Exchange Server 2013 Disaster Recovery

In this blog post we will be learning on how to Recover Exchange Server 2013 if it is crashed. Although the steps remain same in 2013, however there are few pre-requisites changes which we will explore in this blog.

Before We Begin

The account with which we are going to perform Recovery should be a member of Domain Admins Group and Enterprise Admins Group along with Exchange Organization Management Group.

Concept

Disaster Recovery is purely based on the Data which is available. By which we can recover an Exchange Server. This data is available in any one of the Domain Controller which is reachable at the time of recovery. Exchange Configuration information is available on a Domain Controller under Configuration Partition. Disaster Recovery is not possible only when there is only one Exchange Server which is also a Domain Controller. It is always a best practice to have your Exchange Server running on a member server. This is applicable for Exchange Server 2003, 2007, 2010 and 2013. Although the steps to recover is little different, however the concept remains same.

Best Practices

Always maintain a proper backup of AD System State and Exchange Database Files.

Scenario

Domain Name : MSEXCHANGETEAM.IN

DC Name : DC1

Exchange Server 2013 : MBX

Windows Version : Windows Server 2008 R2 SP1

Forest Functional Level : Windows Server 2008 R2

Domain Functional Level : Windows Server 2008 R2

==================================================

Prerequisites

Functional Domain Controller (Should be Reachable)

Same Sever name and Operating System for Recovery. DO NOT ADD THE MACHINE TO DOMAIIN.

How to check what was the operating system the server was running before crash and its name.

Figure 1.1 : Properties of crashed sever using Active Directory Users and Computers

==================================================

Assign same static IP address.

How to get the IP address. Go to any AD Integrated DNS server and check for the host name of the crashed server. Make a note of the IP address and assign the same address.

==================================================

Same drive letters are mandatory. Else recovery will fail.

How to get drive letters of crashed server.

Figure 1.2 : In ADSIEDIT go to the location as shown above.

Go to the properties of “Mailbox Database 1679725872” and make a note of below attribute value for drive letters which has the database and log file path.

msExchEDBFile

msExchESEParamLogFilePath

msExchESEParamSystemPath

These attributes will have database file path and log file path.

Caution : Working with ADSIEDIT requires core understanding on how the tool works. If you are not confident of handling the tool then it is recommended to have an expert advice. Please be careful.

==================================================

Before adding the server to Domain. Go to Active Directory Users And Computers > Right Click the crashed server and Select “Reset Account” as shown below.

Figure 1.3 : Resent Account.

In figure 1.3 once the Account is reset then we will be able to join the same server to the domain.

Now that we have added the machine to domain. Its time to check if Exchange information is available on Domain. To check that login to any one domain controller and open ADSIEDIT.

Caution : Working with ADSIEDIT requires core understanding on how the tool works. If you are not confident of handling the tool then it is recommended to have an expert advice. Please be careful.

To open ADSIEDIT go to Start > Administrative Tools > ADSIEDIT

In the console right click ADSIEDIT > Select Connect Too… > Select a well Known Naming Context > In the drop down menu select Configuration.

Below is the DN of the server object which was crashed.

Figure 1.4 : DN of Exchange Server

Figure 1.5 : Location in GUI.

==================================================

Now that we have confirmed that Exchange Server Object resides in AD and its safe to move further by running Disaster Recovery. Before running Disaster Recovery please ensure that the required Roles and Features are installed as shown below.

Open Windows Powershell and type the below commands.

Import-Module ServerManager

Add-WindowsFeature Desktop-Experience, NET-Framework, NET-HTTP-Activation, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Web-Server, WAS-Process-Model, Web-Asp-Net, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI

Post installing the roles and features restart the server and install the software as listed in Microsoft Site. Please clickhere for installing the required software.

You also have to install the updates listed in this article KB974405

Now its time to create the folder path as listed in the attributes as shown below.

msExchEDBFilePath

“C:\Program Files\Microsoft\Exchange Server\V15\Mailbox\Mailbox Database 1679725872”

Post creating the folder path restore the data files as shown below.

“C:\Program Files\Microsoft\Exchange Server\V15\Mailbox\Mailbox Database 1679725872\Mailbox Database 17679725872.edb”

Note : Database file path and log file path may differ in practical scenario.

==================================================

Download Exchange Server 2013 from here and save it in a local drive.

Open  Windows Powershell and type the below command.

Figure 1.6 : Recover Server Switch

Figure 1.7 : Configuring Prerequisites

Figure 1.8 : Setup completed Successfully.

Disaster Recovery is completed and its time to get the Mailbox database in place. Restore the database and mount the store.

Figure 1.9 : Mount the Database by selecting the option as shown above.

Figure 1.10 : Emails are restored and users are able to send and receive emails.

Disaster Recovery is completed and we are able to send and receive emails.

Important Points to Remember

1. Good Exchange Database Files backup is mandatory.
2. Its easy to recover the server if it’s a member server.
3. Healthy Active Directory can help us recover the server faster.

==================================================

Happy Recovery

Changes in msExchCurrentServerRoles in Exchange 2013 and its impact on a disaster recovery scenario

Hello All , and welcome to another topic , where we are going to discuss the architectural changes in Exchange 2013 in comparison to exchange 2007 or 2010 .

We are going to focus on the disaster recovery scenario, which obviously is quiet simple, if everything goes well.

Caution : The steps listed below requires complete understanding of ADSIEDIT and registry. Incorrectly modifying them can cause severe issues to the operating system. Please follow them at your own risk

Now consider a scenario, where the disaster recovery has failed at the first stages of the operation (say the HT role) ,where , the options left with the Exchange Admins are to go through the setup logs , to find that some folder in the exchange server registry location was missing , in which case, we generally create the needed folder in the registry and start from scratch , or we modify the msExchangeCurrentServerRoles , to trick the server into believing that it is hosting lesser roles , than it actually is , by modifying the attribute from the object , and skip on to the next phase of DR installation , which generally is the CAS role .

Now by known conventions, we have come to know that the server role integer value associated with each role for e2k7 /e2k10 are as follows;

Mailbox: 2

CAS: 4

Hub: 16

UM: 32

Thus the sum-up of all the roles are: MBX+CAS+UM+HUB = 2+4+16+32=54

Thus modifying the msExchangeCurrentServerRoles current server role, can actually make the server believe that the role is not installed, and as Disaster recovery reads this particular attribute, to determine, the state of server roles, the DR installation proceeds accordingly.

Now the change that I have noticed in 2013 is, if all the roles (MBX+CAS+UM+HUB), as UM is required for the installation process, the value changes to 16439.

This was pretty new to me, as not much documentation was done regarding the same in TechNet.

So I decided to install an Exchange 2013 CAS, and the value for the msExchangeCurrentServerRoles was 16385.

I went ahead and installed a separate mailbox server, and found the value of msExchangeCurrentServerRoles to be 54

Point to be noted: if we add up the values, we get a cumulative value of 16439 (16385 + 54 = 16439).

This got me thinking, as the mailbox server in 2013 is an integrated service of the roles MBX+CAS+UM+HUB, which adds up to 2+4+16+32=54.

Thus I came to the conclusion that, on a standalone CAS server, the msExchangeCurrentServerRoles is 16385,whereas on a box with all the 4 roles installed (MBX+CAS+UM+HUB) has a msExchangeCurrentServerRoles as16385 + 54 = 16439

Thus to prove my point, I tried to simulate DISASTER RECOVERY on a 2013, with the /donotstarttransport switch OFF.

Please find the screenshots of the attribute before DR attempt

Figure 1: Attribute and its value

As we can see that the current server role is set to 16439.

Next I initiated a DR, which failed at the transport service start (see screenshot below)

Figure 2: Recover Server failed

Here I went ahead and changed the watermark key for the hub transport server in the registry from watermark to configured version, as the binaries are in place. The failure was due to a hard coded timeout period and removed the action key and renamed the key as .old.

Figure 3: Registry Path

Next phase of action was to calculate the weightage of the HT role, as HT in e15 is an integrated service.

This can be done easily by taking into consideration the following values:

• Exchange 2013 CAS role number is: 16385
• Exchange 2013 MBX role number is: 54
• Added, we get 16385 + 54 = 16439
• As hub is installed the value can be NEGATED AS : Hub installed : -32 (MINUS 32)
• Thus (MBX+UM+HUB)-HUB =22 i.e. 54 -32 =22
• Thus the value of the hub , without the integrated mailbox services is 22
• Thus , to make the server believe that the hub role(individual) has been installed , we have to add the CAS SERVERROLE VALUE + THE INDIVIDUAL HUB ROLE VALUE : 16385 + 22 = 16407 (without the hub component) {i.e. hub component has already been installed}

Thus the value to install the other components would be 16407.

Figure 4: Attribute Value

After altering the currentserverrole, I initiated a DR again and it completed successfully.

Figure 5: Recovery Completed

Post installation completion, change the registry value of hubtransport.old to HubTransportrole and change the current server value back to 16439.

Figure 6: Registry Changes

Post this, reboot the server and ensure that the services are up and running.

Hope this was helpful.

==================================================

Exchange Server 2010 Disaster Recovery using Active Directory System State Backup

In this blog we will be learning the steps on how to recover Exchange Server 2010 if the Server Object is missing from Active Directory.

The steps described in this article would benefit small business customers with 50-100 user mailboxes. Single Exchange Server and Single Active Directory Domain.

Pre-requisites
Valid Active Directory System State Backup
Working knowledge on Active Directory and Its Backup
Directory Service Restore Mode Password
Good Understanding of Authoritative and Non-Authoritative Restore Terminology

ScenarioSingle Exchange Server 2010 SP3
Single Active Directory Domain
====================================
Recovery will succeed only if the following conditions are met
1) Valid Active Directory Backup Exists and it was fully tested.
2) Configuration Objects for Exchange Server has been deleted accidently using ADSIEDIT.
2) Exchange Server is intact without any changes (Member Server).
3) Exchange Services are up.
4) Valid Exchange Database Copy as a precautionary step.

Lets ExploreBefore Deletion

Figure 1: Clients Connected

Figure 2: Exchange Server 2010 is Online
====================================
After Deletions

Figure 3: Disconnected
In figure 3 the symptoms will show as Disconnected. As a first steps in troubleshooting we can start by looking at Exchange Services.

Figure 4: Services
In figure 4 one of the key important service for client connectivity “Microsoft Exchange Address Book” Service is stopped. When you try to start it will fail. Although other services are up and running. Some serious issues from Active Directory end.

Figure 5: EMC Error

Figure 6: EMS Error
In figure 6 EMS error clearly states that the server is missing and it says “Enter the server FQDN where you want to connect”.

Looking at the above error. It is obvious that some deletions has took place from Active Directory End. Lets see how to get the server back.

Please Note : The scenario is for Single Site with Single Exchange Server and Active Directory.====================================
Recovery
For restoring the backup I have used Windows Server Backup Feature.

Permission RequiredThe account must be a member of Domain Admins and Enterprise Admin

Login in to the Domain Controller and go to Start > Run > and type Msconfig as shown below.

Figure 7: msconfig

Figure 8: System Configuration
We have to boot the DC in Safe Boot “Active Directory Repair” mode.

Figure 9: Restart

Figure 10: DSRM Login
In figure 10 we are logging in with DSRM logging. Since it is a DC. Once recovery is completed we have to revert it to normal logging.

Figure 11: Windows Server Backup
In figure 11 we have two backups. We can select the latest one for minimal impact on end users as well as on server. Select Recover.

Figure 12: Getting Started

Figure 13: Available Backups

Figure 14: Recovery Type

Figure 15: Select Location
In figure 15 Original Location was selected since it’s a single DC. Also Non-Authoritative Restore option was selected.

Figure 16: Warning Alert

Figure 17: Select Automatically Reboot

Figure 18: Warning

Figure 19: Recovery Progress

The server will reboot automatically. Please follow instructions for logging in as shown in figure 10 above.

Figure 20: Successfully Completed

Now that the restore is completed time to login to the DC in normal mode. Please follow instructions to disable Safe Boot mode as shown in figure 7 and 8. The system will be rebooted. Post which login with Domain Admin Credentials.
Post logging in. Open ADSI Edit.msc tool as shown below.

Figure 21: ADSI Edit
Now that we are able to see Exchange Server Object. Its time to reboot the Exchange Server Box.

Figure 22: Exchange Services are up

Figure 23: EMC Opened

Figure 24: EMS Opened

And Finally Clients are Connected

Figure 25: Clients Showing Connected

Conclusion: System State backup plays an Important role. It is very important to perform a thorough check on System State Backup of a DC on a regular interval.

I hope it was helpful. Do share your thoughts or any comments and we will be more than glad to respond.

==================================

How to Move Exchange Server 2007 from Windows Server 2008 SP2 to Windows Server 2008 R2 SP1

In this Blog post we will be exploring on how to move Exchange Server 2007 from Windows Server 2008 SP2 to Windows Server 2008 R2 SP1.

Note : This scenario may or may not work for you. Please perform a thorough test before implementing it into production environment.

Below are some of the few points which will help us to understand when and why this scenario will help us.

• Windows Server 2008 SP2 had some performance issues.
• Company had planned to Upgrade from Windows Server 2008 to 2008 R2.
• Existing Server had a blue screen of death. Non reliable.
• Server is completely compromised due to Virus.
• Server crashed due to power outage..etc. etc..

===============================================

Permission Prerequisites

The account should be a member of Domain Admins and Enterprise Admins Groups. Full Exchange Administrators permission.

===============================================

Data Prerequisites

Full Exchange Database Backup is mandatory. If not, then blank database can be mounted, however no old emails will be accessible.

===============================================

Scenario

Exchange Server : Exchange Server 2007 SP3 (MBX)

Windows Server 2008 SP2 which will be replaced with Windows Server 2008 R2 SP1

Domain Name : MSEXCHANGETEAM.IN

DC Name : DC1

===============================================

How to check the previous version and SP using Active Directory Users and Computers.

Figure 1.1 : Server Properties

Using ADUC we can easily understand what operating system the server was running before crashing or replacing. This will help us to plan whether we will bring the same operating system or different.

Figure 1.2 ; Using ADSIEDIT.msc. Connecting to Domain Partition and the properties of server object.

Figure 1.3 : Exchange Server Version.

In figure 1.3 the Exchange Server version will remain same.

Figure 1.4 : Number of Test Users.

Figure 1.5 : Test Emails Before moving to 2008 R2

===============================================

So far we have checked basic requirements. We also have proper exchange database for recovery. Now its time to recover the server as follows.

Login to domain controller and open Active Directory Users and Computers > Navigate to the Computer Object and right click > Select Reset Account as shown below.

Figure 1.6 : Reset Account

Figure 1.7 : Account Reset successfully

Now join the server to Domain. The server is now Windows Server 2008 R2 SP1.

Figure 1.8 : Post joining the Server the Properties have changed.

In figure 1.8  we can now see that the operating system has changed.

Install Exchange Server 2007 Prerequisites by running the following command.

ServerManagerCmd -i Web-Server
ServerManagerCmd -i Web-ISAPI-Ext
ServerManagerCmd -i Web-Metabase
ServerManagerCmd -i Web-Lgcy-Mgmt-Console
ServerManagerCmd -i Web-Basic-Auth
ServerManagerCmd -i Web-Digest-Auth
ServerManagerCmd -i Web-Windows-Auth
ServerManagerCmd -i Web-Dyn-Compression
ServerManagerCmd -i RPC-Over-HTTP-Proxy

===============================================

Reboot the server post installing the above features.

Its time to run Recover Server with Exchange Server 2007 SP3 media as follows.

Figure 1.9 : Recover Server Completed

In figure 1.9 we have used /DoNotStarTransport. This is to avoid failure of recovery process. Once recovery is finished start the service manually.

Figure 1.10 : This database can be overwritten by a restore

In figure 1.10 post recover server go to the properties of database and select the above option to restore the database.

Figure 1.11 : Database path

By looking at figure 1.11 ensure that Exact set of folders are created and the database is restored to its location. By default recover server would not create this folders.

Figure 1.12 : Database Health check

Post restoring the database health check is mandatory before bringing the database into production.

Figure 1.13 : Mount database

Now since we have confirmed database location and database health. Its safe to go ahead and “Mount Database”

Figure 1.14 : Mounted

Figure 1.15 : Mailboxes as seen before recovery

Figure 1.16 : Same Exchange Server Recovered

Figure 1.17 : OWA Test

Figure 1.18 : User able to login

Figure 1.19 : I am Back….

Exchange Server is back on a brand new operating system Windows Server 2008 R2. No settings have been modified.

This article illustrates as to what “Recover Server” can do. There are many scenario under which recover server can be performed.

===============================================

H