Dave Goldman help: rename AD user creates prob w autocomplete Outl
- From: Rebecca <Rebecca@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 19 Jan 2007 12:15:19 -0800
Dave: my problem still exists, so I’m crawling back for more help! Please
let me know what our next step should be. In previous emails you had said
“For this repro give me the exact steps you followed and I will do it as
well” and “no worries. Lets get this solved :)” and “if this is really a bug
then you should open a case and have someone from PSS reproduce this so it
can get fixed.” Which one of those do you suggest now? THANK YOU THANK YOU
THANK YOU for all previous help and all future help.
When I rename an AD user account and Exchange Mailbox using the steps
described below in MESSAGE #11, the exact problem that I described does
occur, so I know I can replicate the problem step-by-step on my own system.
Combined below in chronological order are all previous emails with reply
duplications removed.
MESSAGE #1 "Rebecca" wrote:
After renaming an Active Directory user account, the new user name and the
new Exchange mailbox work correctly almost everywhere, but there is a
problem in the autocomplete feature of all client Outlook 2003 for all
users.
OLD USER jgoulding
OLD EMAIL jgoulding@xxxxxxxxxx
OLD ALIAS jgoulding
OLD DISPLAY NAME Jessica Goulding
OLD AUTOCOMPLETE Jessica Goulding <jgoulding>
NEW USER jwalter
NEW EMAIL jwalter@xxxxxxxxxx
NEW ALIAS jwalter
NEW DISPLAY NAME Judy Walter
NEW AUTOCOMPLETE Judy Walter <jgoulding> THIS IS THE PROBLEM
In other words, if any user in my office wants to email to Judy, and they
type the letter "J" on their Outlook "TO:" line, it displays as "Judy Walter
<jgoulding>" which is new display name but old alias or old legacyDN or
whatever.
I have already tried MANY MANY MANY troubleshooting ideas. These are the
same troubleshooting steps that I found by searching and searching the
Internet, possibly even some suggestions from your own site. Maybe some of
them are right but I did them in the wrong combination.
I checked all tabs under the user's AD account for references to the name
jgoulding and there is nothing.
I typed jwalter into Outlook, arrowed down, and deleted the name from the
autocomplete list. It deletes it, but the problem comes back after sending an
email to jwalter@xxxxxxxxxx
I renamed the NK2 file and tested.
I created a brand new Outlook profile and tested.
I tried Outlook in online mode.
I rebuilt the Offline Address Book on the Exchange server and redownloaded
it on a workstation, and tested.
I deleted all OAB files on a workstation, redownloaded the address book, and
tested.
I verified all tabs under 'Outlook properties' and there were no references
to jgoulding.
I deleted the mailbox completely, created a blank mailbox, attached it to
the jwalter account, and tested.
Most of these tests were done on at least two workstations and all yielded
the same results.
I'm very frustrated because renaming an AD user account and associated
Exchange mailbox SHOULD NOT BE SO DIFFICULT!!! Why are there so many
messages on this site, and others, indicating that lots of Exchange server
administrators have tons of trouble just to rename an account? Exchange
should not be this way!
At least one place on the Internet suspects that this is an EXCHANGE SERVER
BUG
QUOTE FROM INTERNET: "I have 10 years experience in Specializing in
Microsoft products and 3 mcse Windows NT4.0/2000/2003. I know a bug when I
see one. I cannot rename an AD account so that outlook displays the correct
autocomplete name from the drop down list. Yes I have cleared the nk2 file
and deleted it manually. The incorrect autocomplete name keeps on coming
back. I use Exchange 2003 SP1 and I have just had a user get married so I
changed her last name in all entries in AD. this includes the Exchange e-mail
addresses. All clients use Outlook in cached mode. So when a user clicks the
letter of the name in outlook it comes up with the correct name but in the
square parenthesis <> the name has not changed. I have deleted this
autocomplete entry only to find its doesn't help. I have redownlaoded the
address book, I have rebuilt and updated the recipient policies and the
offline address book....The only place that I can find a problem is in the
following string: /o=First Organization/ou=First Administrative
Group/cn=Recipients/cn=WRONGNAME
How do I edit the last value "CN=" I am assuming that this is where outlook
is getting the value name<WRONGNAME> . I urge anyone to to create a user in
AD with a mailbox and then rename it. Go to outlook and then try and use the
autocomplete feature and you will find that is does not display the changed
name in the square parenthesis <>. Any help would be greatly appreciated.
PLEASE REPORT TO MICROSOFT AS A BUG. I enscourage anyone to duplicate this
by creating a new user and then renaming it. One of the other MVP's did and
he
saw my problem and I never got a repsonse."
MESSAGE #2 "Dave Goldman [MSFT]" wrote:
Number one your auto complete cache (commonly known as the 'Nickname cache'
is kept on the client side, not in your OAB. You should read this article:
http://www.outlookpower.com/issues/issue200506/00001584001.html to learn
more about this.
For this repro give me the exact steps you followed and I will do it as
well.
Now off to more pressing matters.
1. If you renamed your user accounts in the active directory the mail
attribute and Primary Proxy address should match. You can download OABInteg
and run the following:
OABInteg.exe /s:srvname /t:proxytest /v:2 /l (which will produce a
c:\oabinteg.txt file). Once this is done you can see just how many of these
were really renamed or not. If the primary proxy address and mail attribute
do NOT match they will be skipped from the OAB generation process.
2. You can rename an account in the active directory and it will need to
replicate to ALL of your domain controllers. I do see that you are
frustrated, but have you taken the time to check every domain controller you
have?? The OAB Generation process will only use one domain controller, so if
the domain controller that is being used for the OAB Generation process did
not get the update, it will not make it in to the GAL. You can read this
blog for more information on how the OAB Generation process works:
http://blogs.msdn.com/dgoldman/archive/2005/03/31/Overview-of-the-OABgen-process.aspx
http://blogs.msdn.com/dgoldman/archive/2005/07/16/How-to-troubleshoot-the-OAB-Generation-process.aspx
http://blogs.msdn.com/dgoldman/archive/2006/01/26/518038.aspx
http://blogs.msdn.com/dgoldman/archive/2006/07/03/New-Active-Directory-objects-are-not-showing-after-Cached-Mode-clients-download-the-OAB.aspx
What you need to do is read all of the above and verify that the dang gone
object was actually renamed on the domain controller that you were connected
too? If you are not on the Exchange Server and you are on a workstation your
ESM will connect to the same domain controller your workstation does. Make
sure you know which domain controller you are connected too. Make your
changes and then use ADSIEdit.msc to verify that the RDN, mail attribute and
proxy have changed. It's typically a good idea to add a new proxy address if
the person has changed their name because changing it does not usually
change the RDN portion of the legacyExchangeDN.
And if this is really a bug then you should open a case and have someone
from PSS reproduce this so it can get fixed.
MESSAGE #3 "Rebecca" wrote:
Wow, Dave, thanks for the fast answer, I'll definitely work on this with you
and maybe we can resolve! I'm sorry that my first post sounded so crabby and
accusatory. I had a good night's sleep, and I'm calmer now!!
I'm a very inexperienced Exchange Server administrator, so feel free to
explain at kindergarten level because that's about where I am!!
One thing I do know is that the autocomplete cache is on the client side,
that was one of the first steps I did by renaming the NK2 file on the client.
I'll print out your reply and chip away at it throughout this week.
Thanks again! I'll reply as I move through the process.
MESSAGE #4 "Dave Goldman [MSFT]" wrote:
Anytime and no worries. Lets get this solved :)
MESSAGE #5 "Rebecca" wrote:
Good morning, Dave. My network consultant Don is here, and we are starting
to step through the process. I'll email you in "real time" as we go, as
three heads are better than two. If you're available I'll check for your
response periodically, thanks!
We already did your Step 1 to run OABInteg and confirm that the mail
attribute and Primary Proxy address should match. They do match. Here is the
output from OABINTEG. Notice that the wrong address jgoulding is on the line
for the LegacyExchangeDN and everything else correctly says jwalter.
Processing Address Book Entry #31 of 50.
Display Name = Judy Walter
Object is a mailbox object
LegacyExchangeDN starts with '/o=' or '/O='. Value = /o=CEM/ou=first
administrative group/cn=Recipients/cn=jgoulding
Primary Proxy Address found. Value = jwalter@xxxxxxxxxx
Primary Proxy Address has a vaild unicode domain. Value = @cemins.com
SMTP Domain is valid and contains '@'.
Proxy Address SMTP:jwalter@xxxxxxxxxx is 8 characters. (First 8 characters)
Primary Proxy Address found. Value = SMTP:jwalter@xxxxxxxxxxx
Primary Proxy Address and mail attribute match.
Primary Proxy Address = jwalter@xxxxxxxxxx, mail attribute =
jwalter@xxxxxxxxxxx
Primary Proxy Address has a valid domain. Value = @cemins.com
Now on to the next step.
MESSAGE #6 "Rebecca" wrote:
Dave, I just discovered something that MIGHT mean that one of my previous
steps had already solved the problem, but maybe I had not waited long enough
for the changes to replicate from the server to the client. Not sure.
We have two AD user accounts that have/had the same problem, and all of the
various steps that I already did by myself before I contacted you were done
for the account that was in the AutoComplete as dpritchard <amazzarisi>. No
matter what I did, it was still appearing incorrectly which is what led me to
contact you. However, as of today that account is showing up correctly as
dpritchard <dpritchard>. Everywhere!
However, we still have jwalter <jgoulding>. I really don't want to re-do
EVERY step that I tried with dpritchard because I did A LOT and I don't know
which one was the trick. So, what do you recommend as my next step for
jwalter <jgoulding>?
MESSAGE #7 "Dave Goldman [MSFT]" wrote:
I would hold off a bit more to make sure that your replication between
domain controllers is working as fast as it should. You can use a tool
called repadmin /showmeta "dn of object" and then get ldp dumps of the user
object from both domain controllers to ensure that it is the same on both
sides. For that object OABInteg is showing that in the active directory that
users rnd portion has not been changed yet, so trying to email via legDN or
by using the nicknames cache will fail.
I am not sure if you know how to use the DS Servers key on your Outlook
client for testing purposes but if you do you can look at the OABInteg log
to see what domain controller the first test connected too. Set the DS
Servers key on your client in HKLM\Software\Microsoft\Exchange\Exchange
Provider, add a Value type: REG_SZ Value: servername of your other domain
controller and run OABInteg again. This registry key will force your client
to connect to and only that domain controller specified. Once this is done
you can remove the registry key and compare the OABInteg results to see if
the objects are the same or different.
MESSAGE #8 "Rebecca" wrote:
Actually we only have one domain controller, so I think that part of step 2
is not relevant.
Don tried these steps and it seems to have changed the LegacyDN correctly in
the LDAP database, as evidenced by the output of OABInteg but we won't know
until tomorrow morning if it replicated and really fixed the problem.
On the Exchange Server
Start> Run> LDP
Choose Connection > Connect (connect to server)
Choose Connection > bind (log on as Administrator)
Choose View> tree (leave BaseDN box blank)
Click on plus sign to expand
Double click on the Users line
Double-click to choose user Judy Walter
Right-click choose Modify
Attributes = LegacyDN
Values = /o=CEM/ou=first administrative group/cn=Recipients/cn=jwalter
Choose Replace
Choose Enter
Choose Run
After that, when we run the OABInteg again, the jgoulding is gone and it
says jwalter where it's supposed to.
MESSAGE 9 "Rebecca" wrote:
Eventually, after we fix jwalter <jgoulding> I guess what I really need is
the answer to this question: if user Mary Zielinksi (mzielinski) gets
married and changes her name to Mary Smith (msmith) then EXACTLY what steps
am I supposed to take?
I would expect to be able to rename her account in Active Directory and
rename her Exchange mailbox and email address without losing all of the email
and contacts that she received as Mary Zielinski. And then I would expect
that when logs on to her own cleint computer after the wedding, her old Mary
Zielinski desktop should still be there with everything correct?
I wouldn't expect that I should need to go through such a complicated process.
MESSAGE 10 "Dave Goldman [MSFT]" wrote:
Most people I know recommend to add another proxy address (smtp or x500 -
make sure the legacyExchageDN is the same, just the RDN changes /cn=davegold
to /cn=dgoldman). This way everything can stay the same and your users can
continue to get email to the old account address and new one. You can also
change the display name so this way the gal will refelect the new name
change. I dont really see the point to changing the RDN portion as this
really affects the login account name and will break mailflow. If you wanted
to change the way the user logs in you could do this.
With any proxy changes you need to make sure that the mail attribute and the
primary proxy address (the one denoted in capitals SMTP) are the same as the
below example
MESSAGE #11 "Rebecca" wrote:
Dave: yes, running LDP as described in my previous email shown below DOES fix
the problem in Outlook autocomplete!!! I waited overnight to be sure the GAL
was updated and replicated everywhere, and
I had to complete a couple additional steps steps on my Outlook
(I deleted the old jwalter <jgoulding> from the autocomplete list, and
then I chose Tools> Send Receive> Download Address Book
then I sent a message to Judy and
then her autocomplete shows up correctly as Judy Walter <jwalter>
My two incorrect user accounts are now correct, so we solved my SPECIFIC
problem, but now I'd like to solve the GENERAL problem of why this happened
in the first place and how to prevent it.
Below are the steps that I use to rename a user account. Are these the
correct steps? Is there a single document anywhere that explains the correct
steps to rename a user account and its associated Exchange Mailbox? I don't
really think these steps are corect, because after I do them, Joyce Lincoln
can log on to her own machine, but her folder name inside Documents and
Settings is still jkennedy, and when I open Outlook the mailbox name still
says Joyce Kennedy, even though it's clearly displaying the new emails that
were sent to her account after it was renamed to Joyce Lincoln. All this
might be because I didn't wait the 24 hours
HERE ARE THE STEPS I USE TO RENAME, WHAT'S WRONG?
Open Active Directory Users and Computers
Right-click on the old username Joyce Kennedy, choose Rename
(dialog box does not open yet, the old name Joyce Kennedy remains in the
list and simply changes to blue color)
Type in the new full name Joyce Lincoln, press Enter
Rename User dialog box opens
Full Name is already completed with the new name Joyce Lincoln
First Name leave Joyce as Joyce
Last Name change Kennedy to Lincoln
Display Name was automatically changed to Joyce Lincoln when the last name
was changed in previous step
User Logon Name change jkennedy to jlincoln
User logon name pre-Windows 2000 was automatically changed to jlincoln when
the user logon name was changed in previous step
Choose OK
Still in Active Directory, right-click on the new username Joyce Lincoln,
choose Properties
General Tab opens automatically, first name is Joyce, last name is Lincoln,
display name is Joyce Lincoln, email address is jkennedy@xxxxxxxxxx
Still on General Tab change email address jkennedy@xxxxxxxxxx to
jlincoln@xxxxxxxxxx
Choose Email Addresses Tab, displays an SMTP line and an X400 line
leave SMTP jlincoln@xxxxxxxxxx as is
X400 line still contains Joyve Kennedy, so choose x400 line, choose remove
Return to General Tab and choose OK
Now go and see if other users can send email to Joyce Lincoln
jlincoln@xxxxxxxxxx and check to see whether the Outlook autocomplete
displays as
jlincoln <jlincoln> or jlincoln <jkennedy>
It's about 10:25 am so now watch to see how long it takes for the new name
to appear in the GAL on any other user's Outlook.
When I go to another user's Outlook, choose New, To, Global Address List the
OLD name is still in their GAL because their GAL is an offline address book
that was previously downloaded from the Exchange Server, and has not yet been
updated. That makes sense to me. If I do nothing, then the new GAL should
be pushed automatically from the Exchange Server to the Outlook clients
tomorrow morning at 4:00 a.m. is that right?
However, in the meantime if the user manually types in jlincoln@xxxxxxxxxx
and sends the email, then jlincoln does receive the new email message
.
- Follow-Ups:
- Prev by Date: RE: Cant Mount Public Folder DB
- Next by Date: claiming to be a host
- Previous by thread: RE: Cant Mount Public Folder DB
- Next by thread: RE: Dave Goldman help: rename AD user creates prob w autocomplete Outl
- Index(es):
Relevant Pages
|
