XADM: Clients Cannot Browse the Global Address List After You Apply the Q299687 Windows 2000 Security Hotfix (309622)


The information in this article applies to:

  • Microsoft Exchange 2000 Server
This article was previously published under Q309622
IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

After you apply the Q299687 Windows 2000 security hotfix or the Q311401 Windows 2000 security rollup package on the global catalog server, the following symptoms may occur:
  • Existing MAPI client computers cannot browse the global address list.
  • If you try to do a "check name" procedure when you create a new Microsoft Outlook profile, the procedure fails with the following error message:
    The name could not be resolved. The name could not be matched to a name in the address list.
  • When you compose a new mail message, the names are not resolved.

CAUSE

This issue can occur if you use the Q299687 Windows 2000 security hotfix and you set the RestrictAnonymous registry key to a value of 0x2. In this scenario, the global catalog server does not allow anonymous access, and Exchange Server and Outlook cannot access Active Directory.

NOTE: The Q299687 Windows 2000 security hotfix is included in the Q311401 Windows 2000 security rollup package.

RESOLUTION

The problem caused by the Q299687 hotfix has been fixed in Windows 2000 SP3. To resolve this issue, upgrade your global catalog servers to Windows 2000 SP3.

MORE INFORMATION

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

299687 MS01-036: Function Exposed By Using LDAP over SSL Could Enable Passwords to Be Changed

For additional information about the RestrictAnonymous registry key, click the article number below to view the article in the Microsoft Knowledge Base:

246261 How to Use the RestrictAnonymous Registry Value in Windows 2000

If you experience symptoms similar the symptoms described in the "Symptoms" section of this article, but the global catalog server does not meet the conditions that are described in the "Cause" section of this article, click the article number below to view the article in the Microsoft Knowledge Base:

297801 XADM: Troubleshooting: The Name Could Not Be Resolved

Modification Type:MinorLast Reviewed:4/28/2005
Keywords:kbprb KB309622
©2004 Microsoft Corporation. All rights reserved.