the MAPISVC.inf file.
26. Read from the MAPISVC.inf file and see if we can find the following MAPI property tag 0x6602001e = PR_PROFILE_HOME_SERVER. If this value is present in the DS Section of the MAPISVC.inf file then this is the server that we are going to use for our Active Directory connections via our MAPI profile.
27. If this value is not present we are an Exchange 2000 server, we will then use the RFR Interface (Referral Service). Using the Referral Service will allow us ask the Exchange Server to connect to the Active Directory and find us another suitable domain controller that we can connect to.
28. If the server is not an Exchange 2000 server or our Referral failed to get the profile home server address we need to rebind back to the Active Directory again.
29. Once we find our data save it to the profile.
30. Now that we have the necessary profile information to connect to the Active Directory we pass this data along to OABGen.dll.
31. When OABGen.dll is invoked to rebuild an address list, it will have use the domain controller that is will use for its Active Directory queries.
For more information on the OAB Generation Process please see my post "Overview of the OAB Generation Process" here:
http://blogs.msdn.com/dgoldman/archive/2005/03/31/404329.aspx
- Dave Goldman
