Outlook offline address book caching incorrect contact certificate details

Question

Outlook offline address book caching incorrect contact certificate details

zerasar 1

Hi All,

Hoping that you might have some insight in an issue we are having.

My workplace uses SMIME certificates to encrypt all of our internal emails.
We publish these to the GAL and typically this works without issues.

However if someone tries to email the new address before I have had a chance to publish the cert to GAL... Their computer appears to remember/cache that the contact cant be emailed with encryption and continues to prompt the sender to send the email unencrypted.

If the sender holds off, and doesnt email for the first time until after the cert is published, then it works perfectly fine.

In my testing I have tried.

Waiting several days for the automatic offline address book update. No fix.
Manually deleting the address from the automatic address suggestions. No fix.
Using the send/receive menu to download a FULL copy of the GAL. No fix.
Using the online GAL, save the contact locally to the senders address book. Success! But if you delete the contact the issue returns.
Testing by flipping Outlook into Exchange online mode. Success... Returned back to cached mode... No permanent fix.
Manually deleting the Offline Address Book files when outlook was shutdown. Success. Permanent fix.

I think that my testing seems to confirm that the OAB is caching something about this contact and despite the online GAL having the correct information, the OAB does not seem to fully update on its own.

I don't think it suitable to just tell my staff to save them to the local address book, or to delete the OAB. It seems to me like something is broken with the OAB sync that needs fixing.

I have also recently been advised by my manager that this is also affecting certificate renewals. i.e. The OAB is remembering the old cert details and not downloading the new information from the GAL. Though I have not had the chance to test this specific scenario just yet.

When researching the certificate issue... Every thread i found said just to save the contact locally. I was not able to locate a cleaner more automated fix for this.

On a side note, I have researched this but was not clear... The auto-complete suggestions... Are they also kept in the OAB?
Back in the day they were in NK2 files, or a separate contacts folder. Neither appears to be the case these days.

If deleting the OAB does not touch the suggestions, it won't hurt too much as a work around... But it still feels messy.

1 answer

Your answer

Answer 1

Jade Liang-MSFT 9,986 Microsoft Employee

Hi @Zerassar-0144,

Welcome to our forum.

Manually deleting the address from the automatic address suggestions. No fix. Manually deleting the Offline Address Book files when outlook was shutdown. Success. Permanent fix.

Is the time between these 2 tests a long interval? In order to further confirm if it's an random condition, it's suggested to perform these tests on other users with a short interval to check if it has any difference.

According to your description, the issue may be more related to OAB couldn't download full information in GAL, I have researched a lot about what the different information would be downloaded to OAB between we mannualy download OAB and delete OAB files but still in vain. However, I find an article that mentioned some methods to update the OAB in Exchange and Outlook and we could change the full OAB download threshold via adding the register value in register key, maybe you could try to follow the steps as this article mentioned to check if it could also work for you : Updating the Offline Address Book in Exchange and Outlook(Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.)

Hope that would be helpful to you.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

zerasar 1 Reputation point

2021-02-17T01:38:01.163+00:00

Hi Jade,

It was performed on my own PC with a short interval.
Other colleagues/staff performed the first test at my suggestion on their own machine with no resolution.
I have not yet performed the second test on other staff, but am confident that it would resolve the issue.

The reason being, is that both the OAB deletion, and the testing in Exchange Online mode, suggest a problem with the offline cache.

I've gone through the URL that you have mentioned...
Several of those suggestions merely show different ways to update the OAB or change the default download behaviour. As mentioned in my OP I've already attempted a FULL OAB update using the Outlook menu's and this did nott appear to help.
zerasar 1 Reputation point

2021-02-17T01:38:23.14+00:00

I suspect that using cached Exchange without the OAB option... Would naturally work, as it would very much replicate my earlier Online Exchange test, but this would leave my users without access if they can't reach the GAL for whatever reason.

We're using O365 so not sure if the latter options requiring the EMC and EMS would be possible, but the next time I encounter the issue I will give it a try. Though based on the discription I am not hopeful... It sounds like just another manual update which I've already tried variations of earlier with no success.
zerasar 1 Reputation point

2021-02-17T01:38:44.407+00:00

Actually on deeper thinking about the suggestions using the EMC and EMS... I do not think they are the source of the problem.

When I deleted the cached files on the laptop, this would have forced Outlook to recreate them from scratch using the OAB files from O365. This would seem to imply that the creation of the OAB server side is working ok. And that it is somehow just the way that Outlook is downloading and saving the delta's/full copies that is the issue.
Jade Liang-MSFT 9,986 Reputation points Microsoft Employee

2021-02-19T09:13:36.317+00:00

Hi @Zerassar-0144,

Thanks for your update,

And that it is somehow just the way that Outlook is downloading and saving the delta's/full copies that is the issue

Agree with you, I think Outlook may not be able to download full copy when you download OAB manually for some reasons. Have you tried to uncheck "Download changes since last send/receive" and re-download the address book, unchecing this option may cause a full download of the OAB.

If the issue still exists, in the point of Outlook client, what's the specific version of your outlook client(File>Office account>About Outlook), please ensure that you have updated to the latest version of Outlook. Then, in order to avoid the interference of add-ins, it's suggested to test in safe mode to check(Windows+R>type "Outlook.exe /safe">enter)
zerasar 1 Reputation point

2021-02-21T22:51:24.15+00:00
Hi Jade,

The suggestion in your screen shot is what I referred to in my original post.

"Using the send/receive menu to download a FULL copy of the GAL. No fix."

It is Outlook Office365 Version 2101 Build 13628.20448.

The next time I have a new starter with a cert I can test with I will attempt the safemode. Though I dont think that it will do anything.
I only have default MS add-ins in Outlook. Including the below:

Microsoft Exchange

Microsoft SharePoint Server Colleague Import

Microsoft Teams Meeting Add-In for Microsoft Office

Outlook Social Connector 2016

Microsoft VBA for Outlook (inactive)
Jade Liang-MSFT 9,986 Reputation points Microsoft Employee

2021-02-24T04:57:57.433+00:00

Hi @Zerassar-0144 ,
Thanks for your reply and I'm still researching for your issue. Does it have any update?

As I know, we could usually download full copy of GAL when we download OAB manually in Outlook, but I found the manual downloads are updated in the original folder and may not work properly when your OAB files are corrupted, in this case we may need to delete them and download them again. If that's your case, I think deleting/renaming the original file may be the workaround of your issue.
Jade Liang-MSFT 9,986 Reputation points Microsoft Employee

2021-02-26T10:42:08.573+00:00

Hi @Zerassar-0144 ,
Does this issue have any updates? If it has been resolved, please click "Accept as answer" to mark useful post or share your solution, your action would benefit others who have similar issues. If you have any questions or need further assistance, please feel free to post back. Thanks!
zerasar 1 Reputation point

2021-02-27T01:42:59.913+00:00

testing. Having issues posting.
zerasar 1 Reputation point

2021-02-27T01:44:55.007+00:00

Jade, I have typed a response but across multiple browsers and restarts it wont submit.
Can you please advise what the issue might be?
Ive uploaded my intended response as an attachment instead.

72558-jade.txt
Jade Liang-MSFT 9,986 Reputation points Microsoft Employee

2021-03-01T09:30:02.867+00:00

Hi @zerasar ,

I have typed a response but across multiple browsers and restarts it wont submit.

As I know, it may occur when there are too many characters in a comment, in this condition, you could try to post an answer :).

Sorry for not resolved your issue here, and for your requirement of opening a support request, please refer to this link.

Hope your issue would be resolved soon, and if your issue has any update, welcome to share it here. Thanks.

Share via

Outlook offline address book caching incorrect contact certificate details

1 answer

Your answer