Win, VM, Linux, Scripting – ramblings of a SysAdmin
Posts tagged Exchange 2007
Restoring mailboxes in Exchange 2007 (part 1)
Jul 15th
Lately I’ve been doing a number of mailbox restore procedures on Exchange 2007, so I thought it would be a good idea to make my own posts about it (yes it involves scripting), because things are not always as straightforward as MS or TechNet say it is. This is going to be a multi-part post: Create the RSG and mount the DB to be restored, Restore mailbox(es), Remove the restored DB and RSG. Before you think about it I’m going to answer it for you:
Q: But why don’t we use the nice GUI Tool from Exchange Management Console (Extra.exe) and do it from there, “we don’t need no scripting”?
A: My experience tells me the scripted method is safer and works “as expected” unlike the GUI, which says it did something, when it didn’t (I’ve spent days trying to figure out why a RSG Database won’t actually dismount when the GUI said: “Completed Successfully”.
OK, let’s get on with it. All that I am about to explain requires Exchange Administrator privileges on the Exchange servers.
We will be creating a Recovery Storage Group, this is the first step in the restore process. To create the RSG you need following:
- Adequate disk-space to restore the mailbox database, locally on the Exchange Server where the DB was residing
- Exchange Management Shell running as Administrator (especially on CCR clusters)
- No other Recovery Storage Group already created on that server with an existing RSG database (you can only have 1 RSG with 1 DB in the RSG). It is best to remove any previous RSG completely then recreate it for your needs.
- Specific information like which DB to link to the RSG and the list of mailboxes to restore.
Creating a Recovery Storage Group can be as easy as this:
New-StorageGroup -Server <MBX Role Server Name> -Name <StorageGroup Name> -LogFolderPath <Logs Folder> -SystemFolderPath <SystemFiles Path> -Recovery -Verbose
The command is very similar to creating a new SG, except for the -Recovery switch, designating it as a Recovery Storage Group. I added the -Verbose switch so you can see what is going on behind the scenes.
New-MailboxDatabase -MailboxDatabaseToRecover <Mailbox Name> -StorageGroup <Recovery Storage Group Name> -EdbFilePath <path to store edb file> -Verbose
Here it is just as easy as creating a new mailbox database, only you are creating it in the recovery storage group you created with the previous command. The key thing to remember here is that the value of the “MailboxDatabaseToRecoverParameter” must be the exact same name of the mailboxDB of which you want to recover from. If the name is different you will not be able to run any restore commands, because it will not be able to find any mailboxes when it searches the recovered database.
A working script for creating the RSG
Below I’m sharing with you a working snippet that should help in creating a recovery storage group and DB. In short here is what the code does:
Using a given UserPrincipalName…
- Attempts to retrieve the mailbox for the UPN (it is a “forest friendly” coding for retrieving the mailbox). If it fails it quits
- Checks if a folder structure for placing, logs, system files and the edb file exists (I used a location called d:, use a variable if you like).
- If folders already exist, it will quit, otherwise it will create a folder with the MDB name, and logs and edb subfolders,
- Next it checks if a Recovery Storage Group already exists, unless you cancel the script it will continue to use this RSG, with the given details. Otherwise it will create a RSG on its own.
- It will then create a mailbox database where you / your backup admin will restore your exchange backup.
$MBX_UPN = Read-Host
$Filter = "UserPrincipalName -like '$MBX_UPN'"
$SourceMBX = get-mailbox -IgnoreDefaultScope -Filter $Filter
If ($SourceMBX -eq $null) {
Write-Host -foregroundcolor Red "No Mailbox for $MBX_ID found`nScript will Quit"
exit }
Write-Host -ForegroundColor Green "Source Mailbox is`n $SourceMBX"
$LinkedMDB = Get-MailboxDatabase -Identity $SourceMBX.Database
Write-Host -ForegroundColor Green "Ok, Database ($($LinkedMDB.StorageGroup.Name)) is grabbed, now creating RSG Folders and RSG`nPress Enter to continue or Ctrl+C to Cancel"
Read-Host
#Checking if the RSG folders already exist, if not attempt to create them
If ((Test-Path "d:\$($LinkedMDB.StorageGroup.Name)")) {
Write-Host -ForegroundColor Red "Folder already exists. Please remove d:\$($LinkedMDB.StorageGroup.Name) before running this script again.`nScript will quit"
exit
}
$SysPath = New-Item -Type Directory -Path d: -Name $LinkedMDB.StorageGroup.Name | Get-Item
If ((Test-path $SysPath)) {
$DBPath = New-Item -Type Directory -Path $SysPath -Name DB | Get-Item
$LogsPath = New-Item -Type Directory -Path $SysPath -Name Logs | Get-Item
}
#If folders were created successfully we can continue
If ((Test-path $SysPath) -and (Test-path $DBPath) -and (Test-path $LogsPath)) {
#Checking if RSG already exists
$RSG_check = Get-StorageGroup -Server $LinkedMDB.ServerName | where {$_.Recovery -like "True"}
If ($RSG_check -ne $null) {
Write-Host -ForegroundColor Magenta "A RSG was found on $($RSG_check.ServerName). Here are RSG Details:"
$RSG_Check | select-object Name,Identity,Recovery,LogFolderPath,SystemFolderPath | fl
Write-Host -ForegroundColor Magenta "To use this RSG Press Enter, to cancel Press Ctrl+C"
Read-Host
}
Else {
Write-Host -ForegroundColor Green "Now creating Recovery Storage Group..."
New-StorageGroup -Server $LinkedMDB.Server -Name "Recovery Storage Group" -LogFolderPath $LogsPath.FullName -SystemFolderPath $SysPath.FullName -Recovery -Verbose
}
Write-Host -ForegroundColor Green "OK! No RSG found. Now creating RSG Database..."
New-MailboxDatabase -MailboxDatabaseToRecover $LinkedMDB.AdminDisplayName -StorageGroup "$($LinkedMDB.ServerName)\Recovery Storage Group" -EdbFilePath "$($DBPath.FullName)\$($LinkedMDB.Name).edb" -Verbose
}
Else {
Write-Host -ForegroundColor Red "Could not Create folder or folder structure in d:\$($LinkedMDB.StorageGroup.Name). Check messages above for errors! Script will quit."
exit
}
This is about it with creating a Recovery Storage Group, it is actually not difficult, just remember to name the MDB inside the RSG with the same name as the source MDB (this was also required on Exchange 2003, as far as I know). Also you cannot have more than one RSG per Maibox Server, it is best to remove any RSG you have after you are finished recovering data. Next post we will discuss how to restore data from a MDB and how to remove the RSG.
As always I value your feedback and hope you found this post useful.
Change Notification “From” Email Address in FSE
Mar 28th
After a recent deployment of FSE (Forefront Server for Exchange) on an Exchange CMS, I sat back and just watched Forefront notifications come in. Initially they were delivered in my Outlook junk email folder, but I quickly figured it out and added the “domain” Forefront was sending from. This was all ok for me, a sysadmin, but then it hit me: Users whose attachments get blocked also get this notification and it probably ends up in the junk folder aswell. First I thought, ok, let’s push a list of accepted domains down to the clients, but then it dawned on me that there had to be a way to change the “from” address in Forefront. As an added bonus I wanted to find a way to change it on any Server Role (mailbox, hub, cas, edge). Thankfully the Forefront Server for Exchange User Guide provides the answer (goes to show RTFM sometimes goes a long way).
How to Change the From Address
This From Address is written down in a registry key of the Server where FSE is installed.
- Open the Registry Editor and browse to the corresponding key depending on the OS version you have:
For 32-bit:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Forefront Server Security\ Notifications\FromAddress
For 64-bit:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Server Security\Notifications\FromAddress - Change the default value to the sender name you would like. I chose a name that also identifies the server where the notification is sent from. You can use any alphanumeric characters, just keep in mind that illegal characters are replaced with “_”.
- Now Microsoft says to Restart/Recycle the Exchange and FSE services for this change to become active, please read the notes below regarding this:
Notes: Restarting/Recycling Services looks like quite a simple task however, I do have some hints on that:
- If using a CMS (Clustered Mailbox Server) you just have to recycle FSE on the ACTIVE node, FSE is not actively running the PASSIVE node. Exchange services don’t need to be restarted for this change to take effect – (this is my personal observation)
- Recycling FSE on servers running Microsoft Exchange Transport Service (Transport, Edge Roles) will also recycle the Microsoft Exchange Transport service (Transport Service has a dependency on FSE) – so plan for downtime.
- There is a “bug” in Forefront: after the change and restarting services (not sure what is the cause, didn’t play around to find out) Forefront sends out 3 failed update notifications (1 per engine), for deprecated scan engines it has (AhnLab, Sophos, CAvet) even though none of those engines are enabled/configured to get updates. I spent almost 2 hours scouring the Internet for a reason why this happened. Best just to ignore it, save yourself some brain-cells.
- If changing the registry key by hand via remote registry you will not see the wow6432Node because regedit already connected you to that key.
Disclaimer: As you know changing the registry is “bad juju” if you don’t know what you are doing you can break things, so handle these operations with care.
This is probably the first post in a series related to Forefront Security for Exchange, I hope they prove useful.
