Exchange Server Disaster Recovery Real Record (2) TYPE: Exchange and Mail Server Time: 2004-11-29Author: HaohuURL: N / AHIT: 9 DayHit: 1 WeekHit: 1 Exchange Server Disaster Recovery Real Record (2) Time: 2004 -11-22 17:14:42 source http://blog.mvpcn.net/haohu author: haohu votes: 7 level: Hits: 204 [3] using the consistency adjuster Exchange in 2000, Mbconn.exe utility provides The same function. For more information, see "Mailbox Reconnect Help" file (MBCONN.CHM), which is located in the / ExchsrVR / Server / Support / Utils / i386 folder. You can use Eseutil with the / g switch to verify the integrity of the information store. [4] Using the Exchange 2000 Directory Service Integrity Checkproof (E2kdsinteg) E2kdsinteg Utility is initially included in Exchange 2000 SP2. After installing and running the Exchange 2000 or Exchange 2000 Active Directory Connector (ADC), this utility will report the operating status of Active Directory. The E2kdsinteg utility generates a simple report in the format of the text file, which records exceptions or suspicious objects. E2kdsinteg does not change any object in Active Directory. Depending on the number of objects and configuration objects that support mail in Active Directory, the object that handles the mail may require a considerable amount of time. In our example, this step is slightly since the Exchange Server information in Active Directory is not damaged. 3, repair IIS and OWA [1] Repair DCOM error users are always taunt. Fortunately, Exchange Server provides us with a variety of email access methods. We can use the Exchange client, you can also use Outlook to send and receive messages through RPC connections; you can use mail clients such as Outlook Express to send and receive emails through POP3 / SMTP / IMAP protocol; you can also use any support SSL Web clients such as Internet Explorer send and receive emails through OWA. In this example, we have applied OWA to serve customers who cannot use Outlook clients or POP3 / SMTP clients. We reinstall OWA, but it doesn't work properly: you can't open any non-static pages at all.
After investigation, each time we ask for access to a directory that requires the script, you will leave the following log in the system log: Event ID: 10004 Source: DCOM DCOM GOT Error "Logon Failure: Unknown User Name OR BAD Password." And Was Unable to logon ./IWAM_MYSERVER in order to run the server: {3D14228D-FBE1-11D0-995D-00C04FD919C1} Event ID: 36 Source: W3SVC The server failed to load application '/ LM / W3SVC / 1 / Root / Conferencing' The. error was 'The server process could not be started because the configured identity is incorrect Check the username and password.' For additional information specific to this message please visit the Microsoft Online Support site located at:. http://www.microsoft.com /ContentRedirect.asp. This may have two reasons: (a) Component service COM account information stored in IIS Metabase, synchronized by Active Directory, but COM will not be updated automatically. If the Windows 2000 component service and the Internet Information Services (IIS) process are not synchronized, IWAM_ Accounts and IIS Metabase do not synchronize the above logs. IIS provides synciwam.vbs script to synchronize IWAM_ account and IIS Metabase. This script is located below inetpub / adminsscripts. You can run the script using CScript or WScript. Run SynciWam.vbs: C: / INETPUB / Adminscripts> CScript SynciWam.vbs -v can see the script successfully performed using CScript. Run SynciWam.vbs: C: C: / INETPUB / Adminscripts> wscript c: /inetpub/adminscripts/synciwam.vbs -v can see the script successfully executed under the interface of the graphics. (b) The password IWAM_ is IIS for executing a script, although we have never set a password for it, but it does use a password. Although this account is local, it will be saved in Active Directory. If the password stored in the Active Directory is inconsistent with the IIS Metabase, the account will not be able to start the IIS's scripting process. What we have encountered is this situation. You can use the AdsUtil script to fix this problem. C: / INETPUB / Adminscripts> Adsutil Get W3SVC / WAMUSERNAME WAMUSERNAME: (STRING) "iWam_name" The Name here is usually the server name of the server.
Open the MMC console of the component service, expand the "Component Services" folder, expand the "My Complicity" folder, find the "COM Applications" folder, right-click, select "Iis Out-of-Process Applications, confirm" Advanced "The" Disable Changes "selection box in the page is cleared, which makes sure the IWAM_ account change will be saved in the Active Directory. If IIS runs in a domain controller, open an "Active Directory user, and computer's MMC management console snap-in. If IIS runs in a member server, right-click My Computer, select" Manage ", expand system tools ", Expand" local users and groups ", select" User "folder. In the right, find the IWAM account name we just queried through the Adsutil script, change the password of the account. Then use the script to modify the IIS Metabase IWAM account password : C: / inetpub / adminsscripts> Adsutil Set W3SVC / WAMUSERPASS Password Wamuserpass: (String) "Password" can see the prompt to modify success, then find "service", stop, then start "IIS Admin" through the management console just now Service. You can also use the command line: C: /> Net Start W3SVC [2] Certificate Service Using OWA Change Password function, because the password is used to transfer, it is very dangerous. To ensure the security of the account We must enable SSL (Security Sockets) encryption for this feature. In order to implement SSL, we need to use a certificate to verify the IIS service. We have installed the certificate service, which is to give the IIS and domain accounts. If you have Certificates (such as VeriSIGN, etc.) released by commercial companies, of course, can also use them directly. Generate a server certificate for the IIS service, and export it. Install it to "trusted enterprise root certificate", this certificate can be With user trust. Open "Internet Information Services" management console Snap-in, right-click the default web site "(here we assume only one site above IIS and the site is ready to use OWA, if the situation is different, please self Modify), select "Directory Security" in Default Site Properties, click Server Certificate in "Secure Communication" below, and use its wizard to install the server certificate we exported. In order to pass OWA to modify users The password, you need to create a virtual folder of "IisadMPWD" in the default site. This directory only allows read. "Application Name" there of Application Settings Fill in IisadMPWD, execute the license as pure script. Open Internet Explorer Enter http: // <; ExchangeServeraddress> / Exchange "to see if you can normal OWA. 4. Fixing Network Services In front we have installed WINS on another server, you can now install WINS on newly installed servers to implement "push / pull" copy. You can also install DNS implementation area copy. DHCP, we can divide the address range of the region into 80% of the remaining area (20% of the anastomosis, of course, can be changed as needed). This way, WINS / DNS / DHCP can continue to provide services. Next, the service shared by the printer and file is provided in accordance with the original shared content.
