What’s in My Exchange DR tool Box

Exchange Disaster Recovery
Fundamentals – Kind of toolish

HA + Recovery Options
Dialtone Recover
Setup / Bla
Legacy Exchange mailbox servers
Failover Cluster
Exchange 2007 Mailbox role
Single Copy Cluster (SCC)
Clustered Continuous Replication (CCR)
Local Continuous Replication (LCR)
Standby Continuous Replication (SCR)
Exchange 2010 Mailbox role
Database Availability Group (DAG)

Dialtone Recovery
Purpose is to give you time to fix or repair a database
How to
Move the active database and log files to a temp location
Mount the databases and say yes when it asks you if you want to create a new database
Restore or recover the database
Swap the recovered and dialtone databases
Play all of the dialtone database information into the recovered database
Things to note
Users get new email but they cannot see old stuff in
Outlook at the same time.
Users can see new email in OWA, and old email in
Outlook at the same time

Setup / Bla
2000 and 2003 setup /disasterrecovery will restore all of the settings from AD to a server
Most everything is in AD
2007 setup /recoverserver will restore all of the settings from AD to a server
Not everything is in AD – it is different for each server role
The Databases – Email and Queues
IIS metabase on the CAS server
UM prompts on the UM server
Registry and XML customizations
Message Tracking logs
2007 clusters have setup /recoverCMS that will restore cluster settings to a node

Primary Server Standby Server
Mailbox Database
Transaction Log 01
Transaction Log 02
Transaction Log 03
Transaction Log 04
Transaction Log 05
Mailbox Database
Transaction Log 01
Transaction Log 02
Transaction Log 03
Transaction Log 04
Transaction Log 05

Exchange Tools - Fundamentals

Exchange Tools – that I go back too
Relatively harmless tools
Dsadiag
– Test Exchange to AD connection
Dcdiag + NetDiag – Check AD functionality
Nltest
– Old school Trust Checking
Mdbvu32 + Outlook Spy + MFCMapi – Look at the raw database
Winroute
– Check active 2003 routing
Replmon – Public folder tool
ExTRA
– Best Practice Analyzer Family of tools
MPS_Reports
– Run a heap of tools
ExMerge – Ripe mailbox out of the Store
ExMon
– Check Client usage
PFdavAdmin – Permissions and PF stuff
ADModify
– Bulk Check and Change AD stuff
Escalation to the next level, and or a PSS call
Dangerous tools – Don’t touch these unless you must
Ntdsutil
– Exeutil for AD
Isinteg – Application level EDB tool
ADSIEdt + LDP – Muck with Raw AD
Eseutil
– Data level EDB tool

Exchange Maintenance Tools
W2K Support Tools tool
Used for diagnosing directory & binding problems
Where’d that GC go?
What GCs are actually up and answering queries?
See KB article Q279423 for details

Exchange Maintenance Tools
Windows Support tools tools
Used for Active Directory, DNS &
Domain troubleshooting
Is DNS configured correctly for AD
Are all of the FSMO roles present and reachable
Why can’t users log on?
Why am I seeing GC/DC errors in the event log?
What DCs or GCs are visible?
As opposed to the ones you think are visible
Check IP security policies
Check LDAP binding
Repair missing or busted Machine account

Exchange Maintenance Tools
W2K resource kit tool – Old
School but still useable
Used for Domain Trust troubleshooting
What domains does this server Trust
Which DC is being used in the trusted domain
Determine if a server set as a GC is really a GC

Exchange Maintenance Tools
Non-invasive MAPI mailbox viewer
Browse MAPI hierarchy
Allows you to manage mailbox rules and MTA queue messages
What’s all that crap in the system attendant mailbox?
What rules are in effect on a mailbox?
Delete bad items from the inbox
Outlook Spy is Third Party geared for the Developer
Kill Junk mail
Kill Rules

Exchange Maintenance Tools
Product CD tool = Winroute
Call PSS = Remonitor
Link state routing diagnostic tool
What routes are known to the routing engine?
Which ones are up? Which ones are down?
When was the last routing update?
Inject new routes, and or delete routes with out a restart

Exchange Maintenance Tools
W2K product CD tool
Replication monitor
When was the last update this server sent?
When was the last update received?
Why the $X#@! isn’t replication working?
AD was new in 2000 and 2003. Exchange was the first
App to really use AD. Exchange Admins had to be good at trouble shooting AD

Exchange Maintenance Tools
Exchange Trouble Shooter Family
ExBPA – Best Practice Analyzer
ExDRA – Disaster Recovery Assistant
ExDTA – Database Trouble Shooter
ExMFT – Mail Flow Trouble Shooter
ExPTA - Performance Trouble Shooter
Think of these tools as PSS and the Product group in a box

Exchange Maintenance Tools
PSS tool – download from Microsoft
MPS_Reports comes in flavors; Exchange, AD, SQL, and so on. Each Flavor checks different things
Run this tool when you cannot access a server it dumps a huge amount of information to a CAB file that someone can send you
Event logs
Netdiag + Dcdiag
Dumps GPOs
Runs ExBPA
ExDump
And more

Exchange Maintenance Tools
Download from Microsoft
Requires a MAPI install, so it is best to run from a Client
Used to Extract or place data in a mounted database
Need Send as and Receive as rights for the mailbox
Can Extract a single item from all mailbox – Think virus or Accidental carrier limiting email

Exchange Maintenance Tools
Download from Microsoft
Determine which users are killing a server, why, and where they live

Exchange Maintenance Tools
Download from Microsoft
Play with Permissions on Public
Folders
Export
View
Change
Bulk stuff
Push replication
Play with Permissions on
Forms Libraries
Recover Deleted Items in PF

Exchange Maintenance Tools
Download from Microsoft or CodePlex
Play with AD on at a Bulk Level
Select via LDAP query
Change heaps of settings
Check the Inherit Permissions
Check Box for everyone
This was cool until PowerShell
Came out
There are different versions that
Have different Powers

Other Tools
Notepad / Txtpad – Read Files and see what's in them
WinDiff – Compare two files and see what is different
CSVDE – Import and Export from AD via CSV
LDIFDE – Import and Export from AD via LDIF
DNSLint – Check some DNS issues (Rangers love this) https://www.testexchangeconnectivity.com/ - Test Outlook
JetStress – Test the Database, melt drives
DNSDiag – Like Netdiag, checks DNS
Telnet – Check if Ports are answering
PerfMon – Checkum big Perf Counters
Event Viewer – Start here please

Exchange Maintenance Tools
Which server is the schema master?
Which DCs are online?
Role passing & seizure
Defrag the AD database

Exchange Maintenance Tools
Exchange product CD tool
Verifies logical / application level structure of database
Mailboxes, folders, message structures
Brief digression about logical vs. physical
Generally safe to run
Always safe unless you use the “-fix” switch
Requires significant processing time
~ 4GB/hr processing rate
May require multiple passes
Some errors have prerequisites that have to be fixed first
It fixes more each time it is run up to a point

Exchange Maintenance Tools
When to run it
When Microsoft tells you to
After an offline restore
When you suspect logical database corruption
Opening a particular mailbox/message makes Outlook crash or die
Messages or folders disappear
Item counts are off
When you’re curious
But only on a non-production machine

Exchange Maintenance Tools
Windows Support tools
Use this When Microsoft or someone who's knows what they are doing tells you to, and holds your hand
There is no undo
Work with Raw object in AD
Delete – Could get you fired
Modify – Could get your fired
Read - Harmless
Write – Not safe
Verify
– Harmless

Exchange Maintenance Tools
Exchange product CD tool
Verifies physical structure of database
Pages, pointers, long values, LV tables
Has multiple modes
Some are safe:
/g: integrity check
/m: dumps various interesting bits
/k: page checksum verification
/y: copy

Some modes are semi-safe
/d does an offline defrag
Seldom necessary
Requires the DB to be dismounted
/r initiates recovery
Verifies DB for consistency
Plays back sequence of log files
Will either fail (DB untouched) or succeed (DB consistent)
Some are for emergency use only:
DATA LOSS
/createstm forces creation of a new, but matching,
STM file (2000 and 2003 only)
/p initiates a repair; missing or damaged pages may be truncated

Exchange Maintenance Tools
When Microsoft tells you to
When you suspect physical database corruption
Event ID -1018 or related
Database reported as inconsistent
Store crashes or refuses to mount a particular DB

Questions?