Exchange Server 5.5 added a wonderful feature—deleted-item retention—that lets users restore certain deleted mailbox items. In addition, Exchange Server 5.5 lets administrators avoid long restore operations by enabling the Deleted Item Cache property for Exchange objects such as public folders and mailboxes. However, these restore features might not work if someone has permanently deleted an Exchange object (e.g., message, folder) from the directory.

Exchange permanently deletes objects in three situations. First, Exchange permanently deletes an object if a user or administrator uses the hard-delete operation (Shift+Del). The hard-delete operation prompts Exchange to delete the object without sending it to the Deleted Items folder or the Deleted Items Cache when the Deleted Items Cache property isn't enabled. Second, Exchange permanently deletes an object if someone deletes an item from the Deleted Items folder. Finally, if an administrator inadvertently deletes a mailbox or even an Exchange server when using the Microsoft Exchange Administrator program, Exchange permanently deletes that mailbox or server from the directory.

When someone permanently deletes an object from the directory and replication in the site has not yet occured, restoring the directory and the Information Store (IS) database doesn't produce the expected result. If you have more than one server in the site, a replication transaction coming from another server in the site takes precedence and deletes the restored object again. This behavior is by design to ensure that deleted objects remain deleted to keep the directory consistent.

If restoring the directory or the IS database doesn't work, not all is lost. You can use one of two methods to restore permanently deleted objects.

The Methods
You can restore permanently deleted object two ways: You can use the Authoritative Restore (authrest.exe) utility to restore the object, or you can recreate the object with a new GUID. Authrest.exe and its documentation are on the Exchange Server 5.5 CD-ROM, in the \Support\Utils\platform directory. For an example scenario using authrest.exe, see the Microsoft article "XADM: How to Recover a Deleted Server Using Authrest Utility" (http://support.microsoft.com/ support/kb/articles/q181/9/20.asp).

Authoritative Restore lets you change object versions and update sequence numbers (USNs) on the objects that Exchange holds in the restored directory. This operation has the effect of making the data in the backup appear to be more recent than any copy other servers hold. Directory replication causes Exchange to replicate the restored information to all servers in the site. However, this approach doesn't preserve transactions made to the directory after the backup you intend to restore.

To preserve changes made to directory objects, the best practice is to use manual restore procedures to recreate the object with a new GUID. Two main restore procedures exist: one for single-item recovery (e.g., mailboxes, public folders, messages) and another for an entire Exchange server.

Restoring One Item
This procedure is appropriate when you have to restore items permanently deleted from a mailbox or a public folder or entire mailboxes or public folders. I'm assuming that you have no other way to avoid this restore; that is, copies of the items you want aren't available in offline storage (OST) or personal storage (PST) files or in unsynchronized folder replicas.

To restore one item, you need the following hardware and software:

  • A backup of the IS database that contains the deleted object
  • A dedicated server with enough disk space to restore the entire IS database
  • Windows NT 4.0 and the service pack installed when you made the backup
  • Exchange Server 5.5 and the Exchange Server service pack installed when you made the backup

To recover one item, you must install NT Server 4.0 and Exchange Server with the same site and organization name that the lost mailbox or public folder resided in. Then you restore the IS from a backup tape, log on with Exchange administrative privileges, and assign the necessary permission in the directory to allow access to the desired mailbox or public folder. Finally, you copy the data to a PST file and deliver it to the user or post the recovered items in the public IS. Here's a detailed discussion of this procedure.

Preparing the recovery server. First, set up a server for the recovery operation. Follow these steps:

  • If you don't have a recovery server running, install NT Server as an NT PDC, BDC, or member server on a dedicated machine. This server must have a different name from the production server. The server must have a tape drive compatible with that on the production server and must run the same backup software. This procedure doesn't cover the steps for restoring a cluster (Microsoft Cluster Server—MSCS) because the cluster environment requires extra steps and duplicate installations. Upgrade the server to the same NT service pack that is running on the production server.
  • Install Exchange Server, and select the option to create a new site (i.e., don't join the production site). Use the same site and organization name as is on the server from which you're restoring the mailbox or public folder. The recovery server needs to be a standalone computer that isn't joined to your production site. To simplify steps, use the same Exchange Service Account Admin as the one on your production site. Install the Exchange Server service pack that was running on the production computer when you last backed up the IS.
  • To simplify the procedure, install an Exchange client (I recommend Microsoft Outlook) on the recovery server.

Restoring the IS. This procedure assumes that you're working with a Normal online backup, which is the common method for backing up Exchange in most production environments. Similar steps apply when you use the offline backup, except that you need to run the Isinteg–patch utility after you've completed copying the database files. The patch ensures that new objects you create in the IS don't have the same GUID as other objects in your organization.

  1. Log on to the recovery domain as administrator, and run the backup and restore tool.
  2. On the backup file, find the IS that you want to restore. Restore the backup on the recovery server, choosing the option to override existing data (both transaction logs and databases). When the restore has completed, restart the Exchange Services.
  3. Use the Exchange Service Account to log on to the recovery server.
  4. Run the Exchange Administrator program, and run the Directory Store/Information Store (DS/IS) consistency adjuster. To run the adjuster, select the server, view its Properties sheet, select the Advanced tab, click Consistency Adjuster, and select all the options for both private and public ISs, enabling All inconsistencies. Depending on the size and number of items in the IS, the process can take a long time. Check that this operation has successfully completed by inspecting the NT Event Viewer application log.

Recovering a user mailbox. The next step is to recover the mailbox. Follow these steps:

  1. From Exchange Administrator, set the Primary Windows NT Account property of the mailbox you want to recover to the Exchange Service Account. To set this property, Select the mailbox, select Primary Windows NT Account, then choose the NT domain and the NT account where you've defined the Exchange Service Account.
  2. From any workstation (including the recovery server), configure a Messaging API (MAPI) profile that points to this mailbox, and add a Personal Folder Service. To add this service, go to Control Panel, Mail applet, and select your MAPI profile. On the Services tab, select Add, and in the Add Service to Profile dialog box, select Personal Folders. Click OK twice to confirm the changes.
  3. Run your MAPI client, log on to the mailbox, and copy all items from the mailbox to a personal folder; if you're using Outlook 97 or later, you can use the Import and Export feature. Here's how to use this feature:
    • Go to File, Import and Export.
    • Select Export to a File.
    • Choose Personal Folder File (.pst), as you see in Screen 1.
    • Select Mailbox (aka Cassetta postale) as the folder to export from, as you see in Screen 2. Click Next,
    • Enter the export filename. In Screen 3, the filename is recovery.pst.
    • Finally, enter the security parameters for the PST file, as you see in Screen 4.
  4. If the user runs the Microsoft Schedule+ client (instead of Outlook), log on to Schedule+ as the user and create a local schedule (SCD) file.
  5. Using the network or a backup tape, deliver the PST (or SCD) file to the user with instructions for importing items.

Restoring public folders. The method for recovering public folders is similar to the method for recovering a mailbox. Perform the actions in the sections "Preparing the recovery server" and "Restoring the IS," then follow these steps:

  1. Assign the folders you are restoring to the recovery server's public IS. To assign the folders, select the server's Public Information Store, and bring up its Properties sheet. Select the Instances tab, then assign the folder you want to the server.
  2. Create a new mailbox on this server (e.g., Recovery-MB), and grant the mailbox access to Exchange Service Account Admin.
  3. From Exchange Administrator, select the desired public folder. From the folder's Properties, select Client Permissions. Grant the Recovery-MB mailbox the Owner role on this folder.
  4. If you want to restore all the subfolders, repeat this option on all subfolders but don't select Propagate these properties to all subfolders. This option doesn't preserve the original permissions on subfolders, so you'll lose the permissions. If the folder has numerous subfolders, you can use the MS PFAdmin.exe tool from the Microsoft BackOffice Resource Kit (BORK), and grant the appropriate permission to all subfolders with one command.
  5. Configure a MAPI profile that points to Recovery-MB, and add a Personal Folder Service.
  6. Run your MAPI client, and use Edit, Copy to copy the public folder to the PST file.
  7. Create a new MAPI profile that points to the production site and that includes the PST file that now contains the recovered items. This profile needs appropiate permissions (i.e., at least the Contributor role) within the production public folder hierarchy where you have to place items or folders.
  8. Drag the folder from the PST file to the Exchange organization public folder, and place it in the appropriate position.
  9. Delete the permission on the folder that you added earlier.

Restoring an Exchange Server
This procedure is effective when Exchange administrators accidentally delete the Exchange server when they're using the administrative interface. To restore an Exchange server, you need a backup of the IS and the Directory database. You also need the Exchange Server installation code and the Exchange Server service pack that you were using when you made the last backup. You install Exchange Server with the same site and organization name on a server that has the same name as the deleted Exchange server. Then you restore the Directory Service (DS) from a backup, exporting as much mailbox data as you can from the restored directory. Then, install a new copy of Exchange Server and join the new server to the production site. At this point, you have a new server in the site, so now you can import the directory and finally restore the IS database. Here are the detailed steps for restoring the server.

Restoring the directory. This procedure assumes that your NT server was originally the deleted Exchange server and that the server has enough disk space for the restored databases. This server must have the same name as the deleted server. Follow these steps:

  1. Remove Exchange Server from this server by running Exchange Server Setup and choosing Remove All.
  2. Install Exchange with a new site—don't join the production site. Use the original site and organization names. Install the Exchange service pack that was running when you made the last backup.
  3. Find the directory backup set on your backup medium, and restore it; select Erase all existing data. When the backup finishes, start the DS.
  4. Prepare a Comma Separated Values (CSV) file that contains all the mailbox fields your company requires, including Directory Name and Home Server. You must export system parameters such as Mailbox Size Limit, Distribution List Membership, and Primary Windows NT Account. You also need to export useful directory information such as Telephone and Mobile Number, Office, and Department. To obtain all the fields for the Mailbox object, run the Header.exe tool, which you can obtain from the BORK.
  5. From Exchange Administrator, export the entire directory to this CSV file.

Rebuilding the new server. Now you can rebuild the server with the recovered information. Here's what to do:

  1. Uninstall Exchange Server from this computer.
  2. Reinstall Exchange Server, and select Join to an existing Site to join the server with the production site. Include any additional Exchange Services (e.g., Event Service) that the deleted server had.
  3. Upgrade the server to the service pack that was running before the delete.
  4. Edit your CSV file, identifying records (i.e., lines in the CSV file) that correspond to mailboxes stored on the original deleted server. You can easily edit the file by using Microsoft Access or Microsoft Excel and deleting lines for the objects that belong to other servers in the site.
  5. Import this CSV file (where the Obj-Class field is Mailbox and the Mode is Create). Don't change the values in the Directory Name and the Exchange Recipients fields. Importing the CSV file recreates the mailboxes for users on the deleted server so that the distinguished names (DNs) for the mailboxes in the directory match the DNs in the IS. If you specify the container name (e.g., the default Recipients container) in the CSV file, you can perform one Directory Import; otherwise, you must import each Recipient container in your organization separately.

Restoring the IS. The final step in restoring a server is to restore the IS. The restore requires three steps:

  1. Use your backup and restore tool to restore the IS database. You must enable Override existing data. When the restore finishes, restart all Exchange Services.
  2. Run the DS/IS consistency adjuster, as you did in step 4 in "Restoring the IS" in the scenario for restoring one item. You must correct all inconsistencies so that the entries for public folder replicas will reappear in your directory.
  3. Reinstall and configure the connectors (e.g., X.400, the Internet Mail Service—IMS) and Exchange add-ons (e.g., antivirus software) as they were before the delete.

A Work-Saving Process
Keep these procedures for manually restoring individual objects and Exchange servers handy. You never know when you might need them.