Exchange Server 中的脱机通讯簿Offline address books in Exchange Server

脱机通讯簿(OAB)是地址列表集合的本地副本。An offline address book (OAB) is a local copy of an address list collection. Oab 用于由在缓存 Exchange 模式下配置的 Outlook 客户端进行的通讯簿查询。OABs are used for address book queries by Outlook clients that are configured in cached Exchange mode. Oab 是与 Exchange server 断开连接的 Outlook 客户端的唯一选项,但也可以先通过连接的 Outlook 客户端查询,以帮助减少 Exchange 服务器上的工作负荷。OABs are the only option for Outlook clients that are disconnected from the Exchange server, but they're also queried first by connected Outlook clients as a way to help reduce the workload on Exchange servers. 您可以配置在 OAB 中包含的地址列表、对特定 Oab 的访问权限、生成 Oab 的频率以及 Oab 的分发位置。You can configure which address lists are included in an OAB, access to specific OABs, how frequently the OABs are generated, and where the OABs are distributed from.

默认情况下,新安装的 Exchange 会在服务器上创建一个名为 "默认脱机通讯簿" 的 OAB。By default, a new installation of Exchange creates an OAB named Default Offline Address Book on the server. 此 OAB 也是默认的 OAB,这意味着它是未向其分配 OAB 的邮箱和邮箱数据库使用的 OAB。This OAB is also the default OAB, which means it's the OAB that's used by mailboxes and mailbox databases that don't have an OAB assigned to them.

Exchange 2013 中的 Oab 和更高版本在 Exchange 2010 中通过 Oab 改进。OABs in Exchange 2013 and later are improved over OABs in Exchange 2010. 这些更改是在 Exchange 2013 中引入的:These changes were introduced in Exchange 2013:

  • 仅支持基于 web 的分发(公用文件夹分发功能不再可用)。Only web-based distribution is supported (public folder distribution is no longer available). 基于 Web 的分发允许:Web-based distribution allows:

    • 支持客户端计算机的更多并发下载。Support for more concurrent downloads by client computers.

    • 降低了带宽使用率。Reduced bandwidth usage.

    • 对 OAB 分发点的更多控制。More control over the OAB distribution points.

  • 仅支持 OAB 版本4。Only OAB version 4 is supported. 此版本的 OAB 是 Unicode,并且允许客户端接收差异更新,而不是始终使用完全下载。This version of the OAB is Unicode, and allows clients to receive differential updates, instead of always using full downloads. Exchange 完全支持 OAB 版本4支持的所有 Outlook 版本。All versions of Outlook that are supported by Exchange fully support OAB version 4.

  • 邮箱助理(不是 Microsoft Exchange 系统助理服务)是负责生成 Oab 的过程。A mailbox assistant (not the Microsoft Exchange System Attendant service) is the process that's responsible for generating OABs. 这将允许 OAB 生成运行或根据服务器的工作负荷(工作负载管理)进行暂停。This allows OAB generation to run or pause based on the workload of the server (workload management).

  • OAB 生成发生在指定的仲裁邮箱中(而不是指定的 OAB 生成服务器上)。OAB generation occurs in a designated arbitration mailbox (not on a designated OAB generation server). 这些邮箱可以使用数据库可用性组(Dag)来帮助防止 OAB 生成和下载的单一故障点。These mailboxes can use database availability groups (DAGs) to help prevent a single point of failure for OAB generation and downloads.

有关 OAB 过程,请参阅Exchange Server 中脱机通讯簿的过程For OAB procedures, see Procedures for offline address books in Exchange Server.

若要了解有关地址列表的详细信息,请参阅Exchange Server 中的地址列表To learn more about address lists, see Address lists in Exchange Server.

OAB 生成OAB generation

OAB 生成由在 Microsoft Exchange 邮箱助理服务下运行的名为OABGeneratorAssistant的邮箱助理进行控制。OAB generation is controlled by the mailbox assistant named OABGeneratorAssistant that runs under the Microsoft Exchange Mailbox Assistants service. OAB 生成发生在指定的仲裁邮箱中,该邮箱具有 OrganizationCapabilityOABGen PersistedCapability属性的值。OAB generation occurs in a designated arbitration mailbox that has the OrganizationCapabilityOABGen value for the PersistedCapability property. 具有此功能的仲裁邮箱亦称为“组织邮箱”。An arbitration mailbox with this capability is also known as an organization mailbox.

默认情况下,每8小时生成一次 Oab。By default, OABs are generated every 8 hours. 若要更改 OAB 生成计划,请参阅在 Exchange Server 中更改脱机通讯簿生成日程安排To change the OAB generation schedule, see Change the offline address book generation schedule in Exchange Server. 若要手动更新 OAB,请参阅使用 Exchange 命令行管理程序更新脱机通讯簿To manually update an OAB, see Use the Exchange Management Shell to update offline address books.

名为的仲裁邮箱 SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} 是组织中的第一个组织邮箱。The arbitration mailbox named SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} is the first organization mailbox in your organization. 默认情况下,此组织邮箱负责生成所有 Oab (名为默认脱机通讯簿的第一个 OAB,以及您创建的任何新 Oab)。By default, this organization mailbox is responsible for generating all OABs (the first OAB named Default Offline Address Book, and any new OABs that you create).

您可以创建其他组织邮箱来生成 Oab。You can create additional organization mailboxes to generate OABs. Exchange Server 包含对在 Exchange 2013 累积更新7(CU7)中引入的 OAB 生成功能的改进:Exchange Server contains the improvements to OAB generation that were introduced in Exchange 2013 Cumulative Update 7 (CU7):

  • 您可以将多个 Oab 配置为由同一个组织邮箱生成,但不能将 OAB 配置为由多个组织邮箱生成。You can configure multiple OABs to be generated by the same organization mailbox, but you can't configure an OAB to be generated by more than one organization mailbox. 如果您配置了带有多个组织邮箱的 OAB,则该 OAB 的每个副本都具有不同的唯一标识符。If you configured an OAB with multiple organization mailboxes, each copy of the OAB had a different unique identifier. 因此,只要客户端被代理到不同的组织邮箱位置,就需要完全下载 OAB。So, a full OAB download was required whenever a client was proxied to a different organization mailbox location.

  • 您可以配置 OAB 以允许将只读副本(也称为卷影副本)分发到组织中的所有组织邮箱(也称为 "卷分布")。You can configure an OAB to allow a read-only copy (also known as a shadow copy) to be distributed to all organization mailboxes in the organization (also known as shadow distribution). OAB 的所有副本都具有相同的唯一标识符,因此,在将客户端代理到不同的组织邮箱位置时,不需要进行 OAB 下载。All copies of the OAB have the same unique identifier, so full a OAB download isn't required when a client is proxied to a different organization mailbox location.

    通常情况下,仅在多站点 Exchange 组织中需要卷影副本。Typically, shadow copies are only required in multi-site Exchange organizations. 您可以在每个站点中配置组织邮箱,并为 OAB 配置卷影分布,以帮助防止客户端(可能会超过 WAN 链路速度缓慢)的跨站点 OAB 下载请求。You configure an organization mailbox in each site, and you configure shadow distribution for an OAB to help prevent cross-site OAB download requests by clients (likely over slow WAN links). 若要创建其他组织邮箱,请参阅使用 Exchange 命令行管理程序创建组织邮箱To create additional organization mailboxes, see Use the Exchange Management Shell to create organization mailboxes.

    下一节中详细介绍了阴影分布。Shadow distribution is described in detail in the next section.

若要查找所有组织邮箱以及为 OAB 定义的组织邮箱,请参阅使用 Exchange 命令行管理程序查找组织邮箱To find all organization mailboxes, and the organization mailbox that's defined for an OAB, see Use the Exchange Management Shell to find organization mailboxes.

将生成 OAB 文件并将其存储在指定的组织邮箱中,因此 OAB 下载请求的目标是保存组织邮箱的主动副本的邮箱服务器。The OAB files are generated and stored in the designated organization mailbox, so the destination for OAB download requests is the Mailbox server that holds the active copy of the organization mailbox. 将 OAB 文件从组织邮箱复制到,以 %ExchangeInstallPath%ClientAccess\OAB\<OAB GUID> 供客户端检索。The OAB files are copied from the organization mailbox to %ExchangeInstallPath%ClientAccess\OAB\<OAB GUID> for retrieval by clients. 客户端永远不会直接连接到此后端位置。Clients never connect directly to this backend location. 对 OAB 的客户端请求由邮箱服务器上的客户端访问(前端)服务代理到此后端位置。Client requests for the OAB are proxied by the Client Access (frontend) services on a Mailbox server to this backend location.

OAB 分布OAB distribution

默认情况下,将 Outlook 客户端配置为每隔24小时下载一次 OAB,或者用户可以随时从 Outlook 启动手动下载。By default, Outlook clients are configured to download the OAB every 24 hours, or users can initiate a manual download from Outlook at any time.

向客户端的 OAB 分发取决于 Internet 信息服务(IIS)虚拟目录和自动发现服务。OAB distribution to clients depends on Internet Information Services (IIS) virtual directories and the Autodiscover service. 用于客户端访问 Oab 的 IIS 虚拟目录位于邮箱服务器上的客户端访问(前端)服务中的 "默认网站" 中,命名为 "OAB (默认网站)"。The IIS virtual directory that's used for client access to OABs is located in the default web site in the Client Access (frontend) services on the Mailbox server, and is named OAB (Default Web Site). 在安装 Exchange 时,将自动创建此虚拟目录,并将其配置为在 URL 中为内部客户端 https://<ServerName>/oab 提供服务(例如, https://mailbox01.contoso.com/oab )。This virtual directory is automatically created when you install Exchange, and is configured to service internal clients at the URL https://<ServerName>/oab (for example, https://mailbox01.contoso.com/oab). 您需要手动配置用于将 Oab 分发给外部客户端的外部 URL。You'll need to manually configure the external URL that's used to distribute OABs to external clients. 有关详细信息,请参阅在Exchange 服务器上配置邮件流和客户端访问中的步骤4:配置外部 urlFor more information, see Step 4: Configure external URLs in Configure mail flow and client access on Exchange servers.

在 OAB 的属性中,可以配置可用于将 OAB 分发到客户端的 OAB 虚拟目录。In the properties of the OAB, you can configure the OAB virtual directories that are available to distribute the OAB to clients. 默认设置将 OAB 分配限制为服务器上保留 OAB 的组织邮箱的 OAB 虚拟目录。The default setting restricts OAB distribution to the OAB virtual directories on the server that holds the OAB's organization mailbox. 但是,任何邮箱服务器上的客户端访问服务都可以将传入的 OAB 下载请求代理到正确的位置。However, the Client Access services on any Mailbox server can proxy incoming OAB download requests to the correct location. 因此,我们建议您将所有 OAB 虚拟目录配置为接受下载 OAB 的请求。Therefore, we recommend that you configure all OAB virtual directories to accept requests to download the OAB. 有关说明,请参阅使用 Exchange 命令行管理程序配置组织中的任何虚拟目录,以接受对 OAB 的下载请求For instructions, see Use the Exchange Management Shell to configure any virtual directory in the organization to accept download requests for the OAB.

自动发现服务会公布您配置的 OAB Url。The Autodiscover service advertises the OAB URLs that you've configured. 所有版本的 Outlook 和实际由 Exchange 当前的所有移动设备都支持自动发现。Autodiscover is supported by all versions of Outlook and virtually all mobile devices that are currently by Exchange. 以下是 OAB 分发过程的摘要:Here's a summary of the OAB distribution process:

  1. Outlook 接收来自自动发现的 OAB URL,并连接到邮箱服务器上的客户端访问(前端)服务。Outlook receives the OAB URL from Autodiscover, and connects to the Client Access (frontend) services on a Mailbox server.

  2. 接受连接的邮箱服务器上的客户端访问服务执行以下步骤:The Client Access services on the Mailbox server that accepted the connection performs these steps:

    1. 查询 Active Directory 以查找负责生成用户 OAB 的组织邮箱(默认 OAB、为邮箱数据库指定的 OAB,或为邮箱指定的 OAB)。Queries Active Directory to find the organization mailbox that's responsible for generating the user's OAB (the default OAB, the OAB that's specified for the mailbox database, or the OAB that's specified for the mailbox).

    2. 再次查询 Active Directory 以查找承载 OAB 的组织邮箱的邮箱数据库,以及当前保留数据库的主动副本的邮箱服务器。Queries Active Directory again to find the mailbox database that hosts the organization mailbox for the OAB, and the Mailbox server that currently holds the active copy of the database.

    3. 将 OAB 下载请求代理到标识的邮箱服务器。Proxies the OAB download request to the identified Mailbox server.

    4. 从后端位置检索 OAB 文件 %ExchangeInstallPath%ClientAccess\OAB\<GUID> 并将其代理回客户端。Retrieves the OAB files from the backend location %ExchangeInstallPath%ClientAccess\OAB\<GUID> and proxies them back to the client.

如果 OAB 的卷影副本存在于本地 Active Directory 站点(用户从中进行连接的站点)的组织邮箱中,则使用本地邮箱服务器下载 OAB。If a shadow copy of the OAB exists in an organization mailbox in the local Active Directory site (the site where the user is connecting from), then a local Mailbox server is used to download the OAB. 但是,组织邮箱之间的卷影副本的同步是按需执行的。However, synchronization of the shadow copy between organization mailboxes is performed on-demand. 以下是相应的工作方式:Here's how it works:

  1. 假设组织邮箱没有合适的 OAB 卷影副本。Let's say the organization mailbox doesn't have a suitable shadow copy of the OAB. 这可能是由下列情况引起的:This can be caused by the following conditions:

    • 客户端从未请求下载卷影副本。A client has never requested a download of the shadow copy.

    • 卷影副本已过期。The shadow copy is out of date. 当已生成并发布父 OAB 的更新副本(手动或通过默认的8小时 OAB 生成计划)时,卷影副本可识别。Shadow copies are aware when an updated copy of the parent OAB has been generated and published (manually, or by the default 8 hour OAB generation schedule). 受影响的邮箱服务器将停止向客户端分发过时的卷影副本。The affected Mailbox servers will stop distributing the outdated shadow copy to clients.

  2. 第一个客户端尝试下载卷影副本将 0x80190194 (BG_E_HTTP_ERROR_404) 在 Outlook 中收到错误。The first client tries to download the shadow copy will receive error 0x80190194 (BG_E_HTTP_ERROR_404) in Outlook. 这将触发从父卷到卷影副本的 OAB 的完整副本。This will trigger a full copy of the OAB from the parent to the shadow copy. 将报告以下事件:The following events are reported:

    • Event ID: 102

      Source: MSExchange OABRequestHandler

      Description: The OABRequestHandler has begun downloading the OAB <GUID> from the server <Server>.

    • Event ID: 103

      Source: MSExchange OABRequestHandler

      Description: The OABRequestHandler has finished downloading the OAB <GUID>.

  3. OABRequestHandler将最大从包含父 OAB 生成邮箱的邮箱服务器中复制 OAB 文件的最大立即尝试三次。The OABRequestHandler will make up to three immediate attempts to copy the OAB files from the Mailbox server that holds the parent OAB generation mailbox. 如果所有三次尝试均失败,则 OABRequestHandler 会在一小时后重试复制。If all three attempts fail, the OABRequestHandler will retry the copy after one hour. 将报告以下事件:The following events are reported:

    • Event ID: 104

      Source: MSExchange OABRequestHandler

      Description: Download of the OAB <GUID> failed. The job will be re-submitted. The error was: BG_ERROR_CONTEXT=BE_ERROR_CONTEXT_REMOTE_FILE; error code=0x80190194

    • Event ID: 105

      Source: MSExchange OABRequestHandler

      Description: Download of the OAB <GUID> has failed too many times. The job will not be resubmitted for the next hour.

  4. 如果为卷影分布配置了 OAB,但本地 Active Directory 站点中没有组织邮箱(用户从其连接的网站),客户端访问服务会将 OAB 下载请求代理回包含父 OAB 的组织邮箱的邮箱服务器。If the OAB is configured for shadow distribution, but there's no organization mailbox in the local Active Directory site (the site where the user is connecting from), the Client Access services will proxy the OAB download request back to the Mailbox server that holds the organization mailbox for the parent OAB.

导致完全 OAB 下载的条件Conditions that cause a full OAB download

对 Oab 的改进通常要求客户端下载 OAB 更新,而不是完全和完整 OAB。The improvements to OABs typically require clients to download OAB updates, not the full and complete OAB. 但是,有时需要完全 OAB 下载。However, full OAB downloads are sometimes required. 例如:For example:

  • Changes.oab文件大于或等于完整 OAB 文件大小的一半。The Changes.oab files are greater than or equal to half the size of the full OAB files. Outlook 将 Changes.oab 更新 OAB 所需的压缩文件的总大小与服务器上压缩的完整 oab 文件的总大小进行比较。Outlook compares the total size of the compressed Changes.oab files that are required to update the OAB to the total size of the compressed full OAB files on the server.

  • 你的计算机上没有 OAB (例如,在 Outlook 的初始安装期间)。There's no OAB on your computer (for example, during the initial setup of Outlook).

  • 服务器上缺少差异文件。A differential file is missing on the server. 缺少差异文件可能是由下列情况引起的:Missing differential files can be caused by the following conditions:

    • 您未使用 Outlook 在30天内连接到您的 Exchange 邮箱(默认情况下,差异文件存储在服务器上30天)。You haven't used Outlook to connect to your Exchange mailbox in more than 30 days (by default, the differential files are stored on the server for 30 days).

    • 服务器无法在更新 OAB 的本地副本所需的一天内生成差异文件。The server couldn't generate the differential file for a day that's required to update your local copy of the OAB.

  • 服务器上提供了 OAB 的较新版本(例如,你的邮箱已从 Exchange 2010 升级,并且 OAB 的本地副本是版本3)。A more recent version of the OAB is available on the server (for example, your mailbox was upgraded from Exchange 2010, and your local copy of the OAB is version 3).

  • 向 OAB 应用更改失败。Applying changes to the OAB failed. 例如,服务器上的差异文件损坏(服务器在差异文件生成过程中出现故障)。For example, differential files are corrupted on the server (the server crashed during differential file generation).

  • OAB 在你的计算机上不存在(例如,你手动删除了一个或多个本地 OAB 文件)。The OAB is not present on your computer (for example, you manually deleted one or more local OAB files).

  • 上一次完全下载失败,因此 Outlook 必须重新开始。A previous full download failed, so Outlook has to start over.

  • 您启动了完整 OAB 的手动下载。You initiated a manual download of the full OAB.

OAB 规划和部署OAB planning and deployment

无论您是使用单个 OAB 还是多个 Oab,在计划和实现 OAB 策略时,请考虑以下因素:Whether you use a single OAB or multiple OABs, consider the following factors as you plan and implement your OAB strategy:

  • 组织中每个 OAB 的大小。Th size of each OAB in your organization. OAB 大小可能会从几 mb 到数百 mb。OAB sizes can vary from a few megabytes to hundreds of megabytes. 以下因素会影响 OAB 的大小:The following factors can affect the size of the OAB:

    • 组织中证书的使用情况。The usage of certificates in your organization. 公钥基础结构(PKI)证书越多,OAB 就越大。The more public key infrastructure (PKI) certificates, the larger the OAB. PKI 证书范围为 1 kb 到 3 KB。PKI certificates range from 1 kilobyte (KB) to 3 KB. 它们是 OAB 大小的一个最大参与者。They're the single largest contributor to the OAB size.

    • 组织中的邮件收件人数。The number of mail recipients in your organization.

    • 组织中的组数。The number of groups in your organization.

    • 组织添加到每个收件人对象的用户信息。User information that your organization adds to each recipient object. 例如,一些组织为每个用户配置完整地址和联系人详细信息。For example, some organizations configure full address and contact details for each user.

  • OAB 下载的数量。The number of OAB downloads.

  • Active Directory 中的收件人对象的父级可分辨名称更改的数目和频率。The number and frequency of parent distinguished name changes for recipient objects in Active Directory.

  • SMTP 地址不匹配。SMTP address mismatches.

  • 对 Active Directory 所做的更改的总数。The overall number of changes that you make to Active Directory.

  • 在 Active Directory 中通过使用 Exchange 之外的方法隐藏在 Active Directory 中的收件人将在 Oab 中可见(例如,通过使用 Windows 安全描述符)。Recipients that you've hidden in Active Directory by using methods outside of Exchange will be visible in OABs (for example, by using the Windows security descriptor). 若要有效地隐藏 Oab 中的收件人,请在 Exchange 管理中心(EAC)或 Exchange 命令行管理程序中对应的收件人管理 cmdlet 中的_HiddenFromAddressListsEnabled_参数中配置收件人的 "在地址列表中隐藏" 属性。To effectively hide recipients in OABs, configure the Hide from address lists property for the recipient in the Exchange admin center (EAC) or the HiddenFromAddressListsEnabled parameter in the corresponding recipient management cmdlet in the Exchange Management Shell. 有关详细信息,请参阅隐藏收件人地址列表For more information, see Hide recipients from address lists. 或者,您可以创建不包含隐藏收件人的地址列表,将地址列表分配给 OAB,并将 OAB 分配给用户(直接或通过将 OAB 设置为默认值)。Or, you can create an address list that doesn't include the hidden recipients, assign the address list to the OAB, and assign the OAB to users (directly or by making the OAB the default). 有关创建地址列表的详细信息,请参阅创建地址列表For more information about creating address lists, see Create address lists.

将 OAB 生成移动到另一台服务器Move OAB generation to another server

在 Exchange 2010 中,将 OAB 生成移动到另一台服务器需要您在 OAB 的属性中指定不同的生成服务器。In Exchange 2010, moving OAB generation to another server required you to specify a different generation server in the properties of the OAB. 但在 Exchange 2013 中,Exchange 2016 和 Exchange 2019 中,OAB 生成发生在设计的组织邮箱中,而不是在指定的服务器上。But in Exchange 2013, Exchange 2016 and Exchange 2019, OAB generation occurs in a designed organization mailbox, not on a designated server. 若要将 OAB 生成移动到另一台服务器,您需要移动组织邮箱。To move OAB generation to another server, you need to move the organization mailbox. 例如:For example:

请记住,您可以将多个 Oab 配置为使用相同的组织邮箱,但不能将 OAB 配置为使用多个组织邮箱。Remember, you can configure multiple OABs to use the same organization mailbox, but you can't configure an OAB to use more than one organization mailbox. 如果您需要在不同位置(通常位于不同的 Active Directory 站点中)的 OAB 的多个副本,请验证网站中是否存在一个组织邮箱,并为 OAB 启用卷影分布。If you need multiple copies of the OAB in different locations (typically, in different Active Directory sites), verify that an organization mailbox is exists in the site, and enable shadow distribution for the OAB. 有关详细信息,请参阅使用 Exchange 命令行管理程序为脱机通讯簿启用卷影分布For more information, see Use the Exchange Management Shell to enable shadow distribution for offline address books.