The latest compromises via the SolarWinds and Exchange ‘Hafnium’ hacks bubble up an issue I just can’t resist commenting on.
Security
Outlook 2016 Can’t Create linked Mailbox Profile — Outlook 2016 Authentication Changes Impact Profile Creation
Outlook 2016 has a profile creation changes we know about. Specifically, manual profile creation for an Exchange mailbox is no longer available. You must use Auto Discover to create the profile. All previous versions of Outlook using Auto Discover (2007, 2010, and 2013) had manual profile creation as an option if Auto Discover failed. There seems to be another change we weren’t told about.
The msExchQueryBaseDN Attribute Meets the Exchange Availability Service or Why Can’t I See Your Free/Busy Information?
I ran into a rather obscure Exchange Availability Service behavior that will be of little interest to most. So, if you are not working at a hosting company or have never heard of the ‘msExchQueryBaseDN’ attribute, save yourself some time and skip this post.
The ‘msExchQueryBaseDN’ attribute is used to restrict Outlook Web Access’ (OWA) search for mail enabled objects in Active Directory (when simulating the Global Address List) — or at least that is what it was originally used for. Rather than searching for all mail enabled objects, it will search only a portion of Active Directory. The attribute is usually not set because most Exchange organizations have only one Global Address List – The ‘Default Global Address List’ which contains all mail enabled objects.
If you don’t understand why there would be more than one GAL, stop reading here.