MSExchangeSA Event 9396 while generating Offline Address Book

by Shijaz Abdulla on 28.01.2009 at 09:49

January 28, 2009

Log Name:      Application
Source:        MSExchangeSA
Date:          1/28/2009 10:18:59 AM
Event ID:      9396
Task Category: OAL Generator
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      servername
OALGen is running on a single-copy cluster (SCC) node that does not have the registry value ‘SYSTEMCurrentControlSetServicesMSExchangeSAParameters
servernameOabDropFolderLocation’ or it is set to a non-existing path. Offline address book generation will not be performed.

This typically happens on an SCC cluster when the OabDropFolderLocation registry entry:

  • does not exist (was accidentally deleted). The key should exist on all nodes with the same value.
  • the location/folder mentioned in this registry value was deleted or renamed
  • the location is on a non-shared disk (like C:). On an SCC cluster, this folder should always be on a shared disk.

To fix the problem, recreate the registry entry if it doesn’t exist, or edit the value so that it points to a valid location.


Outlook prompting for credentials when OAB Web-based publishing enabled

by Shijaz Abdulla on 25.01.2009 at 10:17

January 25, 2009

If you have enabled web-based publishing of your Offline Address Book (OAB) and your Outlook users get continuously prompted to enter their passwords, you need to check a couple of things:

  • Make sure Autodiscover is working perfectly before you made the OAB change.
  • Hold down the CTRL button and right click on the Outlook icon on the task bar, then select Test Email Autoconfiguration. Unselect GuessSmart and Secure GuessSmart and keep Use Autodiscover selected. On the Log tab, make sure Autodiscover is successful and that it was able to bind to an SCP.
  • Make sure that the entry is added to your certificate’s Subject Alernative Names list.
  • If you are facing problems with Autodiscover, you should correct that first before attempting the steps mentioned below.
  • Make sure that you have defined the External and Internal URLs for the OAB virtual directory in your client access server.

Once you have made sure that Autodiscover is working OK, and that the credentials are being prompted for the OAB URL (and not the mailbox server), you need to check the IIS Authentication setting on the client access server.

  • On the Client Access Server running Windows Server 2008, open IIS Manager console.
  • Click on Default Web Site
  • Open Authentication
  • Note that only Anonymous Authentication is enabled. All other authentication methods should be disabled.
    • Temporarily enable Windows Authentication
    • Right click on Windows Authentication and choose Advanced Settings
    • Uncheck Enable Kernel Mode Authentication and click OK
    • Disable Windows Authentication
    • Do an IISRESET


Also make sure that kernel-mode authentication is disabled for the RPC virtual directory.

Restart Outlook. You should no longer get the prompt for credentials. Test the configuration with Outlook Anywhere clients as well, if you have enabled Outlook Anywhere on your Client Access Servers.

You may need to repeat this configuration on all Client Access Servers that are enabled for Web-based publishing of Offline Address Book (OAB).