Exchange Server Disaster Recovery Real Record TYPE: Exchange and Mail Server Time: 2004-11-29Author: HaohuURL: N / AHIT: 24 DayHit: 1 WeekHit: 2 Exchange Server Disaster Recovery Real Record Time: 2004-11-22 17: 12:49 source http://blog.mvpcn.net/haohu/ author: haohu votes: 7 level: Hits: 192 a, Alarm Disaster is Fall ...... bad things always occur in most people do not want it to appear when! . On this day, the 4400 server suddenly died ... According to the colleagues in the scene, the server suddenly slowed down, stopped network services until all responses were stopped. To restore services, they only restart the server. After the server is enforced, the Blue Screen, the system reports stop: 0x0000007B error, INACcessable_boot_device. At first I thought just MBR is broken or NTLDR and NTDetect.com are broken, then I just need to use fixmbr and fixboot inside the fault recovery station. Since the server uses the hardware RAID, you can only use the F6 to load the RAID startup when the disc will start, and then enter the fault recovery table to see if you can access the system partition. After entering, you can see the system partition with DiskPart, but the system partition is no longer read, and the DIR command cannot enumerate any files and directories. Speaking here, let me introduce the environment of the server. This Windows 2000 Advanced Server is the first Domain Controller in this domain (named Domian.com), five operating host roles (FSMO) are above. Limited to the conditions, the Exchange Server 2000 is run above, which is also used as File Server / Printer Server. There is also DHCP / WINS / DNS. The backup tape, the capacity is not enough to complete the full backup ..., so, the server's exit service is a real disaster. If there is no other Domain Controller, we have to be busy with a long time. It is because there are other Domain Controller, we still have a hope! Second, missions Impossible! Impossible is nothing! 0, using other servers to replace the impact of network service customers must minimize. Since the network is used to allocate addresses and providing network information in the network, we must first resolve the problem of client DHCP lease expiration updates. I originally only this DHCP server, and now it's broken. So we installed DHCP on additional Server, the divided address range was 20%. The reason for this is that the client that expires the lease is not a lot, of course, can also be adjusted according to the length of the lease time and the number of clients, the faster update, the more addresses. At the same time, we have installed WINS and DNS, and add the area and records originally set up for DNS. 1. Restoring domain controller Active Directory is the cornerstone based on a Windows 2000 network environment. There are too many information saved here. With Active Directory, we can recover considerable server configuration information, such as DNS configuration. So we must first consider, that is, to restore the host role. By the way, introduce the host role.
Active Directory defines five operating host roles (FSMO): Architecture Host Schema Master Domain Naming Host Domain Naming Master Compare Number (RID) Host Rid Master Structural Structure Host INFRASTRUCTURE MASTER Structure Host is an update directory The unique domain controller of the architecture. The architecture update will be copied from the architecture host to all other domain controllers in the Active Directory Forest. There is only a unique architecture host in the entire forest. The domain name host is the only domain controller that can perform the following tasks: add or delete the domain, add or delete the cross-reference object that describes the external directory in the forest. The relative identification number (RID) host is a unique server responsible to allocating the RID pool to other domain controllers. When creating a security body (such as user, group or computer, you can understand an account), you need to combine the unique security identifier (SID) in combination with the identifier within the domain. Each domain controller receives the RID pool for creating an object (default is 512). The RID host ensures that these IDs are unique on each domain controller by assigning different pools. Through the RID host, you can also move the object between different domains in the same forest. The domain named host is based on the forest, only one domain named host in the entire forest. The relative identification number (RID) host is domain-based, and each domain in the forest has its own relative identification number (RID) host. The Main Dome Controller Simulator (PDCE) is primarily implemented backward compatible low-level clients and servers, that is, allowing the Windows NT Backup Domain Controller (BDC) to be used in Windows 2000 domain. The password change will forward the password change to the PDCE in the Windows 2000 environment. After the domain controller verifies the password, contact PDCE to check if the password can be verified. Because the changes may have not been copied to the currently verified domain controller that is currently verified. PDCE in the forests in the forest will synchronize with PDCE in the roots of the forest. PDCE is domain-based, each domain in the forest has its own PDCE. The infrastructure host ensures consistency of all domain operating objects. This reference includes the global unique identifier (GUID), security identifier (SID), and distinguished name (DN) of the object. If the referenced object is moved, the domain controller in which the structural host role in the domain will be responsible for updating the SID and DN in the cross-domain object reference in the domain. The infrastructure host is domain-based, and each domain in the catalog has its own infrastructure host. The five FSMO exists on the first domain controller (main domain controller) in the forest root field, and The relative identification number (RID) host in the subdomain, the PDCE, the infrastructure host exists in the first field controller in the subdomain. [1] Clear information from the original Domain Controller because the server is no longer available, we must reinstall, so you need to remove the data of the original server from the Active Directory. Complete this goal, you need to use NTDSUTIL.
(For ease of reading, these commands have been wrapped, the input content bold italics) c: /> ntdsutil ntdsutil: metadata cleanup metadata cleanup: select operation target select operation target: connections server connections: connect to domain domain.com select operation target: List seats found 1 site (s) 0 - cn = default-first-site-name, cn = sites, cn = configuration, dc = domain, dc = COM SELECT OPERATION TARGET: SELECT SITE 0 Site - CN = Default-first- Site-name, cn = sites, cn = configuration, dc = domain, dc = com no current domain no current server no current naming context select operation target: list domains in site found 1 domain (s) 0 - DC = Domain, DC = COM Select Operation Target: Select Domain 0 Site - CN = Default-first-site-name, cn = sites, cn = configuration, dc = domain, dc = COM DOMAIN - DC = Domain, DC = COM NO CURRENT Server No current Naming context select operation target: list Servers for domain in site found 2 server (s) 0 - cn = DC1, CN = Servers, CN = default-first-site-name, cn = site, cn = configuration, DC = Domain, DC = COM 1 - CN = DC2, CN = Servers, CN = default-first-site-name, cn = sites, cn = c Onfiguration, DC = Domain, DC = COM SELECT OPERATION TARGET: SELECT Server 0 Select Operation Target: Quit Metadata Cleanup: Remove Selected Server The dialog box, ask if you are sure to delete the DC. Press "OK" to delete the DC1 master server. Metadata Cleanup: Quit NTDSUTIL: Quit Remove DC1 server objects in Domain Controllers from Active Directory Users and Computers, you can use the ADSI EDIT tool. Adsi Edit is a tool in Windows 2000 Support Tools, and you need to install Windows 2000 Support Tool, the installer under the Support / Tools directory in the Windows 2000 CD. Open the ADSI Edit tool on DC2, expand Domain NC [DC2.Domain.com], expand OU = Domain Controllers, right-click CN = DC1, then select Delete, delete the DC1 server object.
Delete the DC1 server object in Active Directory Sites and Service, you can open the Active Directory Sites and Service in Administrative Tools, expand Sites, expand Default-first-site-name, expand servers, right-click DC1, select Delete, click "to confirm "Button confirmation.
[2] Seclect five FMSOs through NTDSUTIL.EXE tools on the extra domain controller (for easy reading, these commands have been folded, the crude body is input) C: /> NTDSUTIL NTDSUTIL: ROLES FSMO Maintenance: SELECT OPERATION TARGET SELECT Operation Target: Connect To Domain Domain.com Select Operation Target: List Sites Found 1 Site (s) 0 - CN = Default-First-Site-Name, CN = Sites, CN = Configuration, DC = Domain, DC = com select operation target: select site 0 Site - CN = Default-First-Site-Name, CN = Sites, CN = Configuration, DC = domain, DC = com No current domain No current server No current Naming Context select operation target: List Domains in Site Found 1 Domain (s) 0 - DC = Domain, DC = COM Select Operation Target: Select Domain 0 Site - CN = Default-first-site-name, CN = Sites, CN = Configuration, DC = Domain, DC = COM DOMAIN - DC = DOMAIN, DC = COM NO CURRENT SERVER No CURRENT NAMING Context Select Operation Target: List Servers For Domain in Site Found 1 Server (s) 0 - CN = DC2, CN = Servers, CN = Default-first -Site-name, CN = Sites, CN = Configuration, DC = Domain, DC = COM SELECT OPERATION TARGET: SELECT Serv ER 0 Select Operation Target: Quit FSMO Maintenance: Seize Domain Naming Master appears dialog box, press "OK" FSMO Maintenance: SEIZE INFRASTRUCTRURE MAINTENANCE: SEIZE INFRASTRUCTER Earth Dialog box, press "OK" FSMO Maintenance: SEIZE PDC The dialog box, press "OK" FSMO MAINTENANCE: SEIZE RID MASTER The dialog box appears, press "OK" FSMO Maintenance: Seize Schema MASTER The dialog box, press "OK" FSMO Maintenance: quit ntdsutil: quit (Note: SEIZE is used for the original FSMO does not online, if the original FSMO Online, you need to use Transfer operations) [3] to set additional control (dc2.domain.com &,, amp ;,, lt;, / span>) for GC (global catalog)
Open the Active Directory Sites and Services in Administrative Tools, expand Sites, expand Default-first-site-name, expand servers, expand DC2.Domain.com (additional controller), right-click NTDS Settings to select Properties, then in "Global Catalog "The front tick, click the" OK "button, and then restart the server. [4] Reinstall and restore damaged primary domain controllers to repair DC1.Domain.com, reinstall Windows 2000 Server on the DC1.Domain.com server. Basically, install the components in accordance with the original server, but do not install "certificate service" (installation "certificate service", it is not possible to perform an operation on the rename and domain. After installing Windows 2000 Server, run the DCPROMO to upgrade to an additional domain controller; if you need DC1.Domain.com to serve as the five FMSO roles, use the Transfer operation (Note: At this time, DC2 is online, no With SEIZE, you can only use Transfer. After completing, install "Certificate Service". Set DC1.Domain.com to GC through Active Directory Sites and Services, and cancel the GC of DC2.Domain.com. At this point, fix the Active Directory section. (Note: Domain Naming Master must also use the same domain controller as a GC, not Rid Master, and recover the mail server Since Exchange Server expands Active Directory's schema, save the configuration information in Active Directory, so we can't Simply reinstall the event. Such a previous configuration information, including the address book structure, and other non-mail storage data. Let's try to repair step by step. [1] Installing Exchange Server In order to adapt to the installation of the disaster recovery environment, Exchange Server and the installation file of the following Exchange Server Service Pack provide / disasterRecovery parameters to implement system repair in disaster recovery environments. We need to restore the system to the status of the crash. If SP and Patch are installed, the new system is also installed the same SP and PATCH. The choice of installation components is also important, and must be consistent with the components installed at the time of the crash. Therefore, the installation configuration of the record software in everyday maintenance is also a very important job. In this example, after installing the mail server, install the SP3 in turn, there is rollout, and restore the software installation before the crash. [2] When the mail storage Exchange Server 2000 is damaged, the information store is one of the most susceptible components that are most proneously affected. In fact, many of the WINDOWS families are designed for databases that always work online, use the Exchange database engine. Information storage consists of the following four database files: priv1.edb priv1.stm Pub1.edb Pub1.stm Priv1.edb database file contains simple mail transfer protocol (SMTP) mail, including messages that are transmitted and mail stored on the server . The Priv1.stm database file contains non-SMTP messages that are being transmitted and stored. The Pub1.edb database file contains a public folder store for SMTP format information. Pub1.stm contains a shared folder store for non-SMTP format data.
Our mail server is Stand Alone, no site connector, and no key management is installed. So, we chose the recovery process of KB313184. Since our database is abnormal exit, you need to confirm the consistency of the database. If the database is consistent, all log files have been submitted to the information storage. If the database is inconsistent, the database may not be damaged. Instead, the log file may be lost, damaged or not submitted to the database. We run the following eseutil commands to check the consistency of public and dedicated databases (for easy reading, these commands have been folded, and the crude body is input). C: / Program Files / Exec / Program Files / Exutil / MH "C: / Program Files / Exchsr / Mdbdata/priv1.edb" C: / Program Files / ExchsrVR / BIN> ESEUTIL / MH "C: / Program Files / ExchsrVR / MDBDATA / PUB1.EDB "Note: This assumes that the program is running from the Program files / exchsrvr / bin folder on the C drive, and the .edb file is located in the Program Files / ExchSrVR / MDBData folder, if the upgrade is performed, these databases The file may be in the C: / Exchsrvr / MdbData folder. If the database is optimized, these files may be on another drive and can be replaced according to the actual situation. To verify that the .edb file is consistent, check the output line labeled "State". In order to facilitate viewing of "> mypriv.txt" and "> mypub.txt" after the previous command line, two text files are generated. Or use the "|" parameter to output it by screen. In our example, the database State on the server is "dirty shutdown", so you need to quickly fail to save your database to check if you store a copy of the log file in the MDBData folder. Note: The following steps are not arranged in the order of operation, nor, every step must be executed, fix mail storage, you need to choose a step or several execution according to the actual situation! (a) Save the storage recovery of the log file to restore Soft failback, all uncommitted log files will be submitted to the information storage database. Open the folder resident in the database and log files, and type the following on the command prompt (for easy reading, these commands have been folded, the crude body is input): C: / Program files / ExchsrVR / MDBDATA> "C: / Program Files / ExchsrVR / Program Files / ExchsrVR /BIN/eseutil.exe" / R E00 Click "Yes" Run Repair. The utility will display the following message: Microsoft (R) Exchange Server (TM) Database Utilities Version 6.0 Copyright (c) Microsoft Corporation 1991-2000. All Right Reserved. Initiating Recovery Mode ... Logfile Base Name: E00 LOG FILES :( Current Directory: (CURRENT DIRECTORY) Performing Soft Recovery ... After completing soft failback, the program will display the following message: Operation completed successful in x.xxx seconds. Run the eseutil / MH command again.
If the state of public information storage and dedicated information stored is changed to "consistency", it indicates that the database has been fixed. (b) Storage recovery without log files or log files If the eSEUTIL / R command does not recover the database to a consistent state, use a hard fault recovery (forced state recovery) command. (Note: This command may lose some Exchange 2000 data, including the message contained in the log file that has not been submitted to the information storage database. Microsoft suggests that public information storage or dedicated information storage is still not available after performing soft fault recovery This command is used when it is restored to a consistent state.) In the command prompt, type the following command (for easy reading, these commands have been folded, the crude body is input): Restore the priv1.edb file to a consistent state: C: / Program Files / ExchsrVR / MDBData> "C: / Program Files / ExchsrVR / BIN / ESEUTIL" / P priv1.edb Restores Pub1.edb files to consistent status: c: / program files / exchsrvr / mdbdata> "c : / Program files / exchsrvr / bin / eseutil "/ P Pub1.edb Click Yes Run Repair. Utility displays the following message: Microsoft (R) Exchange Server (TM) Database Utilities Version 6.0 Copyright (C) Microsoft Corporation 1991-2000 All right reserved Initiating REPAIR mode ... Database:.. Priv1.edb Streaming File: priv1 .stm temp.database: Temprepair1820.edb checking database integrity. Scanning status (% completion) 0 10 20 30 40 50 60 70 80 90 100 | ---- | ---- | ---- | ---- | ---- | ---- | ---- | ---- | ---- | ----- | .................. ................................ The repair process will be included during the repair process. After completing this process, the program will display the following message: Integrity Check Successful. (C) Performing a mail stored offline finishing suggests to perform fragmentation of the repair database file. Especially when the disk space is insufficient. Such offline debris can be performed on another machine. If you run a soft fault recovery process for the Pub1.edb file and the priv1.edb file, run the following fragmentation commands for these two files (for easy reading, these commands have been folded, the crude body is input). Fragmentation of Priv1.edb: C: / Program Files / ExchsrVR / BIN> ESEUTIL / D C: / Program Files / ExchsrVR / MDBDATA / Priv1.EDB Debrils for Pub1.edb: C: / Program Files / ExchsrVR / BIN> Eseutil / D C: / Program Files / ExchsrVR / MDBDATA / PUB1.EDB Note: If the storage database is large, it takes a while. If prompted disk space, copy the Program File / ExchsrVR / BIN folder to a larger disk, and then try to run this command from this location.
Delete all the .log files in the MDBData folder, .chk file, then delete the temp.edb file (if there is). Turn off all the service-sent services to avoid accessing the mail store during the repair process. Use the database once and then uninstall it (dismount). It is recommended to perform fragmentation of the repair database file. Especially when the disk space is insufficient. Such offline debris can be performed on another machine. If you run a soft fault recovery process for the Pub1.edb file and the priv1.edb file, run the following fragmentation commands for these two files (for easy reading, these commands have been folded, the crude body is input). Fragmentation of Priv1.edb: C: / Program Files / ExchsrVR / BIN> ESEUTIL / D C: / Program Files / ExchsrVR / MDBDATA / Priv1.EDB Debrils for Pub1.edb: C: / Program Files / ExchsrVR / BIN> Eseutil / D C: / Program Files / ExchsrVR / MDBDATA / PUB1.EDB Note: If the storage database is large, it takes a while. If prompted disk space, copy the Program File / ExchsrVR / BIN folder to a larger disk, and then try to run this command from this location. Use the <, span lang = en-us> isinteg.exe utility to run tests for all regions of the Pub1.edb database and the Priv1.edb database, and report the test results, and also try to repair any problems encountered. (For your convenience, these commands have been folded, the crude body is input): c: / program files / exchsr / bin> Isinteg -s (ServerName) -fix -Test AllTests system prompts you to check the database you want to check. Index Status Database-Name Storage Group Name: First Storage Group 1 Offline Mailbox Store (servername) 2 Offline Public Folder Store (servername) Enter a number to select a database or press Return to exit NOTE:. Exchange 2000 is no longer used in combination -patch Options To implement the ISINTEG utility. The fix will be automatically executed by Store.exe when the information store is started. You can only check the database marked as "offline".
After selecting a database, the following message will appear, prompt to confirm our choice: "You Have SELECTED First Storage Group / Mailbox Store
