Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.
VIEW MEMBER FEEDACK TO THIS TIP
Whenever a domain account is changed, any corresponding mailboxes for the account in Exchange Server can't be accessed for up to two hours.
If that change happens overnight, it isn't usually a problem. But if it's done during a work day, users will be locked out of their e-mail. This can also happen if a mailbox has been moved.
This happens because Microsoft Exchange maintains its own cache of directory information, so that any such information doesn't have to be reread from Active Directory every time it's needed.
This minimizes network traffic (if the AD repository is on a different computer than Exchange Server) and overall server load. That said, the timeout for the directory cache is a whopping two hours -- hence the delay.
If you are constantly running into this problem, it might be in your best interest to change the timeout for the cache. The two-hour delay time is set at the factory and was probably created at a time when your average Exchange/Active Directory server wasn't as robust as it probably is now -- so changing it to a more aggressive value should be helpful overall.
- Open the registry on the server running Microsoft Exchange and locate the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSystem.
- Add a new REG_DWORD value named Mailbox Cache Age Limit, and set it to a decimal value of 5 (for every five minutes). You can use a different value if you wish.
- Stop and restart the information store.
The larger the number of people in your organization, the more of an age limit you'll want to retain. Less than five minutes usually isn't needed, but I have seen scenarios where it has been set to as low as one minute without adverse effects.
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.
MEMBER FEEDBACK TO THIS TIP
The article doesn't describe what types of account changes. Is this just the password, or to any parameter?
Jeff S.
******************************************
The main change to be aware of is the username itself, yes. I don't believe changes to other Active Directory properties would cause problems though.
Serdar Yegulalp, tip author
******************************************
It would be helpful to have a reference to Microsoft's KB 179065 ("XADM: Changes to Primary Windows NT Account on Mailbox Do Not Take Effect") and the Exchange Server versions to which it applies: Exchange 5.5 and 2000.
Javier A.
******************************************
Microsoft has made mention of this behavior as it applies to Exchange 5.5 and 2000 in this Knowledge Base article along with a similar fix.
Serdar Yegulalp, tip author
Do you have comments on this tip? Let us know.
Related information from SearchExchange.com:
Learning Guide: Exchange Server performance
Tip: Tool audits changes to Active Directory
Reference Center: Exchange and Active Directory tips and resources