Thursday, December 22, 2011

The Story Behind the Name: Office 365

What's in a name?

Office 365 brings together Exchange Online, SharePoint Online, Lync Online as well as Microsoft Office desktop software and Web apps. There's a lot of power under this particular hood and it's delivered through the cloud. Was it possible to find a single unifying name that all at once would 1) Heighten expectations of the existing productivity brands at Microsoft; and 2) embody the deeper relationship we can hold with our customers as a result of the cloud delivery model?

So what about Office 365?

The 365 extension embodies the idea that the cloud connects us more closely to our customers than ever before. The brand promise extends from productivity as we know it today to a promise to help more people collaborate, communicate and get work done from anywhere, 24/7, 365 days a year.

This means keeping the service up-to-date with the very latest in productivity innovations. It means investing billions of dollars and tens of thousands of people to work on cloud services.

If you boil it down, it comes to:

Office = rich, familiar, trusted gold standard of productivity

365 = available to everyone, when and where you need it

Microsoft approach to cloud productivity applications means that we can deliver the best of everything we know about productivity to our customers in an always-up-to-date cloud service every single day of the year.


Important KB Articles of the Month Dec 2011

Exchange Server 2010

Error message when an Exchange Server 2007 user or an Exchange Server 2010 user tries to log on to OWA
Random hexadecimal string is added to the end of an SMTP address in an Exchange Server 2003, 2007, or 2010 environment
Items that are deleted or moved still appear in the original folder when you use Office Outlook in online mode to access an Exchange Server 2010 mailbox
Error message when you run the Set-FederatedOrganizationIdentifier cmdlet to configure Exchange federation: "InvalidUri: Passed URI is not valid"
Outlook connects to an old Exchange server after you move a mailbox from an Exchange Server 2007 server to an Exchange Server 2010 server
"Cannot open your default e-mail folder" error when users try to open their mailboxes in Outlook after migration to Exchange 2010
An Exchange Server 2010 database store grows unexpectedly large

Exchange Server 2007

Error message when an Exchange Server 2007 user or an Exchange Server 2010 user tries to log on to OWA
Random hexadecimal string is added to the end of an SMTP address in an Exchange Server 2003, 2007, or 2010 environment
OWA clients for Exchange Server 2007 on Windows Server 2003 cannot view or send S/MIME messages that use Windows Server 2008 certification authority
Outlook connects to an old Exchange server after you move a mailbox from an Exchange Server 2007 server to an Exchange Server 2010 server
"HTTP 400 Bad Request" error when you connect to an Exchange Server 2007 mailbox by using Outlook Web App

Exchange 2003

You cannot connect to Outlook Mobile Access on a server that is running Exchange Server 2003
How to redirect an HTTP connection to HTTPS for Outlook Web Access clients and how to redirect the Default Web Site to point to the Exchange virtual directory

Exchange 2010 Pre-Deployment Analyzer

The Exchange 2010 Pre-Deployment Analyzer is a free download from Microsoft, and is based in part on the Exchange Best Practices Analyzer. Some of the tests the Pre-Deployment Analyzer runs are the same as those run during the prerequisite checks the Exchange installer runs, but the approach of this tool is different in several notable ways.

First, the Exchange Pre-Deployment Analyzer is targeted towards users who are evaluating their overall environment. The checks that run during the initial steps of an Exchange installation are more focused on the actual server on to which you are trying to install Exchange. The tool checks your Active Directory forest and domains, and analyzes any existing Exchange 2003 or 2007 servers you are running to ensure that they are at the correct patch level to support the introduction of Exchange 2010 into the organization. If problems are found they are reported as either Critical, or Warning. Critical issues are those that will stop your Exchange 2010 deployment in its tracks, and must be addressed before proceeding. Warnings are those things that may cause issues or reduce performance, but are not show stoppers.

The checks that are run can be found in the XML file, and include the following:

Reporting on the forest structure, including trees, domains, sites, admin groups, routing groups, Exchange 5.5 servers, Exchange 2000 servers, Exchange 2003 servers, total mailboxes, domain controllers, and how many Active Directory domain/sites have Exchange servers installed.

Verifying that the Schema Master is Windows 2003 SP1 or later.

Identifying Active Directory domains that are not in native mode.

Identifying Active Directory sites that do not have a global catalog server running Windows 2003 SP1 or later.

Verifying that there are no Active Directory Connector servers.

Identifying all SMTP site links.

Verifying that the Exchange organization is in native mode.

Identifying any non-standard proxy address generators.

Identifying any ambiguously defined email addresses in your recipient policies.

Identifying any non-MAPI public folder hierarchies in use.

Identifying Routing Groups that span Active Directory sites.

Identifying any Active Directory sites that span Routing Groups.

Identifying any Routing Group Connectors that have specialized settings.

Identifying any SMTP Connectors that support non-SMTP address spaces.

Identifying any SMTP Connectors that use inline domain.

Identifying any X.400 Connectors in the topology.

Identifying any EDK-based Connectors in the topology (excluding Notes).

Verifying that any servers running Exchange 2003 have SP2 or later.

Verifying that any servers running Exchange 2007 have SP2 or later.

Identifying any SMTP virtual servers that are not using port 25 for incoming/outgoing.

Verifying that all Exchange 2003 servers have SuppressStateChanges set.

Identifying any Exchange 2003 servers that have active NNTP newsfeeds.

Identifying any Exchange 2003 servers that use the Event Scripting service.

Identifying any Exchange 2003 servers that have the ExIFS (a.k.a. M:) drive enabled.

Identifying any parts of Active Directory that have Access Control Entry inheritance disabled.

That’s quite a list. Sure, you could check all of these manually, but would you really want to? Anything that the Pre-Deployment Analyzer finds that could cause you problems is brought to your attention in the final report, which lets you quickly identify things you need to change, upgrade, or decommission before proceeding with your first Exchange 2010 server installation.

The Exchange Pre-Deployment analyzer runs on any current server or workstation operating system, requires the .Net Framework 2.0, and should be run by an Enterprise admin who is also a member of the Exchange Organization Administrators groups to get a full analysis of everything involved.

Exchange 2010 Service Pack 2 - What's New

Exchange Server 2010 has released SP2, It is not such a major update as SP1, but there are small numbers of new features that have been added to the product. There are around five hundred Exchange Server 2010 SP1 Update Rollup fixes that have been included in to SP2. But there is a lot of great stuff inside SP2 that should appeal to you.

Hybrid Configuration Wizard

Exchange Server 2010 introduces the Hybrid Configuration Wizard, which provide you an Exchange 2010 on-premises environment can be integrated with Office 365. This is called rich coexistence. It provides the seamless look and feel of a single Exchange organization and offer administrator the ability to extend the feature-rich experience and administrative control of an on-premises organization to the cloud.

Using the Hybrid Configuration Wizard you can:

1. Share free/busy information between on-premises Exchange 2010 organization and Office 356.

2. Move mailboxes between on premises Exchange 2010 and Office 365, preserving the outlook profile and the OST file.

3. You can use Message tracking between on-premises HUB transport server and Office 365 for mail flow and troubleshooting.

4. You can use Mail tips for mailboxes located both in Office 365 and in the on-premises Exchange 2010 environment.

5. Use online Archiving where online archiving is located in Office 365.

6. Use OWA redirection between Office 365 and the on-premises Exchange 2010 implementation.

To setup a ‘rich coexistence scenario’ with Office 365 a number of server need to be installed:

• A Directory Synchronization Server {DirSync} that sync the local AD with the Office 365 directory. This way one address List is created where mailboxes can exist both on-premises and the O365.

• An Active Directory Federation Services 2.0 {ADFS} server that can provide the true single sign-on solution. Using ADFS it is possible to logon to the local AD domain and at the same time logon to the O365 mailbox using the local credentials.

• The Exchange 2010 server itself that is used together with O365.

Mini OWA

In Exchange 2003 a special version of the webmail was available for WAP enabled mobile device. Using a WAP-enabled mobile device was possible for users to access their mailbox using a character-based interface. This was called OMA but this feature was removed from Exchange 2007. It has now turned as OWA mini in Exchange 2010 SP2. The mini OWA provides users with the following basic functionality:

• Access to e-mail, calendar, contact, tasks and global address list.

• Access to e-mail subfolders.

• Compose, reply to, and forward e-mail messages.

• Create and edit calendar, contact, and task items.

• Handle meeting requests.

• Set the time zone and automatic reply messages.

Address Book Policies

In Exchange 2007 and earlier it was possible to implement a feature called Address List Segregation. This feature made it possible to use several fully-separated address lists in Exchange by using the Access Control List (ACLs) on the various address lists to achieve this. ACLs are the means by which permission are assigned in a Windows OS. But Exchange 2010 introduces a new technology called the Address Book Service that is running on the Exchange 2010 CAS server. Therefore the ACL based method didn’t work anymore on the Exchange 2010.

Exchange 2010 SP@ introduces the address book policy object which can be assigned to a mailbox user. The ABP determines the global address list, offline address book, room list and address lists that are visible to the mailbox uses that is assigned the policy. Address book policies provide a simpler mechanism to accomplish GAL separation for the on-premises organization that needs to run disparate GALs.

Cross-Site Redirection

In large, Geographical dispersed companies it is likely that several location are used, each hosting their own Exchange 2010 servers {same AD and Exchange Org} and their own Internet connection. With Exchange 2010 SP2, you can enable a silent redirection when a CAS receives a client request that is better serviced by a CAS located in another AD site. This silent redirection can also provide a single sign-on experience when form-based authentication is enabled on each CAS. The only bad thing is that this only work when the CAS is connected directly to the Internet, without a reverse proxy solution.

Multi-Valued Custom Attributes

Exchange 2010 SP2 introduces five new multi-value custom attributes that you can use to store additional information for mail recipient objects. The ExtensionCustomAttribute1 to ExtensionCustomAttribute5 parameters can each hold up to 1,300 values; you can specify multiple values as a command line. The following cmdlets support these new parameters;

• Set-DistributionGroup

• Set-DynamicDistributionGroup

• Set-Mailbox

• Set-MailContact

• Set-MailPublicFolder

• Set-RemoteMailbox

Litigation Hold

In Exchange 2010, you can’t disable o remove a mailbox that has been placed on litigation hold. To bypass this restriction, you must either remove litigation hold from the mailbox, or us the new IgnoreLegalHold switch parameter when removing or disabling the mailbox.

Tuesday, December 20, 2011

New in Exchange 2010 Backup and Restore

What’s New in Exchange 2010 Backup and Restore

Exchange 2010 introduces several important changes that might affect your Exchange-compatible backup and restore applications, including the following:

• The maximum number of databases that can be mounted on a single Exchange 2010 server has been increased to from 50 to 100.
• Configuration settings for Exchange server databases are now stored in Active Directory Domain Services (AD DS).
• Database mobility features, including Database Availability Groups (DAGs), provide more flexible and more reliable database replication. For databases in a DAG that has two or more healthy copies, the database consistency checking step can even be skipped.
• Improved internal database integrity checking reduces the likelihood that any database corruption will be included in backup images. This helps reduce the need to take a database offline to perform consistency checking by using the CHKSGFILES API or the ESEUTIL application.

Backup and Restore Technologies and Features Removed from Exchange 2010

The following Exchange 2007 technologies and features are no longer available or supported in Exchange 2010:

• Streaming database backup and restore.
• Storage Groups. Each Exchange store database is managed separately in Exchange 2010.
• The Exchange Recovery Storage Group. This has been replaced by the Exchange Recovery database.
• Single-Copy Clusters (SCC).
• Local Continuous Replication (LCR).

Development Technologies Removed from Exchange 2010

The following technologies were removed from Exchange 2007:

• Exchange providers for Windows Management Instrumentation (WMI)
• Collaboration Data Objects for Exchange Management (CDOEXM)
• Collaboration Data Objects for Exchange Workflow (CDOWF)
• Exchange Web Forms
• At Functions

The following technologies were removed from Exchange 2010:

• Exchange OLE DB Provider (ExOLEDB)
• Exchange store Event Sinks
• World Wide Web Distributed Authoring and Versioning (WebDAV)
• CDO 3.0 (CDOEx)
• Item-level permissions
• Exchange Store custom item types

Changes to Backup and Restore in Exchange 2010

Microsoft Exchange Server 2010 introduces new technologies and features in many areas, and removes other important storage features. To implement Exchange 2010–compatible backup and restore applications, you may need to adjust your application to accommodate the changes described in this topic.

Exchange Storage Groups Removed

Exchange 2010 no longer includes the concept of storage groups. In earlier versions of Exchange, one or more Exchange store databases can be grouped into a storage group, which can then be managed as a unit. However, storage groups complicate many high-availability scenarios, and make single-database restores more complex.

Exchange 2010–compatible backup and restore applications that work with the Windows Volume Shadow Copy Service (VSS) no longer provide storage group identifiers in the VSS backup component paths.

Recovery Storage Group Replaced with Recovery Database

Because storage groups were removed from Exchange Server 2010, the recovery storage group no longer exists. Instead, if your application needs to restore, recover, and mount an Exchange database to a different location or server, it will use a recovery database. The recovery database is not tied to any original server or database. Each Exchange 2010 server can have no more than one mounted recovery database. There can be multiple recovery databases, but only one can be mounted at a time.

Streaming Backups Not Supported

Exchange 2010 does not support streaming-style backups. In versions of Exchange earlier than Exchange 2010, backup applications use the ESEBCLI2 interface to perform streaming backups.
Number of Databases per Server Increased

In Exchange 2007, each server can mount 50 databases configured in up to 50 storage groups. In Exchange 2010, each Exchange server can connect to a maximum of 100 Exchange databases, and storage groups do not exist. Although each Exchange server can have a maximum of 100 databases mounted at one time, that limit does not apply to the total number of database objects that are stored in Active Directory Domain Services (AD DS). Each Exchange organization can have any number of database objects in AD DS.

For backup and restore applications, the maximum of 100 mounted databases for an Exchange organization includes up to one mounted recovery database. There is no distinction between normal and recovery databases in this maximum number.

Database Mobility and Availability Groups Added

Exchange 2010 servers can be configured to perform even more flexible database replication than Exchange 2007 servers. Each Exchange 2010 database can be replicated to up to 16 Exchange servers, which can be geographically distributed to improve availability and resilience. The group of servers that replicate an Exchange database is called a Database Availability Group (DAG).

Exchange 2010 DAGs can also improve the reliability and performance of backup applications. Backing up a replicated, inactive copy of the database prevents the active Master database from being affected during the VSS snapshot.

Because all the servers in a DAG have copies of the database log files, applications can restore and recover databases by using backup components taken from different servers. When restoring a DAG database from backups, all active and passive copies must be restored using the same data.

Storage Configuration in Active Directory Changed

The arrangement of organization-level Exchange server and storage configuration information, which is stored in AD DS, has changed.

In versions of Exchange earlier than Exchange 2010, database and storage group configuration data is stored as children of the server object.

Because Exchange 2010 databases are no longer tied to a particular server, database configuration information is stored at the same hierarchy level as the Exchange server configuration objects. Similarly, DAG configuration is stored at the same level as the organization’s Exchange server configuration objects. Both forward links and back links exist between the database copies, the DAG they are a part of, and servers that participate in the DAG.

Storage Configuration Commands Changed

To accommodate the many storage architecture changes in Exchange 2010, the Windows PowerShell commands for setting and retrieving storage configuration have changed significantly.

CHKSGFILES DLL Now 64-bit only

Exchange 2010 is only available in 64-bit implementation. 32-bit implementations of the server are not available. Similarly, the CHKSGFILES DLL is available only as a 64-bit unmanaged DLL.

Single Copy Clustering Is Not Available

Exchange 2010 does not include support for Single Copy Clustering (SCC). If your Exchange 2007–compatible backup and restore application relies on SCC, you will need to modify the application to be compatible with Exchange 2010.

Log File Size Standardized

Exchange database log files are now each 1 MB in size. In earlier versions of Exchange, log files varied in size.

Wednesday, December 7, 2011

Exchange 2010 SP2 Released

Microsoft Exchange Server 2010 helps you achieve new levels of reliability and performance by delivering features that help to simplify your administration, protect your communications, and delight your customers by meeting their demands for greater business mobility.

Download Here

Monday, November 21, 2011

Windows Hotfix for DAG running Windows Server 2008 R2

This hotfix is strongly recommended for all databases availability groups that are stretched across multiple datacenters. For DAGs that are not stretched across multiple datacenters, this hotfix is good to have, as well. The article describes a race condition and cluster database deadlock issue that can occur when a Windows Failover cluster encounters a transient communication failure. There is a race condition within the reconnection logic of cluster nodes that manifests itself when the cluster has communication failures. When this occurs, it will cause the cluster database to hang, resulting in quorum loss in the failover cluster.
For more:

Friday, October 7, 2011

Exchange Management Console Troubleshooter

The EMTshooter runs on the local (target) Exchange server and attempts to identify potential problems with management tools connection to it.
The troubleshooter runs in 2 stages. First, it will look at the IIS Default Web Site, the PowerShell vdir, and other critical areas, to identify known causes of connection problems. If it identifies a problem with one of the pre-checks it will make a recommendation for resolving the problem. If the pre-checks pass, the troubleshooter will go ahead and try to connect to the server in the exact same way that the management tools would. If that connection attempt still results in a WinRM-style error, the troubleshooter will attempt to compare that error to a list of stored strings that we have taken from the related support cases that we have seen. If a match is found, the troubleshooter will display the known causes of that error in the CMD window. Download Here

Active Directory Replication PowerShell Module

The Active Directory PowerShell Module is great for managing users, groups and other resources in Active Directory. What is currently missing are cmdlets or functions to manage the replication infrastructure like sites, site links and subnets. This module provides script cmdlets for managing the ADReplication objects. Download Here

Exchange 2010 SP1 ExFolders

This new tool is really just a port of PFDAVAdmin to Exchange 2010. We changed the name to ExFolders because it no longer relies on DAV, and it's not just for public folders (even PFDAVAdmin, in its public release, was not just for public folders). The name just didn't make sense anymore, so we changed it to the easier-to-pronounce ExFolders.

Download Here

Development cadence in a cloud world

There are great lessons from the on-premises server world that we leverage for Exchange Online, such as commitment to enterprise grade quality, security, privacy and above all being grounded on customer needs. And, there are also some key differences between the two offerings, such as the release cadence. With an online service, there is the ability to make changes on a regular basis as many consumer services such as Bing and Windows Live do. For a business service like Exchange Online, we take a slightly different approach to our release cadence that draws from both customer feedback and our experience with enterprise software, while taking advantage of services flexibility.

for more:

TechEd Australia 2011 videos

Below are the TechEd Australia 2011 videos about various Exchange 2010 components and I would definitely recommend watching them.
  • Upgrading to Exchange 2010: Notes from Field - In this session Sofiane and Colin will provide notes from the field as they take you on a journey to upgrading your legacy Exchange environment. They will highlight the best practices you should consider as you plan your upgrade from Exchange 2003, Exchange 2007, as well as touch on migrating from alternative messaging platforms. Sofiane and Colin will cover the gotchas and pitfalls you are likely to encounter, and follow through with tips and tricks that experienced ITPros leveraged on a regular basis. Additionally they will look at some of the recommended tools, such as the Exchange Deployment Assistant, that will ensure you have a smooth upgrade to the latest version of Exchange.
  • Converged Exchange: A Blueprint for 2010 deployment - With the myriad of new capabilities in Exchange 2010, organisations are looking to their solutions providers to help them not only deploy the new platform but help them manage it. In this presentation, Tim Jones investigates the challenges faced with moving to 2010, migration options, configuration of Disk Access Groups and archiving solutions. He also discusses how Microsoft and Hitachi Data Systems joint reference architecture delivers Exchange 2010 as a “converged solution in a rack”.
  • Exchange Virtualisation - Is it right for you? - Many production Exchange Server deployments are virtualized. This is to achieve better hardware utilisation, provide operational flexibility or align with data centre deployment standards. As a business critical server application, it’s important to understand the implications of virtualising Exchange Server and ensure that deployments are aligned to Microsoft’s best practices and meet the ever changing business demands of a modern messaging service. This breakout session will cover what has been learned about the best ways to deploy Exchange Server in a virtual environment, the various virtualisation technologies that can impact Exchange Server user experience, and scenarios where virtualisation may not be the best choice. Also the differences between Exchange Server native data protection and the high availability and failover features offered by virtualisation stacks will be examined to help you make informed design decisions.
  • Load Balancing with Microsoft Exchange Server 2010 - Understand the Exchange 2010 requirements for load balancing. Review the pros and cons of current hardware-based load balancing solutions. Discuss the nuances of high-end/high-scale load balancing and the impact to Microsoft Exchange Server 2010.
  • Exchange Server 2010: High Availability Deep Dive - Go beyond the basics of Exchange High Availability and learn what’s really going on under the hood in an Exchange 2010 database availability group (DAG). This session covers the inner workings of DAGs, including a deep dive discussion on how DAGs rely on quorum and how the DAG witness and witness server are used. You’ll also gain a solid understanding of the inner workings of Active Manager and its best copy selection process.
  • Exchange Server 2010: High Availability Concepts - This session covers the basics of the new technologies, concepts, terms and methods used to plan, design, manage and troubleshoot Exchange high availability. Learn how settings like AutoDatabaseMountDial and Activation Preference work. Get an understanding of the basic functions of Active Manager, learn the difference between the Witness Server and the Alternate Witness Server, and more! 
  • Microsoft Office 365: From Simple Migration to a Hybrid Environment - Whether you’re looking to migrate all of your mailboxes to the cloud or planning to run a hybrid environment then this is the session for you. This presentation will cover how and when to take advantage of Simple Exchange Migration which supports migrating existing Exchange on-premise customers who want to move all of their mailboxes to the cloud with full data fidelity. You will also learn how rolling out an Exchange 2010 server in your current Exchange environment prepares you for seamless integration with Exchange Online. Whether you are piloting a few users or moving a large part of your workforce to the cloud, we give you the technical details on Exchange-to-cloud integration that you need to be successful.

Friday, September 16, 2011

Does the LSASS.EXE have enough memory, on your Domain Controller?

The Key performance of the DC (Domain Controller) is the how much of the database can be cached into the memory. The process is responsible from this task is the LSAAA.EXE caching mechanism, releases cache to free memory when OS requires it. The Domain controller who are not strong enough (low memory) will not be able cache as much and this will be noticeable performance issue on the Domain controller. Therefore it is a good idea to make sure the DC's have enough memory installed on them and the other processes are not eating up from DC memory.
The core Process LSASS.EXE is also responsible from replication, authentication, Net logon, and KCC. If the LSASS is not happy this is going to cause Busy and tired DC (Domain Controller). Any other process other than LSASS MUST is investigated on the domain controllers if they are utilizing most of the CPU resources on a Domain Controller.
The similar behavior in Exchange is the Store.exe if you remember.
What is LSASS.EXE, The LSAS management of local security authority domain authentication and Active Directory Management?
The Lsass.exe process is responsible for management of local security authority domain authentication and Active Directory management. This process handles authentication for both the client and the server, and it also governs the Active Directory engine. The Lsass.exe process is responsible for the following components:
  • Local Security Authority
  • Net Logon service
  • Security Accounts Manager service
  • LSA Server service
  • Secure Sockets Layer (SSL)
  • Kerberos v5 authentication protocol
  • NTLM authentication protocol
Lsass.exe usually uses 100 MB to 300 MB of memory. Lsass.exe uses the same amount of memory no matter how much RAM is installed in the computer. However, when a larger amount of RAM is installed, Lsass can use more RAM and less virtual memory
Try to use Server Performance Advisor V1.0 this is FREE Utility from Microsoft. Service Performance Advisor is a server performance diagnostic tool developed to diagnose root causes of performance problems in a Windows Server™ 2003 operating system

Free eBook: Microsoft Office 365: Connect and Collaborate Virtually Anywhere, Anytime

We are very excited to announce that we are able to offer Microsoft Office 365: Connect and Collaborate Virtually Anywhere, Anytime (ISBN 9780735656949), by Katherine Murray, as a free eBook.
For details on this book, including the Table of Contents, see our previous blog post here.
Updates to this eBook, as well as additional eBook formats, will become available in the future, so check this blog for updates.
To download your free PDF eBook, click here.

DAG: Beyond the “A”: An excellent Exchange 2010 DAG


We all know that in the Microsoft Exchange world DAG stands for “Database Availability Group”.
Database – because on a highly available Exchange 2010 Mailbox server, the database, not the server, is the unit ofavailability and it is the database that can be failed over or switched over between multiple servers within a DAG. This concept is known as database mobility.
Group – because the scope of availability is determined by Mailbox servers in a DAG combined in a failover cluster and working together as a group.
Availability – this word seems to be the least obvious and the most obfuscated term here (and also referred to by both other terms). Ironically, it has a straightforward mathematical definition and plays an important role in understanding overall Exchange design principles.
For more details Exchange Team Blog:

Friday, August 26, 2011

Exchange Server 2010 Design and Architecture document for upgrades

Creating a design document and explaining it is important to the customer is an integral part of planning an Exchange 2010 design. We are providing Exchange 2010 design document that you can us an upgrade checklist and you can decide which steps you need to take to have Exchange 2010 design that you and your customer can agree on.

Planning Phase

The planning phase enables the Exchange 2010 design consultant time to shade the detailed picture of what the end state of the upgrade will look like, and also to detail exactly how the network will evolve to this new state. The goal of the project are clear, what is in and what is out are documented, the resources requirement are defined, the timeline for the planning phase and an initial sketch of the risks are anticipated, and the budget is estimated.

Understanding the Existing Environment

Standard questionnaires are helpful to collect data on the different servers that will be affected by the upgrade. Normally, these all questionnaires are sent to the groups that mange the Exchange Server related system in various location as they have the best information on those system, including any issue they might have. First real look at the configuration of the existing hardware and network, if an organization has multiple exchange server in place, third-party add on application, multiple sites, security requirements , and it is essential to help to collect data on the different server that will be affected by the upgrade.

The discovery process typically starts with various interviews with the IT resources who are responsible for the different areas of the network and proceeds with a hands on review of the network configuration. External consultants often give the better result because they have extensive experience with different network setup.

You can check the network performance to assess at the same time to level of performance the end users whether they are accessing email, public folder, calendars from the company or home. This is also a good time getting the performance and bandwidth consumption and it is very important for new environment. You can also compare the previous performance data with new environment.

Existing network security policies might be affected by the upgrade, and should be reviewed. If AD is being implemented, group policies -- which define user and computer configurations and provide the ability to centralize logon scripts and printer access -- can be leveraged.

Anyone using Exchange Server is familiar with the challenges of effectively managing the data that builds up, and in grooming and maintaining these databases. The existing data-base structure should be reviewed at least briefly so the Exchange Server 2010 design consultant understands where the databases reside, how many there are and their respective sizes, and whether regular maintenance has been performed. Serious issues with the database(s) crashing in the past should be covered. Methods of backing up this data should also be reviewed.

Desktop configurations should be reviewed if the upgrade involves an upgrade to the Outlook client. If there are a variety of different desktop configurations, operating systems, and models, the testing phase might need to expand to include these.

Disaster recovery plans or SLAs can be vital to the IT department's ability to meet the needs of the user community, and should be available for review at this time.

Also review the remote and mobile connection to the messaging system; also check the OWA through secure channel (HTTPS)

To understand the messaging infrastructure in place as the foundation on which the upgrade will be built. New information might come to light in this process that will require modifications to the statement of the work document and always review the initial documentation at the end of a phase so that any changes can be fed back into the process, and you can determine if any tests need to be repeated as a result of the changes.

Understanding the Geographic Distribution of Resources

Exist Network diagrams should be reviewed to make sure they are up to date and contain enough information such as server name, roles, applications managed, switches, routers, firewalls, IP address information, gateway and so forth which are fully define the location and function of each device that plays a role in the upgrade. These diagrams can then be modified to show the end state of the project and also critical to these network diagrams is an understanding of not only the bandwidth rating of the connection, but also the average utilization. Connection latency also useful information for outlook 2007 and outlook 2010.

Existing utility servers -- such as bridgehead servers, front-end servers, domain name system (DNS) naming servers, and Dynamic Host Configuration Protocol (DHCP) or Windows Internet Naming Service (WINS) servers -- should be listed in these diagrams as well.

Companies with multiple sites bring added challenges to the table. As much as possible, the same level of information should be gathered on all the sites that will be involved in and affected by the messaging upgrade. Also, a centralized IT environment has different requirements from a distributed management model. It's important to fully understand these aspects of the environment to successfully plan for your upgrade.

If time permits, the number of support personnel in each location should be taken into account, as well as their ability to support the new environment. Some smaller sites might not have dedicated support staff and network monitoring, and management tools, such as System Center Operations Manager or System Center Configuration Manager might be required.

How is directory information replicated between sites, and what domain design is in place? If the company already has Active Directory in place, is a single domain with a simple organizational unit (OU) structure in place, or are there multiple domains with a complex OU structure? Global catalog placement should also be clarified. Did the existing Exchange Server environment span multiple administrative groups? Who managed what functions in each administrative group? Is this administrative model going to change in the new Exchange Server 2010 environment?

The answers to these questions directly shape the design of the solution, the testing phase, and the implementations process. Each decision made in the planning phase needs to support the orginal goals and object. When in doubt, always return to these goals and ask yourself if a particular decision is in line with those goals.

Planning Phase: Creating the Design Document

When the initial discovery work is complete, you can turn your attention to the Design document itself, which paints a detailed picture of the end state of the messaging system upgrade. In essence, this document expands on the Statement of Work document and summarizes the process that was followed and the decisions that were made along the way. When possible, include a little information on what the options were and why a particular decision was made. This helps other people to understand why decisions were made if they were not directly involved in the design process.

The second key deliverable in the planning phase is the Migration document, which tells the story of how the end state will be reached. Typically, these documents are separate, because the Design document gives the "what" and "why" information, and the Migration document gives the "how" and "when" information. This is a good example of writing documents slightly differently based on who the audience will be.

Collaboration Sessions: Making the Design Decisions

Just as the planning phase kicked off with discovery efforts and review of the networking environment, the design phase will start with more meetings with the stakeholders and the project team for collaborative design discussions. This process covers the new features that Exchange Server 2010 offers and how these could be beneficial to the organization as a whole and to specific departments or key users in support of the already defined goals.

The specifics of the upgrade should be discussed in depth, especially the role that each server will play in the upgrade. A diagram is typically created during this process (or an existing Visio diagram updated) that defines the locations and roles of all Exchange Server 2010 servers and any legacy Exchange servers that need to be kept in place. This includes plans for the number of mailbox servers, the number of client access servers needed to support the remote users, the placement of Edge Transport servers to allow for redundancy, and the placement of Hub Transport servers to ensure that mail can be routed efficiently.

The migration process should be discussed as well because it is likely to have the largest impact on the end users. This is the time to account for overlapping projects that might impact your Exchange Server 2010 rollout. Also pay careful attention to the availability of the resources you defined previously.

Disaster Recovery Options

Although a full disaster recovery assessment is most likely out of the scope of the messaging upgrade project, the topic should be covered at this phase in the project. Take this opportunity to review your existing disaster recovery plans for your existing environment and think about how it will need to change with the new design.

Most people would agree that the average organization would be severely affected if the messaging environment were to go offline for an extended period of time. Communications between employees would have to be in person or over the phone, document sharing would be more complex, communication with clients would be affected, and productivity of the remote workforce would suffer. Employees in the field rarely carry pagers any more, and some have even discarded their cell phones, so many employees would be hard to reach. This dependence on messaging makes it critical to adequately cover the topic of disaster recovery as it pertains to the Exchange Server messaging environment.

Existing SLAs should be reviewed and input gathered on the "real" level of disaster recovery planning and testing that has been completed. Few companies have spent the necessary time and energy to create plans of action for the different failures that could take place, such as power failures in one or more locations, Exchange Server database corruptions, or server failures. A complete disaster recovery plan should include offsite data and application access as well.

Design Document Structure

The Design document expands on the content created for the Statement of Work document defined previously, but goes into greater detail and provides historical information on the decisions that were made.

The following is a sample table of contents for the Exchange Server 2010 Design document:

Executive Summary

Goals and Objectives

Business Objectives

Departmental Goals


Overview of Process

Summary of Discovery Process

Exchange Server Design

Exchange Server 2010 Design Diagram

Exchange Mailbox Server Placement

Exchange Mailbox Replication

Exchange Client Access Server Placement

Exchange Edge Transport Server Placement

Exchange Hub Transport Server Placement

Exchange Unified Messaging Server Placement

Organization (definition of and number of Exchange Server organizations)

Mailbox Databases (definition of and number of)

Mixed Mode Versus Native Mode (choice and decision)

Global Catalog Placement (definition and placement)

Recipient Policies (definition and usage)

Server Specifications (recommendations and decisions, role for each server defined, redundancy, disaster recovery options discussed)

Virus Protection (selected product with configuration)

Administrative Model (options defined, and decisions made for level of admin)

System Policies (definition and decisions on which policies will be used)

Exchange Monitoring (product selection and features described)

Exchange Backup/Recovery (product selection and features described)

Budget Estimate

Hardware and Software Estimate

Some organizations choose to use the Design document to get competitive proposals from service providers, and having this information levels the playing field and results in proposals that promise the same end results.

For deep dive:

Orphaned Offline Address Book Recovery Process in Exchange 2010

In Exchange 2010, the generating server for your Offline Address Books (OAB) can change, under certain conditions, without any admin intervention. The process described here happens only on Exchange 2010.

An Offline Address Book (OAB) is a collection of address lists downloaded by Microsoft Outlook so users can access recipient information and select/resolve recipients when composing messages offline or in Cached Exchange Mode. Offline address book generation (OABGen) is the process by which Exchange creates and updates the OAB. OAB generation occurs during the scheduled time – daily between 5:00-5:15 AM by default. You can customize the schedule and specify the originating Mailbox server for each OAB. The originating Exchange server generates new OAB files, compresses the files and then places them on a local share for web distribution. See Understanding Offline Address Books for more details.

Orphaned OAB Recovery is part of OAB maintenance; the goal is to recover orphaned offline address books. Orphaned is defined as "at least 25 hours overdue for an update". This is calculated based on the LastTouchedTime and Schedule properties of the OAB.

A single Exchange 2010 Mailbox server is selected in the organization to perform the Orphaned OAB Recovery task, and all Exchange 2010 Mailbox servers know the selected server using the same algorithm:

All Exchange 2010 mailbox servers will log event ID 2001 in the Application event log, indicating that evaluation of OAB recovery has taken place:

Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2001
Task Category: Orphaned OAB Recovery
Level: Information

The server responsible for performing the OAB recovery scan is .
Event ID 2002 is logged on all Exchange 2010 Mailbox servers that are not selected to do OAB recovery:

Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2002
Task Category: Orphaned OAB Recovery
Level: Information
Because this server is not the one responsible for performing the OAB recovery scan, the task is exiting.
Events 2003 and 2004 are loggedOn the Exchange 2010 Mailbox server that is selected to perform OAB recovery:

Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2003
Task Category: Orphaned OAB Recovery
Level: Information
 Orphaned OAB recovery scan has begun.

Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2004
Task Category: Orphaned OAB Recovery
Level: Information

Orphaned OAB recovery scan has been completed.

Event ID 2005 is generated on selected server if no orphaned offline address books are detected:
Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2005
Task Category: Orphaned OAB Recovery
Level: Information

No orphaned offline address books were found.

Event ID 2006 is generated on the selected Mailbox server when an orphaned OAB has been detected:
Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2006
Task Category: Orphaned OAB Recovery
Level: Warning


orphaned offline address books were found. The OAB Maintenance Servicelet will attempt to move these offline address books to functioning servers.
 Then Recover Orphaned OAB Process is executed on the selected server and event ID 2007 is logged for each orphaned OAB detected:

Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2007
Task Category: Orphaned OAB Recovery
Level: Information

The offline address book \Default Offline Address Book was successfully moved to server .
Tracking Offline Address Book Moves
To move the orphaned OAB to the selected Mailbox server, the process executes a Move-OfflineAddressBook command for each orphaned OAB using the system account [NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)"].

Note: You can also use the cmdlet to manually move the OAB generation process to another Mailbox server.
This command searches the admin audit log for all such moves between 1/5/2011 and 5/5/2011:

Search-AdminAuditLog -StartDate 01/05/2011 -EndDate 05/05/2011 -Cmdlets Move-OfflineAddressBook
RunspaceId : 34b7d8a3-5c29-4b94-9d9a-143b84a02416
ObjectModified : \ Default Offline Address Book
CmdletName : Move-OfflineAddressBook
CmdletParameters : {Identity, DomainController}
ModifiedProperties : {Server, LastTouchedTime}
Caller : NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)
Succeeded : True
Error : None
RunDate : 23/04/2011 13:21:00
OriginatingServer : (14.xx.xxxx.xx)
IsValid : True
Caller is "NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)"

In Exchange 2010, the Offline Address Book generating server can be changed with no admin action if specific OAB is deemed orphaned. Event ID 2006 [MSExchange OAB Maintenance] needs to be monitored.

Event ID 2007 [Source: MSExchange OAB Maintenance] will give us the information about what has changed as part of this process.

You can find the OAB recovery server by using the following steps:
Restart “Microsoft Exchange Service Host” service on one of mailbox servers

Check event ID 2001 logged by MSExchange OAB Maintenance in the Application event log:
Log Name: Application
Source: MSExchange OAB Maintenance
Event ID: 2001
Task Category: Orphaned OAB Recovery
Level: Information


The server responsible for performing the OAB recovery scan is .

Thursday, August 25, 2011

Exchange Server and Update Rollups Builds Numbers

Now you can track Exchange Server and Update Rolups Builds

you with a central resource for build numbers and release dates for versions of Microsoft Exchange. You can use the information in this topic to verify the version of Exchange that is running in your organization

Details are below:

Exchange Server 2010 Service Pack 2 (SP2)

Microsoft announces that in the second half of calendar year 2011 to be releasing Exchange Server 2010 Service Pack 2 (SP2). With SP2, the following new features and capabilities will be included:

1. Outlook Web App (OWA) Mini

2. Cross-Site Silent Redirection for Outlook Web App

3. Hybrid Configuration Wizard

4. Address Book Policies

5. Customer Requested Fixes

Details on “The Exchange Team Blog:

Update Rollup 5 For Exchange 2010 SP1 Released

Update Rollup 5 For Exchange 2010 SP1 Released…

Microsoft has released update rollup 5 for Exchange 2010 SP1, as promised by end of August.

Download the rollup here

Availability of this update on Microsoft Update is planned for late September. Update Rollup 6 for Exchange Server 2010 Service Pack 1 is currently scheduled to release in October 2011.

As always, disable forefront (fscutility /disable) before running the update rollup and enable it (fscutility /enable) afterwards. Otherwise, Microsoft Information Store and Transport service will not start after applying the rollup.

Friday, July 1, 2011

Move Exchange 2003 database in new disk in Cluster Environment.

How to move shared cluster resources to new hard disk drives by using the same drive letters in Exchange 2003 in a clustered environment

Understanding Exchange Server 2003 Clustering

Restoring Exchange Server 2003

Documenting your Exchange Server 2003 Environment

To successfully restore or recover any aspect of your Exchange Server 2003 environment, it is important that you document the following:

• The Exchange Server 2003 environment

• The backup process

• The recovery process

A well-documented or complete Exchange Server 2003 environment document should include the following information:

• The Exchange server name.

• The Windows version and service pack running on your servers.

• The Exchange version and service pack running on your servers.

• The Exchange organization name

• Site names

• Database names and sizes.

• Database locations

• Storage group names.

• Public folder name

• Public folder replication process

• Global Catalog server names

• Global Catalog server locations

• Configured administrative rights

• All security delegations

Recovering from Site Failures

To recover an Exchange server in a site which becomes unavailable, you have to create redundant sites. A redundant site can have a secondary Internet connection and bridgehead routing server configured. Then, when the primary site becomes unavailable, the secondary site would continue to provide email communication.

A few recommendations for creating site redundancy or a failover site are listed here:

• You should use the appropriate hardware devices. The servers should have sufficient disk space and processing capabilities.

• You should create one copy of backup tape medium for each site, at a minimum. Backup copies should be stored offsite as well.

• Ensure that recovery documentation is stored offsite as well.

• You should also have redundant DNS servers registered for the domain. DNS servers should be located at each physical location.

When failing over between sites, you have to ensure that all Exchange server dependencies are also failed over so that they can be failed back when you need to perform a restore. This includes:

• DNS servers

• Domain controllers.

• Global Catalog servers

Recovering from Boot Failures

There may be occasions when a Windows Server 2003 system that has a service/application start-up issue could result in the server not completing a normal bootup sequence. This basically means that the Windows operating system is unavailable while the issue persists.

To assist administrators in restoring a server to a state where it can be accessed, Windows Server 2003 includes a few alternative bootup options.

The Windows Server 2003 advanced boot options are:

• Safe Mode: When you are experiencing difficulty starting the computer, you can use the Safe Mode advanced boot option to start Windows with the minimal or basic files and drivers needed for the computer to start. Safe mode is therefore useful to sort out driver problems. To select Safe mode, press F8 when prompted to choose the OS to start. The advanced options for booting Windows are displayed next. When the computer starts in Safe mode, the background screen is black. Safe mode is displayed in each corner of the screen.

• Safe Mode with Networking: This advanced boot mode starts the computer in Safe mode but includes support for networking.

• Safe Mode with Command Prompt: If you select the Safe Mode with Command Prompt advanced boot option, Windows starts in safe mode with networking but with a command-prompt window displaying.

• Enable Boot Logging: This mode creates a log file, Ntbtlog.txt, which details the drivers and services which loaded/failed during the boot process. The mode can be used if you need to find out what is causing the system to fail. Ntbtlog.txt is located in the %WinDir% folder.

• Enable VGA Mode: This mode is typically used when you need to change the screen resolution to one that is supported, or when a bad display driver was installed, because it starts Windows with the standard VGA driver.

• Last Known Good Configuration: This mode utilizes registry information from the last time Windows was shut down to start Windows. Any changes that was made after the last time Windows started is lost when you use the Last Known Good Configuration mode

• Directory Service Restore Mode: Windows is started in safe mode with networking when the Directory Service Restore Mode is selected. Directory Service Restore Mode also restores the SYSVOL and Active Directory directory service on the domain controller.

• Debugging Mode: Windows is started with debug information being transmitted to a different computer through a serial cable connection.

• Recovery Console: This Windows advanced boot option boots to the Recovery Console command line if the Recovery console is installed.

You can either use the Default configuration or the LastKnownGood configuration to start a Windows based computer. The Default configuration contains configuration data that is saved when the computer shuts down. The LastKnownGood configuration contains configuration information that is saved when a successful logon occurs. When you execute any configuration changes, they are recorded in the current control set. The kernel copies the information in this control set to the clone control set when the computer reboots. After a successful log on to Windows, the information in the clone control set is copied to the LastKnownGood control set.

The last known good process can be used to recover the configuration when a driver is problematic, and you cannot reboot. The process uses the LastKnownGood control set to boot Windows. You would typically use the Last Known Good Configuration Option in the Advanced Options Menu when you install a device driver, and the system fails to respond after you restart Windows; or when you unintentionally disable a critical device driver.

How to install the Recovery Console

1. Place your Windows installation CD in the CD-ROM drive

2. Open a command session/window

3. Navigate to the I386 directory or folder on the CD

4. Proceed to run winnt32 /cmdcons.

5. A Window next opens that contains a Recovery Console warning message.

6. Click yes to install the Recovery Console. When you install the Recovery Console, the cmdcons folder is created in the root directory. You are actually booting to the Windows installation CD when you boot via the files in the cmdcons folder. The Partition Boot Sector is also copied from the Windows system volume to the cmdcons folder. The file it is copied to is Bootsect.dat. The Recovery Console installation process also places Cmldr at the root of the boot partition. Cmldr is an alternative bootstrap loader. The Boot.ini file is also changed to contain the alternative for booting to the Recovery Console.

7. A Successful Completion message is displayed after the recovery console files are installed.

How to run the Recovery Console

1. Place the Windows Installation CD-ROM in the CD-ROM drive, and proceed to restart the computer.

2. Press Enter when the Setup program shows the Setup Notification message.

3. Press R to repair your existing Windows installation.

4. To start the Recovery Console, press C

5. If applicable, select the installation that should be repaired.

6. Insert 1, and then press Enter

7. When asked to provide the Administrator password, type it, and then press Enter.

8. You can enter the help command to view the available command options

9. After you have completed with the repair, enter the exit command. Press Enter

10. The exit command exits the console, and also restarts the computer.

How to use the Last Known Good Configuration Option

1. Shut down and restart the computer

2. Press F8 when prompted to select the OS to start.

3. The Advanced Options Menu screen is displayed.

4. Choose the Last Known Good Configuration option on this screen.

How to boot using the emergency repair disk

you would typically use the emergency repair disk when you cannot boot using one of the advanced boot options.

To boot using the emergency repair disk

1. Boot from the Windows Installation CD-ROM or from the Windows setup disks.

2. Press R to repair your Windows installation

3. Press R to use the emergency repair process to repair your Windows installation

4. Press F to use the Fast Repair option. Fast Repair automatically repairs system files, the boot sector, and registry and startup problems.

Recovering Active Directory

When it comes to restoring Windows Server 2003 Active Directory, you can use one of the following restore methods:

Normal Restore: In Windows 2000, this was your Non-Authoritative restore method. A Normal restore functions pretty much the same as a Non-Authoritative restore. With a Normal restore, the Backup utility is run on the computer while in Directory Services Restore Mode. After the domain controller is rebooted, normal replication occurs with replication partners.

A normal restore is typically performed when the following conditions exist:

o A domain has multiple domain controllers, and only one domain controller is operational. You can use a Normal restore to restore all other domain controllers in the domain.

o A domain has a single domain controller, and that domain controller has to be restored. You can also choose to alternatively perform a Primary restore of Active Directory.

• Authoritative Restore: An Authoritative restore of Active Directory has to be performed in cases where a Normal restore would not be able to return Active Directory to the correct state. For instance, if an organizational unit was deleted in error, a Normal restore would only result in the particular OU being deleted once again, after replication. This is basically due to the replication partners having a higher version number for the particular OU. An Authoritative restore has a similar process to that of a Normal restore, the difference being that after system data is restored, you define certain Active Directory objects as being authoritative. When Active Directory objects are defined as authoritative, the particular objects have the higher version numbers. This result in these objects being replicated to the other domain controllers copies of the Active Directory database.

• Primary Restore: The Primary restore method is used when each domain controller within a domain hosting multiple domain controllers, needs to be restored. What this means is that the entire domain has to be reconstructed from the Active Directory backup. This method can also be used to restore Active Directory for a domain that only has one domain controller. The Primary restore method is selected in Windows Server 2003 Backup utility by merely enabling the Primary restore method checkbox. This removes previous complexities associated with performing this type of restore in Windows 2000. The Primary restore process is also very similar to that performed for a Normal restore of Active Directory.

How to restore the Active Directory database to a single domain controller

1. Reboot the computer

2. During startup, press F8 when prompted to, and then select Directory Services Restore Mode (Windows DCs only) from the Windows Advanced Options menu. Press Enter.

3. Choose the operating system that should be started. Press Enter.

4. When the Safe Mode logon prompt appears, enter the appropriate local administrator account information, and then click OK.

5. Click OK when a message appears, advising that Windows is running in Safe Mode.

6. Click Start, All Programs, Accessories, System Tools, and then click Backup.

7. On the initial page of the Backup or Restore Wizard, click Next.

8. Ensure that the Restore files and settings option is selected on the Backup Or Restore page. Click Next.

9. On the What to Restore page, choose the backup which you want to use for the restore process. Click Next.

10. Click Finish to immediately start a normal restore of Active Directory. If you want to configure advanced option settings, click Advanced, and not the Finish button.

11. When the Where to Restore page appears, choose one of the following options from the Restore files to list box:

o Original location, this default setting restores files to their original locations.

o Alternate location, if selected, you can specify a different location to which the files should be restored.

o Single folder; this option restores files to a single directory.

Click Next.

12. Click OK if a message is displayed, warning you that a restore of system state data overwrites existing system state data.

13. When the How to Restore page opens, choose between the following options:

o Leave existing files (Recommended); select this option if you do not want the restore to overwrite any existing files.

o Replace existing files if they are older than the backup files; if selected, files older than the backup files are replaced.

o Replace existing files; this option replaces all existing files with the backup files.

Click Next.

14. When the Advanced Restore Options page is displayed, you can select the following options:

o Restore security settings; is enabled by default. If you disable this checkbox, all files would be restored without any permissions.

o Restore junction points, but not the folders and file data they reference; when selected, the restore process is able to restore information on mounted drives.

o Preserve existing volume mount points; when selected, existing mounts are protected on the volume.

o Restore the Cluster Registry to the quorum disk and all other nodes; if applicable for this domain controller, the cluster quorum database is restored.

o When restoring replicated data sets, mark the restored data as the primary data for all replicas; this option should be enabled if you are performing a Primary restore of Active Directory.

15. Click Next. Click Finish to start the Normal Restore of Active Directory

How to perform an Authoritative Restore of Active Directory

1. Perform a Normal Restore of Active Directory.

2. When prompted to restart the server, click No and then close the Windows Backup Utility.

3. Click Start, Run, and enter cmd in the Rn dialog box. Click OK.

4. To open the Ntdsutil command-line utility, enter ntdsutil.

5. Enter authoritative restore.

6. To specify Active Directory, or components of Active Directory as authoritative, use one of the following methods:

o Enter restore database; this sets the domain and all configuration containers as authoritative.

o Enter restore subtree, together with the distinguished name of the Active Directory object you want to mark as authoritative.

o You can use the verinc option with either of the above commands, to explicitly set the version number. The option is useful when a different Authoritative restore needs to be performed on an existing Authoritative restore.

7. When the Authoritative Restore Confirmation dialog box appears, asking whether the Authoritative restore should be performed, click Yes.

8. Enter quit, and enter quit again to close the Ntdsutil command-line utility.

9. Proceed to reboot the server.

Recovering IIS Metabase Data

To recover IIS metabase data:

• Open the IIS Manager.

• Right-click the IIS server whose metabase data you want to restore, select All Tasks from the shortcut menu, and then select Backup/Restore Configuration.

• The Configuration Backup/Restore dialog box opens. The Configuration Backup/Restore dialog box displays the following information:

o The initial configuration backups created when IIS was first installed.

o All manually created backups.

o All history files.

• Select the backup that you want to use for the restore and then click the Restore button to start the restore of the metabase data.

• Click Yes to start the restore.

Recovering from Complete Server Failures

• Exchange Server 2003

• Windows Server 2003

To prepare to recover an Exchange Server 2003 server, you have to follow the requirements summarized below:

• Replace all failed hardware.

• The following installation CDs have to be available:

o Windows 2003 installation CD

o Exchange Server 2003 installation CD

• Full backups of the system drive should exist and be available

• You should have backups of each Exchange Server 2003 database.

• A Windows 2003 system state backup set should be available.

• Each member server object should exist in Active Directory.

• For an only domain controller in a domain, you should have a backup of the specific domain controller.

How to manually restore a system

1. Start by installing a new operating system (same version) on the original system hardware and disk volume.

2. Next, name the system using the same name as the original server. Do not join the domain at this point.

3. Perform a basic installation â€" do not install any additional services during the installation of the operating system.

4. Install all necessary hardware drivers.

5. Update the operating system with all necessary service packs and security patches.

6. Open the Disk Management console and then create the disk volumes needed. Format the disk volumes correctly and assign the proper drive letters.

7. Proceed to join the server to the domain.

8. Install any needed additional services or applications.

9. Install Exchange Server 2003. You should use the same version of Exchange which was previously installed.

10. Install all necessary Exchange service packs.

11. You can at this point restore the Exchange dta to the server.

12. Start a full backup of the restored system.

How to back up system state data

1. Open the Windows Backup utility.

2. Start the Backup Or Restore Wizard.

3. Click next on the Welcome To The Backup Or Restore Wizard page.

4. When the Backup or Restore page opens, select the Back Up Files And Settings option and click Next.

5. Select the Let Me Choose What To Back Up option on the What To Back Up page and click Next.

6. Using the Items to Back Up box, select the System State checkbox. Click Next.

7. In the Choose a Place to Save Your Backup box, set the location of the backup.

8. In the Type a Name for This Backup box, set the name of the backup. Click Next.

9. Click Report to verify that no errors have been encountered.

How to restore System State data

1. Open the Windows Backup utility.

2. Open Advanced mode by clicking the Advanced Mode option

3. Select the Restore and Manage Media tab.

4. Expand the media and backup to use for the restore.

5. Enable the System State checkbox.

6. Use the Restore Files list to choose Original Location.

7. Click the Start Restore option

8. Click OK to verify that the restore will overwrite the existing System State.

9. Click OK on the Confirm Restore message box to start the restore process.

10. Click the Report button to examine the restore report log

How to replicate restored data across the domain

To replicate restored data across the network, use the steps detailed next. The domain controller server has to be shut down when you begin this process.

1. Proceed to restart the domain controller server

2. Press F8 when the Please Select The Operating System To Start option is displayed

3. This action displays the Advanced Options Menu

4. Choose Directory Services Restore Mode

5. Once the system starts, restore System State data and any other necessary files using the Windows Backup tool

6. When the data is restored, use the Ntbackup command-line tool to specify objects as authoritative. This has to done prior to restarting the server

7. Restart the server to replicate the data across the domain

How to perform an ASR restore

1. Restart the Computer

2. Insert the Windows XP Professional or Windows Server 2003 installation CD-ROM in the CD-ROM drive.

3. Enter the text-mode part of setup

4. When prompted, press F2 to start the Automatic System Recovery process.

5. When prompted, insert the Windows Automated System Recovery disk into the floppy drive and then press any key to continue.

6. Setup prepares for the Automated System Recovery.

7. The basic version of the operating system is next loaded.

8. Setup now proceeds to copy files to the hard drive, and then restarts the computer.

9. The Automated System Recovery Wizard appears automatically, requesting the backup location.

10. Select the backup location to continue with the remainder of the setup.

11. After the Automated System Recovery process completes, the Backup utility opens automatically to restore the system.

How to restore an Exchange Server 2003 member server

1. If you are able to access the hard disks of the problematic Exchange server, then you should copy the Exchange Server 2003 database files on the server to a different location.

2. Next, if necessary, replace all damaged hardware.

3. Proceed to install Windows 2003 on the server.

4. Restore the Windows backup set to restore the Windows 2003 system files and registry database, and the IIS metabase files.

5. Install all necessary service packs and software updates.

6. Install all applications on the server.

7. You can now run Exchange Server 2003 Setup in Disaster Recovery mode to install the Exchange applications and Exchange files. The configuration information of the original server that you recovered includes:

o Storage group names

o Mailbox store names

o Public folder store names

o Virtual server configuration

8. Verify that each component which existed on the damaged server is selected for Disaster Recovery.

9. Install Exchange Server 2003 to the same drive and directory.

10. Install any Exchange Server service packs and hotfixes.

11. Restore the Exchange Server 2003 databases.

Recovering Exchange Databases and Data

If you have created copies of the database files which you want to restore, you should perform a recovery using the online backup. The Exchange Information Store (IS) service controls the restore process.

The various functions that occur in the restore process are listed here:

• Existing database files are replaced with restored database files.

• The restored database files of the backup media are copied to the temporary log directory.

• The Restore.env file is created for each restore operation, in the same directory as the log files which were restored through the backup media.

• The log file signature of the temporary log files are checked to determine whether the restored log files match with the storage group which manages the database.

• Replays and applies the restored log files to the database.

• Replays and applies the log files of the active storage groups to the database.

• Removes the log files from the temporary log directory.

You can also restore multiple stores to multiple storage groups simultaneously. This is done by running multiple instances of the Windows Server 2003 Backup utility. To do this, you need to perform the following tasks:

• You have to restore each backup set from backup media, to its own individual temporary log directory.

• The Last Backup Set checkbox should not be selected.

• You have to use the Last Backup Set option to initiate recovery.

• You then have to run the utility with the /cc switch in each temporary directory.

If you need to recover mailboxes where the default retention period of the mailbox retention option has passed, you would have to use a recovery server and perform the following activities:

• Install a recovery server in an Active Directory forest other than the one that the current server is located in.

• Install Exchange Server 2003 on the recovery server. The same organization name previously used should be used.

• Recover the database to an administrative group.

• The restore storage group and the restore logical database should have the same name as the original storage group and logical database.

• Create a .pst file.

• You can now move all data that you need to recover to the .pst file.

• Open the .pst file on the production Exchange server and then copy the data to the appropriate location.

One method of recovering mail from a corrupt database is to move the affected mailboxes to another server in the Exchange site. When you move mailboxes, all the components listed here are moved:

• Mail and mailbox information

• Contacts

• Calendar

When the mailbox information is moved to the other server, the information is defragmented. Corruption is not migrated with the move.

If you need to recover a public folder, then you should use the process outlined below:

• Install and configure a recovery server.

• You can use the Windows Server 2003 Backup utility to restore the public folder store.

• Open Outlook and copy the public folder to a .pst file.

• On the production Exchange server, copy the .pst file into your profile.

• Copy the folder back to the public folder tree.

With OWA 2003, you can recover deleted Outlook items that have been removed from the Deleted Items folder. You can only though recover these items if the purge date configured on the Exchange server has not passed.

How to restore the Exchange database files (from tape)

1. Open the Windows Backup utility.

2. Click the Advanced Mode link to run the Backup utility in Advanced mode.

3. Click the Restore Wizard (Advanced) button.

4. The Restore Wizard initiates.

5. Click Next on the Welcome To The Restore Wizard screen.

6. The What to Restore page opens.

7. Select the backup medium and then expand the items.

8. Select the .edb and .stm files.

9. Click Finish on the Completing the Restore Wizard page.

10. The restore of the Exchange database files starts.

11. Access the Restore Progress dialog box to view the backup log information.

How to move mailboxes between servers in an Exchange site

1. Open Exchange System Manager.

2. Navigate to and select the Administrative Group that contains the mailboxes which should be moved.

3. Select each mailbox which should be moved.

4. Click the Action menu and select Exchange Tasks.

5. Click Next on the Exchange Task Wizard welcome page.

6. On the Available Tasks page, select the Move Mailbox option and then click Next.

7. The Move Mailbox page is displayed.

8. The existing location of the mailbox is displayed in the Current Mailbox Store textbox.

9. Use the Server drop-down list box and the Mailbox Store drop-down list box to specify the new location for the mailbox. Click Next.

10. On the following page displayed, you have to specify how Mailbox Move handles corrupted messages in the mailbox.

11. Click Next to start the mailbox move process.

12. Click Finish.

How to recover deleted items using Outlook Web Access

1. Open Outlook Web Access.

2. Navigate to the Outlook Options area.

3. Navigate to the Recover Deleted Items area.

4. Click View Items.

5. The Recover Deleted Items dialog box opens.

6. Select each item that you want to recover.

7. Click the Recover button.

8. Click Close.

9. All items specified to be recovered will be displayed in the locations from where they were previously deleted.

10. If you want to purge items completely, then you have to select the Permanently Delete option. After this option is selected, you will be unable to recover those items in the Recover Deleted Items dialog box.

11. Click OK.

12. Click Close.

Restoring Mailboxes using Exmerge.exe

Once a database is restored to the Recovery Storage Group, the ExMerge utility (Exmerge.exe) can be used to move the mailbox data to the storage group. A Recovery Storage Group cannot be accessed by users because the group is disconnected. You can recover one mailbox or recover the entire database.

The requirements listed here have to be met to use a Recovery Storage Group:

• The Recovery Storge Group must be created on the Exchange server.

• The account which you are using must have the following permissions on all Exchange mailboxes:

o Receive As permission

o Send As permission

• The original database and mailbox should exist in Active Directory.

The process for using a Recovery Storage Group to restore mailbox data is outlined here:

• Create and configure the Recovery Storage Group on the Exchange server: To do this, you have to complete the following steps:

o Configure the Recovery Storage Group using the context menu of the server object.

o Set the transaction log location.

o Set the system path location.

o Add the database which you want to recover to the Recovery Storage Group

• Restore the mailbox database to the Recovery Storage Group: To do this, you have to complete the following steps:

o You should use a backup and restore application to restore the mailbox database to the Recovery Storage Group.

o Choose the database and log files that should be restored.

o Specify the temporary file directory.

o Mount the store once the restore has completed.

• Merge the mailbox data of the restored database to the original database: To do this, you have to complete the following steps:

o Start Exmerge.exe and then initiate the Microsoft Exchange Mailbox Merge Wizard.

o Using the various prompts of the Exchange Mailbox Merge Wizard, define the export method.

o You also have to specify the source and destination server.

o Specify the databases within the Recovery Storage Group for restoring.

o Specify a single mailbox to restore, or specify multiples mailboxes.

o Select the temporary folder

o After completing the Exchange Mailbox Merge Wizard, data is copied from the mailboxes in the recovery database and merged with the appropriate mailboxes of the original database.

How to run the Exchange Mailbox Merge Wizard

1. Install the Exmerge.exe and Exmerge.ini on the server.

2. Start Exmerge.exe.

3. The cc initiates.

4. Click Next on the Exchange Mailbox Merge Wizard Welcome page.

5. On the Procedure Selection page, select the Extract And Import (One-Step Procedure) option, and then click Next.

6. On the Source Server page, select the source server.

7. To control how the mailbox merge procedure runs, click the Options button.

8. A dialog box is displayed, displaying a number of tab (pages) which can be used to define a number of options.

9. On the Data page, you can define settings that control how much data is migrated. The default option is that the User Messages And Folders checkbox is enabled. Select which additional data should be included in the migration.

10. On the Import Procedure page, you can specify how the migrated data is written to the destination mailbox.

11. On the Folders page, you can specify which folders in the mailbox are included in the migration procedure. The default setting includes all folders in the migration. Specify which folders should be part of the migration process.

12. On the Dates page, you can specify that only messages that fall within a certain date period are included in the migration procedure. The default setting includes all messages in the migration â€" the date is not considered.

13. On the Message Details page, you can specify that only specific types of messages are included in the migration, based on criteria such as mssage subjects or attachment names.

14. Click OK and click Next.

15. On the Destination Server page, specify the name of the destination server for the migration and then click Next.

16. On the Mailbox Selection page, select the mailbox in the available list that should be migrated, and then click Next.

17. If you are migrating mailboxes to a server in a different local, specify the appropriate option in the available list and click Next.

18. On the Target Directory page, select the folder that should be used to store the temporary files utilized in the migration. Click Next.

19. Specify whether these settings should be saved or not saved, and then click Next.

20. The Process Status window opens, showing the status of the migration procedure.

21. Click Finish.

Restoring Exchange Server 2003 Clusters

The common restore processes that you would need to perform when restoring Exchange Server 2003 clusters are listed here:

• Recover a server node in the cluster: The Exchange resources of a failed cluster node are moved to another online node in the cluster. This basically means that the Exchange databases can continue to be accessed by the Exchange virtual server from the other node. If you need to remove the failed cluster node from the cluster and replace it with another node, you can use the process below as a guideline:

o Using Cluster Administrator, evict the server node from the cluster.

o Create and install the new server node.

o Rejoin the node to the cluster

o Install Exchange on the node.

o Move the Exchange resources to this node.

• Recover a cluster quorum disk resource: You can use the process below as a guideline for recovering from a cluster quorum failure:

o On each server node in the cluster, stop the Cluster Service.

o Restore the system state data that holds the cluster quorum disk, using the Windows Backup utility.

o Run the Clusrest.exe Resource Kit tool to restore the backup to the cluster quorum disk.

• Recovering the shared disk resource that contains the Exchange databases:

o Ensure that the Do Not Mount At Startup check box for the databases that you want to restore is selected, for the databases residing in the cluster.

o Proceed to restore the Mailbox store form the backup.

o Check that the databases have been mounted.

o Check the content of the Event log.

o Deselect the Do Not Mount At Startup checkbox for each database that is restored.

How to pause and resume a node

1. Click Start, Administrative Tools, and then click Cluster Administrator.

2. In the left pane, select the node which you want to pause.

3. Select the Pause Node command from the File menu item.

4. To resume the node that was paused, click Start, Administrative Tools, and then click Cluster Administrator.

5. In the left pane, select the node which was paused.

6. Select the Resume Node command from the File menu item

How to evict a server node from the cluster

1. Click Start, Administrative Tools, and then click Cluster Administrator.

2. Stop Cluster Service running.

3. Select the Evict Node command from the File menu item.

4. Remove the node from the shared bus.

5. Uninstall Cluster Service.

6. Proceed to do the necessary maintenance tasks.

7. When done, connect the node to the shared bus.

8. Install Cluster Service, and then join the cluster.

Best Practices for Restoring Exchange Server 2003

A few best practices for restoring Exchange Server 2003 are listed here:

• The Exchange environment should be documented so that the time needed to perform a recover is kept to a minimum.

• All Exchange Server 2003 administrators should have sufficient knowledge to perform an Active Directory recovery. This is important because Exchange Server uses Active Directory for its user directory.

• To protect and prepare your environment from an Exchange site failure, consider implementing a failover site capability.

• When it comes to corrupt databases, one method of recovering mail from a corrupt database is to move the affected mailboxes to another server in the Exchange site. This strategy results in the Exchange system still being operational.

• To simplify the Exchange recovery process, run Exchange Server 2003 Setup in Disaster Recovery mode to install the Exchange applications and Exchange files.

• If you do not want to perform a database repair, you should use the ExMerge utility (Exmerge.exe) to move mailbox data to a storage group on a new server. Any corrupt information will be left on the other system.

• If you want to simplify the process of recovering information from backup, you should create and use a recovery storage group.

• You can use the Eseutil utility and Isinteg utility, which are Exchange maintenance tools, to perform offline Exchange database maintenance tasks. Use the tools to maintain database integrity and test databases. The Eseutil utility can be used to perform maintenance tasks for both Active Directory databases and Exchange databases. Be careful when using these tools to repair corrupt databases – you could end up with data loss issues.