OALGen encountered an error while generating the %1 file for version 2 and 3 differential downloads of address list ‘%2’. The offline address list has not been updated so clients will not be able to download the current set of changes. Check other logged events to find the cause of this error. If the cause of the problem was intentional or cannot be resolved, OALGen can be forced to post a full offline address list by creating the DWORD registry key ‘HKEY_LOCAL_MACHINE\\%3\\%4’ and setting it to 1 on this server. When OALGen next generates the offline address list, clients will perform a full OAB download. After that time, the registry key should be removed to prevent further full downloads. %5

Details
Product: Exchange
Event ID: 9360
Source: MSExchangeSA
Version: 8.0
Symbolic Name: evtOALGenDiffErrorNoPost
Message: OALGen encountered an error while generating the %1 file for version 2 and 3 differential downloads of address list ‘%2’. The offline address list has not been updated so clients will not be able to download the current set of changes. Check other logged events to find the cause of this error.
If the cause of the problem was intentional or cannot be resolved, OALGen can be forced to post a full offline address list by creating the DWORD registry key ‘HKEY_LOCAL_MACHINE\%3\%4’ and setting it to 1 on this server. When OALGen next generates the offline address list, clients will perform a full OAB download. After that time, the registry key should be removed to prevent further full downloads.
– %5
   
Explanation

For Microsoft Outlook clients that are running Office Outlook 2003 Service Pack 1 (SP1) or earlier, if a Microsoft Exchange server that is running Exchange Server 2003 Service Pack 2 (SP2) determines that a differences download is more efficient, and if a differences file cannot be generated on a server that is running Exchange 2003 SP2, Exchange Server will not automatically force a full offline address book (OAB) download. Instead, Exchange logs MSExchangeSA event 9360. MSExchangeSA event 9360 indicates that it was unable to produce a differences file and will not produce a full OAB file.

When this event is logged, the users running Outlook 2003 SP1 or earlier will not be able to receive OAB updates until the problem is corrected.

The offline address list has not been updated, so clients will not be able to download the current set of changes.

   
User Action

To resolve this error, do one of the following:

  • In Event Viewer, examine the Application log for events that occur before and after MSExchangeSA event 9360. These related events may help you discover the reason that Exchange cannot generate a differences file for your Outlook clients that are running Outlook 2003 SP1 or earlier.

  • Generate a full OAB download file when a differences file cannot be generated:

    Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.

  • Perform the following procedure to edit the registry.

    1. On the Exchange server, start Regedit.exe.

    2. Open the following registry key:

    3. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters

    4. Right-click Parameters, point to New, and then click DWORD Value.

    5. For the new value name, type OAL post full if diff fails.

    6. Double-click OAL post full if diff fails. In Value data, type 1. Click OK.

    7. Close Regedit.exe.

Before you edit the registry, and for information about how to edit the registry, see Microsoft Knowledge Base article 256986, Description of the Microsoft Windows Registry.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

   
   
Version: 6.5.7596.0
Message: OALGen encountered an error while generating the %1 file for version 2 and 3 differential downloads of address list ‘%2’. The offline address list has not been updated so clients will not be able to download the current set of changes. Check other logged events to find the cause of this error. If the cause of the problem was intentional or cannot be resolved, OALGen can be forced to post a full offline address list by creating the DWORD registry key ‘HKEY_LOCAL_MACHINE\\%3\\%4’ and setting it to 1 on this server. When OALGen next generates the offline address list, clients will perform a full OAB download. After that time, the registry key should be removed to prevent further full downloads. %5
   
Explanation

For Microsoft® Outlook® clients that are running Office Outlook 2003 Service Pack 1 (SP1) or an earlier version, if an Exchange server that is running Exchange Server 2003 Service Pack 2 (SP2) determines that a differences download is more efficient, and if a differences file cannot be generated on a server that is running Exchange Server 2003 SP2, Exchange Server will not automatically force a full offline address book download. Instead, Exchange logs MSExchangeSA event 9360. MSExchangeSA event 9360 indicates that it was unable to produce a differences file and will not produce a full offline address book file.

When this event is logged, the users running Outlook 2003 SP1 or an earlier version will not be able to receive offline address book updates until the problem is corrected.

   
User Action

To resolve this error, use one of the following procedures:

  • In event viewer, examine the Application log for events that occur before and after MSExchangeSA event 9360. These related events may help you discover the reason that Exchange cannot generate a differences file for your Outlook clients that are running Outlook 2003 SP1 or an earlier version.

  • Change the default behavior of the offline address book (OAB) server so that full OAB downloads are generated when a differences download cannot be generated. For more information about how to configure Exchange to generate a full OAB download when a differences download cannot be generated, see How to Generate a Full Offline Address Book Download File When a Differences File Cannot Be Generated in the Offline Address Book Best Practices Guide.

For information about best practices for Exchange Server 2003 offline address books, see the Offline Address Book Best Practices Guide.

Related:

OALGen detected that the file ‘%1’ is corrupted or missing. This indicates data tampering or disk problems. Restore files in this folder from the recent backup or clean up folder content and force a full OAB generation. – %2

Details
Product: Exchange
Event ID: 9373
Source: MSExchangeSA
Version: 8.0
Symbolic Name: evtOALFileChangedOnShare
Message: OALGen detected that the file ‘%1’ is corrupted or missing. This indicates data tampering or disk problems. Restore files in this folder from the recent backup or clean up folder content and force a full OAB generation.
– %2
   
Explanation

This Error event indicates that one or more version 4 offline address book (OAB) files are corrupted or missing. Microsoft Outlook clients cannot download the updated files.

   
User Action

To resolve this Error event, do one or more of the following:

  • If daily backups are available, restore the content of the OABGen folder to the <ExchangeInstallDir> \ExchangeOAB\ <OAB GUID> folder (where <ExchangeInstallDir> is a placeholder for the installation directory of Microsoft Exchange Server 2007 and <OAB GUID> is a placeholder for the name of the folder).

  • If the corrupted OAB item is enabled for public folder distribution and the data has been published to public folders before the OAB item was corrupted, you can delete the contents of the OABGen folder from the <ExchangeInstallDir> \ExchangeOAB\ <OAB GUID> folder and rebuild the OAB files by updating the OAB. For more information about how to update the OAB, see How to Update the Offline Address Book.

  • If neither daily backups nor public folder distribution is enabled, delete the contents of the OABGen folder from <ExchangeInstallDir> \ExchangeOAB\ <OAB GUID>, and then rebuild the OAB files by using the following command in the Exchange Management Shell:

    Update-OfflineAddressBook <OABGuid>

    This command will cause a full OAB download by all clients. A full OAB download can cause massive network traffic between Client Access servers and clients.

  • If you are having difficulty resolving the issue, contact Microsoft Product Support. For information about contacting support, visit the Contact Us page of the Microsoft Help and Support Web site.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization. URL=%1%2.

Details
Product: Exchange
Event ID: 1008
Source: MSExchange ActiveSync
Version: 8.0
Symbolic Name: AirSyncException
Message: An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case, Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization. URL=%1%2.
   
Explanation

This Warning event indicates that an exception occurred during the Exchange ActiveSync synchronization process. The event description includes details about the root cause of the problem. The following are possible causes of this event:

  • The partnership configuration for this device was created by using computer that is running an earlier version of Microsoft® Exchange. The partnership cannot be used. This problem may occur after you upgrade a computer to Exchange Server 2007. Exchange will update the partnership on the Exchange server. After the partnership is updated, all the data configured for synchronization in the partnership will be resynchronized.

  • The partnership configuration for this device is damaged. Exchange will update the partnership on the Exchange server. After the partnership is updated, all of the data configured for synchronization in the partnership will be resynchronized.

  • A user has accessed the same item from multiple computers or mobile devices. For example, this may occur if a user tries to reply to a message on their mobile device after that device has been deleted on the user’s desktop computer that runs Microsoft Office Outlook® 2007. This will be corrected the next time that the user synchronizes their device..

  • When AirSync calls the ADSystemConfigurationSession.GetDefaultAcceptedDomain method, AirSync tries to read all accepted domains. Then, AirSync filters on the client side for the default domain. If the Exchange Server 2007 organization has more than one thousand accepted domain objects, the Active Directory directory service returns an error. Therefore, AirSync cannot synchronize successfully.

   
User Action

To resolve this warning, do one or more of the following:

  • If this error was caused by an outdated partnership or a damaged partnership, no user action is required. Exchange will re-create a partnership with the mobile device.

  • Make sure that the user has an Exchange mailbox and that the user has been enabled for Exchange ActiveSync. For more information, How to Enable or Disable Exchange ActiveSync for a Mailbox User in the Exchange 2007 Help file.

  • Wait for the Active Directory® directory service replication to occur.

  • To resolve the issue when the Exchange Server 2007 organization has more than one thousand accepted domain objects, install Update Rollup 4 for Exchange Server 2007.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

Introducing Data Loss Prevention 14.5

New Capabilities Eliminate Security Blind Spots

Background Image on Blogs “Quilted” Page: 
Twitter Card Style: 

summary

As our jobs demand more collaboration with customers, partners and suppliers outside of our organizations, security teams are working harder than ever to secure an exponentially growing number of interconnected devices and applications, and keep sensitive data from slipping through the cracks. 

The DLP team at Symantec is passionate about helping companies protect their most valuable and sensitive information from falling into the wrong hands. The new version of Data Loss Prevention 14.5 adds over twenty new data discovery, monitoring and protection capabilities to eliminate blind spots and give security teams better visibility and control over sensitive data. Read on to learn more!

Minimize Your Cloud Security Risks                                                       

During the past year, we’ve introduced new cloud discovery and monitoring capabilities for Box, Gmail for Work and Microsoft Office 365 Exchange Online. DLP 14.5 expands those capabilities so you can store and share data in the cloud even more securely.

With DLP Cloud Storage, you can track sensitive documents that users are storing and sharing on Box, and identifies risky practices such as using shared links which could give open access to unauthorized users. When users violate a policy, you can automatically move exposed files and folders a protected quarantine folder on Box and leave behind a marker file in its place to notify users by leveraging the new File Quarantine feature of DLP Cloud Storage. Not only can you secure unprotected files, but also visually tag files to alert users to self-remediate sensitive files and folders.

Box Screenshot.jpg

Along with the release of DLP 14.5, we’ve rolled out an update to our DLP Cloud Service for Email. The DLP Cloud Service for Email is a cloud-powered data detection service that provides powerful email monitoring for Gmail for Work, Microsoft Exchange Online, and now your on-premises Microsoft Exchange Server, and can be easily plugged into your existing DLP Enforce Management Server. It protects your corporate email regardless of whether it’s hosted in a conventional on-premise email application, public or private cloud email service, or a hybrid mix of on-premise and cloud environments.

Cloud Email Screenshot A.png

Spot PII in Imaged Form Documents

Tax returns, insurance claims, patient forms are rife with personally identifiable information (PII) that goes undiscovered because forms are often stored as imaged documents that aren’t easily recognized by security tools. With DLP Form Recognition, you can spot sensitive data in images of handwritten and typed forms. Form Recognition is a new type of content detection technology that leverages intelligent image processing to catch and stop confidential data that would otherwise go undetected in scanned or photographed forms.

Form Recognition.png

Control Data in Use Across More Apps, Files and Platforms  

Employees have limited knowledge of the cybersecurity risks they face both inside and outside the enterprise firewall. With the DLP Endpoint Agent, you can keep them safe wherever they work by monitoring and protecting data in use across a wide range of activities such as downloading to removable storage; copying and pasting within documents; and sending over the web. In this release, we’ve added endpoint coverage for new apps, file types and operating systems routinely used by employees to store and share sensitive data:

  • Mac OS 10.11
  • Microsoft Office 2016 file types
  • Microsoft Outlook 2011 email client
  • Box for Office and Box Sync applications
  • Chrome, Firefox and Safari browsers (via HTTP and HTTPS)
  • Cisco Jabber and Skype for Business instant messaging clients
  • Skype instant messaging client                                                              

Guard Dangerous SSL Blind Spots 

With more and more applications encrypting their traffic to protect users from prying eyes, you lose visibility into sensitive content that company insiders are unwittingly leaking or knowingly concealing under the cover of encrypted protocols like SSL. In DLP 14.5, we’ve added new SSL monitoring capabilities for web, email, FTP and IM communications by leveraging integrations between DLP Network Monitor and these leading SSL decryption products: Blue Coat SSL Visibility and Palo Alto Networks Next Generation Firewalls.

Learn More

To learn more about what’s new in the latest version of Data Loss Prevention 14.5 visit go.symantec.com/dlp

Related: