Restoring Databases, Mailboxes and Deleted Messages
In Part 2 I described how to perform a backup (as opposed to using DAGs). Now its time to consider recovery. At some point you will want to perform the following types of data recovery:
- Entire mailbox databases
- Individual user mailboxes
- Single items in a mailbox
Recovering Databases with the Windows Server Backup Tool
A good visual walk-through on how to restore the database from backup is provided by the following link Database Restoration.
The following link provides a complete breakdown of WBAdmin commands WBAdmin Commands
and the recovery details are provided with this link WBAdmin Recovery Details
Recovering Mailboxes
Mailboxes can be recovered in the following ways:
- Using the deleted mailbox retention
- Using a recovery database
- Using a lagged database copy
When a mailbox is removed from a database, it becomes disconnected from its active directory account. The disconnected mailbox stays disjoined for a period of time determined by the databases retention time (30 days by default). The act of removing the mailbox will actually remove the active directory account from AD database. So, if you want to reconnect the mailbox back to the original AD account you will first have to bring the user 'back from the dead' perhaps by using the LDP tool. The general steps involve:
- Use the LDP tool to bring the deleted user object back from the deleted containers object
- Reconnect the mailbox with the original account (or another account if you prefer)
Of course this has to be done within thirty days of mailbox deletion. To determine which mailboxes are in a disconnected state type the following:
[PS] Get-MailboxStatistics -Server servername | Where-Object {$_.DisconnectDate -ne $null} | fl dis*,*guid
This will display all disconnected mailboxes, when they became disconnected and just for fun the mailbox GUID numbers. You can use the GUID identifier or the displayname to reconnect the mailbox:
[PS] Connect-Mailbox 46d34411-1c85-4f49-8772-7d8572a4dd1d -Database db2 -User "Rodica Woodcock" -Alias Rodica
As I mentioned, this has to be done within the 30 day retention time. You can extend this time if you wish by typing in the following cmdlet:
[PS] Set-MailboxDatabase DB2 -MailboxRetention 60.00:00:00
This command will extend the retention time by another 30 days to a total of 60 days
2. Using a Recovery Database
How would you recover a mailbox if the mailbox retention time has been exceeded? To do this you can create something called a recovery database. This is like a regular database but users cant access it with client software. Also mail cannot flow to and from a RDB nor can policies be applied to it.
The overall steps involve the following:
- Create a RDB
- Restore the normal database from backup
- Point the RDB to the location of the restored backup and mount it
- Restore the mailbox that was deleted
1. How to Create a Recovery Database (RDB)
[PS] New-MailboxDatabase RDB1 -Server srv215 –Recovery
2. Restore the Database From Backup
Refer back to the proceedure outlined above to do this. NB. You should restore the database to an alternate location. It is also suggested that you should repair the database (in case of corruption). The following command refers to a restored database to the alternative location of e:\rdbrestore. You must provide the full path to the .edb file
[PS] eseutil /p E:\rdbrestore\E_\db2\db2.edb
3. Point the RDB to the Restored Location
[PS] Move-DatabasePath RDB1 -EdbFilePath E:\rdbrestore\E_\db2\db2.edb -LogFolderPath E:\rdbrestore\E_\db2 –ConfigurationOnly
4. Mount the RDB
[PS] Mount-Database RDB1
Once mounted the recovery database can be used to recover a deleted mailbox. You do this with the Restore-Mailbox cmdlet.You will first need to enable the mailbox. If you removed the mailbox in practice, then the user account will have been deleted. Recreate the user in AD and then enable the mailbox.
3. Using a Lagged Database Copy
This involves replicating transaction logs to a passive database, waiting a specified amount of time and then replaying them into that copy. Since you build a delay into this model, when you recover from the copy you might incur some data loss since you will be deleting transactions that are valid.
The maximum lag time you can use is 14 days. To set a replay lag time of 7 days use the following cmdlet:
[PS] Set-MailboxDatabaseCopy SRV2\DB01 –ReplayLagTime 7.0:00:00
To recover from a lagged database copy, perform the following main actions:
- Suspend replication to the lagged copy (pausing database replication)
- Take a VSS snapshot of the volume that holds this copy
- Figure out the date/time you want to restore the database to and delete all transaction logs after that time
- Repair the database using ESEUtil
- Recover the data from the database
- Restore the VSS snapshot of the volume
- Resume replication to the lagged copy
No comments:
Post a Comment