Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


Microsoft Exchange 2019 Offline Address Book (OAB) shadow download request fails when BlockLegacyAuthOfflineAddressBook is enabled in Organization Policy.  


To fix this issue, install the following cumulative update: 

Cumulative Update 14 for Exchange Server 2019 or a later cumulative update for Exchange Server 2019

Additional Information

You must also create setting overrides by running the following commands from an elevated Exchange Management Shell (EMS) to enable the fix: 

  • New-SettingOverride -Name "Enable block legacy auth OAB fix" -Component Auth -Section ServerToServerNtlmAllowed  -Parameters ("Enabled=True") -Reason "Fix OAB block legacy auth issue"
  • Get-ExchangeDiagnosticInfo -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh
  • Restart-Service -Name W3SVC, WAS -Force

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!