The error (9327, 9323 offline address list) is often found in the event log of the Exchange server that generates the offline address book:
MSExchangeSA
9327Es wurden einige Einträge in der Offlineadressliste „\Globale Adressliste“ von OALGen ausgelassen. Um festzustellen, welche Einträge betroffen sind, muss die Ereignisprotokollierung für den Offlineadress-Generator mindestens auf „Mittel“ festgelegt sein.
– \Default Offline Adressbuch
To determine what is causing the warning, the diagnostic level must be raised, in some cases this message then appears as the cause:
MSExchangeSA
9323Eintrag ‚Benutzer‘ weist ungültige oder abgelaufene E-Mail-Zertifikate auf. Diese Zertifikate werden nicht in die Offlineadressliste für ‚\Globale Adressliste‘ aufgenommen.
– \Default Offline Adressbuch
So the cause is expired certificates that have been published in the Active Directory, now you can of course go through every user that is reported and delete the corresponding certificates, or you can use the script that I have created.
The Quest Active Directory Tools are required to execute the script. The tools can be downloaded here free of charge:
http://www.quest.com/powershell/activeroles-server.aspx
In addition, the Exchange Management Shell must be installed on the computer that executes the script.
The script increases the diagnosis level and then starts a generation of the offline address book. It then searches for all affected users and removes the invalid certificates if required.
In principle, the script should also work with Exchange 2013, but I have not yet tested this.
You can download the script here:
[wpdm_file id=6]