Hi I was just wondering if anyone can help me resolved an issue which I have noticed on our Exchange 2007 setup. I deleted some users from AD using a powershell script who have now left weeks ago and now I have had calls and noticed on my own outlook that I can still see old users even though they dont have a mailbox or AD account. It seems different users can see different deleted users. For example I see a colleague who left but my colleague cannot see that colleague when he logs in to outlook. Seems like some sort of caching issue. Even users who use OWA can see old users. On the exchange server I have run the following commands: update-globaladdresslist -identity "Default Global Address List" -domaincontroller {domain controller names} Ran this command for both of our DC's. get-offlineaddressbook | update-offlineaddressbook Left it for 24 hours and it seems like it has cleared some but some old users can still be searched. When I run the update-globaladdresslist -identity "Default Global Address List" command I do get some yellow warning messages which say: WARNING: The recipient "Domain name/Microsoft Exchange System Objects/OAB Version 2" is invalid and could not be updated. WARNING: The recipient "Domain name/Microsoft Exchange System Objects/OAB Version 3a" is invalid and could not be updated. WARNING: The recipient "Domain name/Microsoft Exchange System Objects/Offline Address Book - \/o=school name\/cn=addrlists\/cn=oa" is invalid and could not be updated. I think these messages are related to why the old users are not clearing. Any suggestions on what I could do to resolve this? Thanks

On Wed, 15 Sep 2010 18:04:06 +0000, Ranjb wrote: >Hi I was just wondering if anyone can help me resolved an issue which I have noticed on our Exchange 2007 setup. I deleted some users from AD using a powershell script who have now left weeks ago and now I have had calls and noticed on my own outlook that I can still see old users even though they dont have a mailbox or AD account. It seems different users can see different deleted users. For example I see a colleague who left but my colleague cannot see that colleague when he logs in to outlook. Seems like some sort of caching issue. Even users who use OWA can see old users. If they're accessible in OWA they're still in your AD. Check each domain controller for their presence. If you find them on once DC but no on another you have a DC replication problem. >On the exchange server I have run the following commands: update-globaladdresslist -identity "Default Global Address List" -domaincontroller {domain controller names} Ran this command for both of our DC's. get-offlineaddressbook | update-offlineaddressbook Left it for 24 hours and it seems like it has cleared some but some old users can still be searched. When I run the update-globaladdresslist -identity >"Default Global Address List" command I do get some yellow warning messages which say: WARNING: The recipient "Domain name/Microsoft Exchange System Objects/OAB Version 2" is invalid and could not be updated. WARNING: The recipient "Domain name/Microsoft Exchange System Objects/OAB Version 3a" is invalid and could not be updated. WARNING: The recipient "Domain name/Microsoft Exchange System Objects/Offline Address Book - \/o=school name\/cn=addrlists\/cn=oa" is invalid and could not be updated. I think these messages are related to why the old users are not clearing. Any suggestions on what I could do to resolve this? Thanks Those have nothing to do with your problem, They're warnings that the different versions of the OAB (which are mail-enabled) really aren't valid recipients. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

If they're accessible in OWA they're still in your AD. Check each domain controller for their presence. If you find them on once DC but no on another you have a DC replication problem. Hi I have checked both the DC's and they seem to be fine and replicating. I dont think this is an AD problem as the users have disappeared from AD and cannot be searchable. I think the problem is likely to do with the GAL or offline GAL but I dont know where to start. I thought running those commands might sort it but it hasn't. Thanks

On Thu, 16 Sep 2010 14:03:04 +0000, Ranjb wrote: >If they're accessible in OWA they're still in your AD. Check each domain controller for their presence. If you find them on once DC but no on another you have a DC replication problem. Hi I have checked both the DC's and they seem to be fine and replicating. I dont think this is an AD problem as the users have disappeared from AD and cannot be searchable. I think the problem is likely to do with the GAL or offline GAL but I dont know where to start. I thought running those commands might sort it but it hasn't. Thanks OWA doesn't use an Offline Address Book, so that can't be the problem. The GAL is just a view of the AD presented through NSPI (Name Service Provider Interface). If the object doesn't exist in the AD then NSPI isn't going to be able to show it to you. Recheck your AD. This time use a tool like LDP and query the Global Catalog Servers on port 3268 instead of the DCs on port 389. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

On Thu, 16 Sep 2010 14:03:04 +0000, Ranjb wrote: >If they're accessible in OWA they're still in your AD. Check each domain controller for their presence. If you find them on once DC but no on another you have a DC replication problem. Hi I have checked both the DC's and they seem to be fine and replicating. I dont think this is an AD problem as the users have disappeared from AD and cannot be searchable. I think the problem is likely to do with the GAL or offline GAL but I dont know where to start. I thought running those commands might sort it but it hasn't. Thanks OWA doesn't use an Offline Address Book, so that can't be the problem. The GAL is just a view of the AD presented through NSPI (Name Service Provider Interface). If the object doesn't exist in the AD then NSPI isn't going to be able to show it to you. Recheck your AD. This time use a tool like LDP and query the Global Catalog Servers on port 3268 instead of the DCs on port 389. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP I can confirm that this is not an AD problem. The old users do not exist in AD at all. What logs do I need to look at when running the LDP tool?

On Thu, 23 Sep 2010 16:08:48 +0000, Ranjb wrote: >On Thu, 16 Sep 2010 14:03:04 +0000, Ranjb wrote: >If they're accessible in OWA they're still in your AD. Check each domain controller for their presence. If you find them on once DC but no on another you have a DC replication problem. Hi I have checked both the DC's and they seem to be fine and replicating. I dont think this is an AD problem as the users have disappeared from AD and cannot be searchable. I think the problem is likely to do with the GAL or offline GAL but I dont know where to start. I thought running those commands might sort it but it hasn't. Thanks OWA doesn't use an Offline Address Book, so that can't be the problem. The GAL is just a view of the AD presented through NSPI (Name Service Provider Interface). If the object doesn't exist in the AD then NSPI isn't going to be able to show it to you. Recheck your AD. This time use a tool like LDP and query the Global Catalog Servers on port 3268 instead of the DCs on port 389. --- Rich Matheisen MCSE+I, Exchange >MVP >--- Rich Matheisen MCSE+I, Exchange MVP >I can confirm that this is not an AD problem. The old users do not exist in AD at all. If they aren't in the AD, and there's no OAB files anywhere on the client machine (I assume you know how to search for files, rather than just looking in suggested directories, and have already done so), then the only place those users will be found is in the Contacts folder of the user's mailbox -- unless you're "finding" those users in the address completion cache on the Outlook client. >What logs do I need to look at when running the LDP tool? There are no logs. The results are displayed in the same window. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP