Symptoms
Microsoft Exchange 2019 Offline Address Book (OAB) shadow download request fails when BlockLegacyAuthOfflineAddressBook is enabled in Organization Policy.
Resolution
To fix this issue, install the following cumulative update:
Cumulative Update 14 for Exchange Server 2019 or a later cumulative update for Exchange Server 2019
Additional Information
You must also create setting overrides by running the following commands from an elevated Exchange Management Shell (EMS) to enable the fix:
- New-SettingOverride -Name "Enable block legacy auth OAB fix" -Component Auth -Section ServerToServerNtlmAllowed -Parameters ("Enabled=True") -Reason "Fix OAB block legacy auth issue"
- Get-ExchangeDiagnosticInfo -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh
- Restart-Service -Name W3SVC, WAS -Force