Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2009-12-10

An offline address book (OAB) is a copy of a collection of address lists that has been downloaded so that a Microsoft Outlook user can access the information it contains while disconnected from the server. Microsoft Exchange generates the new OAB files, compresses the files, and then places the files on a local share. Exchange administrators can choose which address lists are made available to users who work offline, and they can also configure the method by which the address books are distributed.

For more information about address lists, see Understanding Address Lists.

Important:
OAB data is produced by the Microsoft Exchange System Attendant service running as Local System. If an administrator uses the security descriptor to prevent users from viewing certain recipients in Active Directory, users who download the OAB will be able to view those hidden recipients. Therefore, to hide a recipient from an address list, you set the HiddenFromAddressListsEnabled parameter on the Set-PublicFolder, Set-MailContact, Set-MailUser, Set-DynamicDistributionGroup, Set-Mailbox, and Set-DistributionGroups cmdlets. Alternatively, you can create a new default OAB that doesn't contain the hidden recipients. For more information about how to add or remove address lists from an OAB, see Add or Remove an Address List from an Offline Address Book.

Looking for management tasks related to managing Mailbox servers? See Managing Mailbox Servers.

Contents

Moving OABs Between Exchange Versions

Outlook Clients and OAB Version

OAB Distribution Methods

OAB Considerations

Moving OABs Between Exchange Versions

 

Exchange supports moving OABs only in the following configurations:

  • Between servers running Microsoft Exchange Server 2010

  • From Exchange 2010 to Exchange Server 2007 servers

  • From Exchange 2007 to Exchange 2010 servers

  • From Exchange Server 2003 to Exchange 2010 servers

Exchange doesn't support moving OABs from Exchange 2010 to Exchange 2003 servers.

Return to top

Outlook Clients and OAB Version

You can specify the OAB versions that are generated for client download. The following options are available:

  • OAB version 2 (ANSI OAB)   This OAB format is used with both Microsoft Exchange 2000 Server and Exchange Server version 5.5. Exchange 2003 also supports ANSI OABs. The following versions of Outlook supports OAB version 2:

    • Outlook 2010

    • Office Outlook 2007

    • Office Outlook 2003

    • Outlook 2002

    • Outlook 2000

    • Outlook 98

  • OAB version 3 (Unicode OAB)   This OAB is used for Exchange 2003. This OAB has additional information that helps Outlook reduce server remote procedure calls (RPCs). Additionally, the Unicode OAB has new features that are related to sorting rules for different language locales. These features permit the following versions of Outlook to use the correct sorting rule for the language locale with the OAB:

    • Outlook 2010

    • Outlook 2007

    • Outlook 2003

  • OAB version 4 (Unicode OAB)   This OAB was introduced in Exchange 2003 Service Pack 2 (SP2) and is supported by Outlook 2003 (SP2), Outlook 2007, and Outlook 2010. This Unicode OAB allows client computers to receive differential updates rather than full OAB downloads.

Outlook Clients That Use OAB Version 3 and Version 2

For Outlook clients that use OAB version 3 and version 2, if the size of the Changes.oab file is one-eighth (or more) the size of the entire OAB file, Outlook initiates a full OAB download.

For example, Outlook will obtain the size of the compressed Changes.oab files. Outlook will then obtain the total size of all the compressed full OAB files on the server, including the templates. If the size of the Changes.oab files is greater than one-eighth the size of the full OAB files, Outlook will download the full OAB instead of the incremental files.

Minor changes to recipient attributes will cause all recipient information to be included in the Changes.oab file. The following are examples of these minor changes:

  • Updating phone numbers to reflect a new area code for a large number of recipients

  • Adding an additional proxy address to a large number of recipients

Therefore, changing minimal bytes of information for half of your recipients could create a Changes.oab file that's larger than one-eighth the size of your entire OAB file.

Outlook Clients That Use OAB Version 4

For Outlook 2010, Outlook 2007, and Outlook 2003 SP2 clients that use OAB version 4, if the size of the Changes.oab files is one-half (or more) the size of the entire OAB files, Outlook initiates a full OAB download. For more information about improvements that have been made in OAB version 4, see "Improvements in Exchange 2003 SP2 and Outlook 2003 SP2" in Improvements for Offline Address Books.

Return to top

OAB Distribution Methods

You can choose which address books are made available to users who work offline. When the OAB generation (OABGen) process occurs, Exchange generates new OAB files, compresses the files, and then places the files on a local share. You can then configure the method by which the address books are distributed. There are two methods by which the OAB is distributed to client computers:

  • Web-based distribution

  • Public folder distribution

Web-Based Distribution

Web-based distribution is the distribution method by which Outlook 2010 or Outlook 2007 clients that are working offline or through a dial-up connection access the OAB. If you use Web-based distribution, you don't have to use public folders.

With Web-based distribution, after the OAB is generated, the Client Access server replicates the files. Web-based distribution uses HTTPS and Background Intelligent Transfer Service (BITS). For an overview about how BITS works, see About BITS.

Important:
Although Web-based distribution is enabled by default and doesn't require further configuration, we recommend that you enable Secure Sockets Layer (SSL) for the OAB distribution point. For more information, see Require SSL for Offline Address Book Distribution.

There are several advantages to using Web-based distribution, including:

  • Support of more concurrent client computers.

  • Reduction in bandwidth usage.

  • More control over the OAB distribution points. With Web-based distribution, the distribution point is the HTTPS Web address where client computers can download the OAB.

To benefit most from Web-based distribution, client computers must be running Outlook 2010 or Outlook 2007. Organizations that also have client computers running Outlook 2003 or earlier can use both public folder distribution and Web-based distribution. The Outlook 2003 Service Pack 1 (SP1) and earlier clients will still access their OABs by using public folders, while Outlook 2010 or Outlook 2007 clients will take advantage of the new Web-based distribution method.

To function properly, Web-based distribution depends on the following components:

  • OAB generation process   This is the process by which Exchange creates and updates the OAB. To create and update the OAB, the OABGen service runs on the OAB generation server. To support OAB distribution, this server must be an Exchange Mailbox server.

  • Microsoft Exchange File Distribution service   The Microsoft Exchange File Distribution service runs on Client Access servers and is responsible for gathering the OAB and keeping the content synched with the content on the Mailbox server.

  • OAB virtual directory   The OAB virtual directory is the distribution point used by the Web-based distribution method. By default, when Exchange is installed, a new virtual directory named OAB is created in the default internal Web site in Internet Information Services (IIS). If you have client-side users that connect to Outlook from outside your organization's firewall, you can add an external Web site. Alternatively, when you run the New-OABVirtualDirectory cmdlet in the Exchange Management Shell, a new virtual directory named OAB is created in the default IIS Web site on the local Exchange Client Access server. For information, see Create an Offline Address Book Virtual Directory.

  • Autodiscover service   This is a feature available in Outlook 2010 or Outlook 2007 and in some mobile devices that automatically configure the clients for access to Exchange. The service runs on a Client Access server and returns the correct OAB URL for a specific client connection. For more information about the Autodiscover service, see Understanding the Autodiscover Service.

The following figure illustrates workflow for the OAB Web-based distribution method. The figure assumes that all client users have the same OAB and that the OAB is distributed to all Client Access servers.

OAB Web-based distribution method diagram

In this figure, a company has offices in London and Sao Paulo. The Mailbox servers for the entire company are in the corporate headquarters in London. Sao Paulo, which is a slow link, has Client Access servers to which the Sao Paulo client users connect to Outlook. In addition, the company has users who work remotely and connect to the corporate network through the Internet.

Before a user connects to a MAPI-based client computer, such as Outlook, the following happens:

  1. The OAB is generated on one of the Mailbox servers in the London office.

  2. On each of the Client Access servers in London, the Microsoft Exchange File Distribution service copies the new OAB files from the OAB Mailbox server in London.

  3. On the Client Access server in Sao Paulo, the Microsoft Exchange File Distribution service copies the files over the slow link from the Mailbox server in London. Depending on the speed of the slow link, the copy process may take from several minutes to several hours. The new OAB isn't made available to client computers until it's completely copied and verified.

    Note:
    Not all Client Access servers will copy the new OAB at the exact same time. There is a poll interval (the default is 8 hours) that starts copying if there are new differential files. The first poll occurs when the Microsoft Exchange File Distribution service starts. Therefore, unless the Client Access servers were started at the same time, the server polls will be different on each Client Access server.

After all of the Client Access servers have copied the OAB content, there are several scenarios by which the client user will download the OAB:

  • Scenario 1   Onsite user

    In this scenario, all actions occur in the London office:

    1. User A, who's located in the London office and whose Outlook is set to Cached Exchange Mode, connects to Outlook.

    2. Outlook connects to the Autodiscover service to obtain the URL to the closest OAB distribution point.

    3. The Autodiscover service returns the URL to one of the Client Access servers in London.

    4. Outlook uses BITS to connect to the URL that was provided by the Autodiscover service.

    5. Outlook downloads the OAB.

  • Scenario 2   Slow link user

    In this scenario, the User B mailbox resides in the London office because there are no Mailbox servers in the Sao Paulo office. Because User B is preparing to leave for a business trip and requires a local copy of the OAB, User B must download the OAB. The User B OAB will be downloaded from the Client Access server that's closest to the Sao Paulo office:

    1. User B, who's located in the Sao Paulo office, connects to Outlook.

    2. Outlook connects to the Autodiscover service to obtain the URL to the closest OAB distribution point.

    3. The Autodiscover service returns the URL to the Client Access server in Sao Paulo.

    4. Outlook uses BITS to connect to the URL that was provided by the Autodiscover service.

    5. Outlook downloads the OAB. However, because the Sao Paulo Client Access server copies the OAB to London over a slow link, User B may not get the most recent version of the OAB.

  • Scenario 3   Internet user

    In this scenario, because the user connects using the Internet, Exchange can't locate the Client Access server that's closest to the user's physical location. Therefore, Exchange defaults to a Client Access server that's close to the user's Mailbox server:

    1. User C, whose Mailbox server is in London, connects to Outlook from the Internet.

    2. Outlook connects to the Autodiscover service to obtain the URL to the closest OAB distribution point.

    3. Because the User C mailbox is located on the Mailbox server in London, the Autodiscover service returns the URL to one of the Client Access servers in London.

    4. Outlook connects to the URL that was provided by the Autodiscover service by using BITS.

    5. Outlook downloads the OAB.

Public Folder Distribution

Public folder distribution is the distribution method by which Outlook 2003 SP1 or earlier clients that are working offline or through a dial-up connection access the OAB. With public folder distribution, the OAB generation process places the files directly in one of the public folders, and then Exchange store replication copies the data to other public folder distribution points.

With public folder distribution, every request for a full OAB download is served immediately. For example, if a public folder that's serving 10,000 users receives 1,000 requests in one hour, and the OAB size is 5 megabytes (MB), the server will immediately transmit 5 gigabytes (GB) of data. Depending on network speed and available bandwidth, this volume of traffic could potentially overload the network for an extended period.

To prevent this overload, you can set a bandwidth threshold to limit the network bandwidth that results from OAB downloads. This process is called throttling.

By default, throttling is turned off. You can activate throttling by adding the following entry to the registry on all public folder servers that host OAB system folders.

Caution:
Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem

Type: DWORD

Value: OAB Bandwidth Threshold (KBps)

Value Data: bandwidth threshold setting (Range: 0 to 4194304 (decimal))

The bandwidth threshold setting is in kilobytes per second (KBps) and should be configured with a decimal value. For example, setting the registry key to a decimal value of 5,000 configures the public folder server to use 5,000 KBps as the bandwidth threshold for OAB downloads, which is approximately 40,960 kilobits per second (Kbps), or 40.96 megabits per second (Mbps). After the setting has been added and configured, Exchange will dynamically detect the registry entry and begin enforcing the bandwidth limit without requiring the Microsoft Exchange Information Store service to restart.

Each time an OAB download request occurs, administrative rights on the Exchange server are verified for the requestor. If the security context that's used for the request is the equivalent of the local administrator on the Exchange server, it's assumed that an internal function is requesting the download. In this event, the requestor is allowed to proceed with a full OAB download. However, the bytes that are transmitted to the administrative client are still calculated as part of the average full OAB bytes downloaded. If the requestor doesn't have administrative rights, the average full OAB bytes that are downloaded over the last 10 seconds are determined. If this value is less than the configured threshold, a full OAB download is allowed.

Note:
Setting the registry key to 0 allows a maximum of one client without administrative rights, in 10 second intervals, at a time to download a full OAB.

When setting the OAB download bandwidth threshold, we recommend that you configure thresholds on the individual servers to values that won't cause an overload of the Exchange server's network adapter or the network. If you haven't already gathered and analyzed network and Exchange server performance data, you should do so before you configure the registry entry.

Effects of OAB Downloads on the Network When Using Public Folder Distribution

Because there are several cases that can cause a large number of full OAB downloads, you should understand the effect on bandwidth that a large OAB download has on the network.

The Exchange server can easily handle many download requests for the OAB. As a result, multiple attempts to download a full OAB over a slow link can saturate a network. (All the available bandwidth is being used.) When this happens, there are two significant effects:

  • Applications that must use the wide area network (WAN) will perform slowly. This is because they wait for their network requests to traverse the saturated WAN link.

  • The actual traffic needed on the WAN increases because individual network requests may time out, resulting in additional requests being made.

When the network becomes saturated, the latency increases, not only the time it takes for each client computer to download the OAB, but the overall duration of the download process. Normally, this means that the data rate for each client computer is reduced. However, if the latency is too high, RPC packets will time out, causing additional RPC requests for the same data to be retrieved. Also, if an Outlook user attempts to download the OAB and the download is canceled or fails, Outlook deletes the data that has been downloaded and attempts to download the OAB again. As a result, more data is requested, which in turn, increases the overall duration for a large set of OAB downloads.

Outlook downloads the OAB from the Exchange server through a series of RPC packets. Each packet is received and acknowledged, and then the next packet is sent. Based on the latency between Outlook and Exchange, a single Outlook client is limited to how quickly it can receive and acknowledge each packet. Because of this delay, a single Outlook client may not be able to saturate a network link. However, as more Outlook clients begin to download the OAB, the combined download rate of all clients could saturate the link. The link will remain saturated until the full OABs are downloaded.

The relationship is linear in that the larger the latency between the Outlook client and the Exchange server, the fewer packets can be received. Fewer clients are able to download an OAB before a slow link is saturated. The reverse is also true. If latency is low, more clients are needed to saturate a slow link. The number of Outlook clients that can download the OAB simultaneously without saturating the WAN will increase as either network latency decreases or network bandwidth increases.

Return to top

OAB Considerations

As a best practice, whether you use a single OAB or multiple OABs, consider the following factors as you plan and implement your OAB strategy:

  • Size of each OAB in your organization. For more information, see "OAB Size Considerations" later in this topic.

  • Number of OAB downloads.

  • Number and frequency of parent distinguished name changes.

  • SMTP address mismatches.

  • Overall number of changes made to the directory.

OAB Size Considerations

For some organizations, the OAB is a small file that remote users occasionally download. For these organizations, downloading the OAB is usually not a concern. However, for some large organizations that have large directories, or for organizations that have deployed Outlook 2003 in Cached Exchange Mode, it may be a concern, especially if the organizations have consolidated Exchange servers into a regional data center.

OAB sizes can vary from a few megabytes to a few hundred megabytes. The following factors can affect the size of the OAB:

  • Usage of certificates in a company. The more public key infrastructure (PKI) certificates, the larger the OAB. PKI certificates range from 1 kilobyte (KB) to 3 KB. They're the single largest contributor to the OAB size.

  • Number of mail recipients in Active Directory.

  • Number of distribution groups in Active Directory.

  • Information that a company adds to Active Directory for each mailbox-enabled or mail-enabled object. For example, some organizations populate the address properties on each user; others don't.

Return to top