Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Address list separation is not working for a user without a mailbox in Exchange Server 2019 and 2016

Address list separation is not working for a user without a mailbox in Exchange Server 2019 and 2016

View products that this article applies to.

Symptoms

In Microsoft Exchange Server 2019 or Exchange Server 2016, a user might have two Windows accounts, one without a mailbox (for example, this is used for administrative purposes), let's call this WindowsOnlyAccount and a standard mailbox account to which an AddressBookPolicy is applied. When the WindowsOnlyAccount is currently logged on, the user can create an Outlook online-mode profile and provide the credentials of the mailbox account. In this scenario, address list separation isn’t applied any longer for this mailbox user. This results in all address lists being visible and browsable. That means:
  1. All address book information about the exchange organization can be viewed if the user has full permissions to another user's mailbox.
  2. All address book information about the exchange organization can be viewed until Outlook is started at least a second time if the user uses another user's credentials to sign in to his mailbox.

↑ Back to the top

Resolution

To fix this issue, install one of the following updates:
For Exchange Server 2019, install the Cumulative Update 4 for Exchange Server 2019 or a later cumulative update for Exchange Server 2019.
For Exchange Server 2016, install the Cumulative Update 15 for Exchange Server 2016 or a later cumulative update for Exchange Server 2016.
Notes: 
  • For Outlook 2016, you need to install the October 1, 2019, update for Outlook 2016 (KB4484107) (or a later update for Outlook 2016) to make sure this update can work together with Outlook. For Outlook 2013, you need to install the October 1, 2019, update for Outlook 2013 (KB4484096) (or a later update for Outlook 2013) to make sure this update can work together with Outlook.
  • After you install this update, an empty address list will be returned for the two scenarios.
  • To enable this fix, you also need to run the following command for your organization:

    Set-OrganizationConfig -EmptyAddressBookForNonExchangeUsers:$true

↑ Back to the top

References

Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top

Keywords: CI111810, kbHotfixAuto, kbqfe, kbfix, kb, address list separation not working

↑ Back to the top

Article Info
Article ID : 4532747
Revision : 12
Created on : 12/17/2019
Published on : 12/17/2019
Exists online : False
Views : 240