Exchange Server 2010 Disaster Recovery using Active Directory System State Backup

In this blog we will be learning the steps on how to recover Exchange Server 2010 if the Server Object is missing from Active Directory.

The steps described in this article would benefit small business customers with 50-100 user mailboxes. Single Exchange Server and Single Active Directory Domain.

Valid Active Directory System State Backup
Working knowledge on Active Directory and Its Backup
Directory Service Restore Mode Password
Good Understanding of Authoritative and Non-Authoritative Restore Terminology

Single Exchange Server 2010 SP3
Single Active Directory Domain
Recovery will succeed only if the following conditions are met
1) Valid Active Directory Backup Exists and it was fully tested.
2) Configuration Objects for Exchange Server has been deleted accidently using ADSIEDIT.
2) Exchange Server is intact without any changes (Member Server).
3) Exchange Services are up.
4) Valid Exchange Database Copy as a precautionary step.

Lets Explore
Before Deletion

Figure 1: Clients Connected

Figure 2: Exchange Server 2010 is Online
After Deletions

Figure 3: Disconnected
In figure 3 the symptoms will show as Disconnected. As a first steps in troubleshooting we can start by looking at Exchange Services.

Figure 4: Services
In figure 4 one of the key important service for client connectivity “Microsoft Exchange Address Book” Service is stopped. When you try to start it will fail. Although other services are up and running. Some serious issues from Active Directory end.

Figure 5: EMC Error

Figure 6: EMS Error
In figure 6 EMS error clearly states that the server is missing and it says “Enter the server FQDN where you want to connect”.

Looking at the above error. It is obvious that some deletions has took place from Active Directory End. Lets see how to get the server back.

Please Note : The scenario is for Single Site with Single Exchange Server and Active Directory.
For restoring the backup I have used Windows Server Backup Feature.

Permission Required
The account must be a member of Domain Admins and Enterprise Admin

Login in to the Domain Controller and go to Start > Run > and type Msconfig as shown below.
Figure 7: msconfig

Figure 8: System Configuration
We have to boot the DC in Safe Boot “Active Directory Repair” mode.

Figure 9: Restart

Figure 10: DSRM Login
In figure 10 we are logging in with DSRM logging. Since it is a DC. Once recovery is completed we have to revert it to normal logging.

Figure 11: Windows Server Backup
In figure 11 we have two backups. We can select the latest one for minimal impact on end users as well as on server. Select Recover.

Figure 12: Getting Started

Figure 13: Available Backups

Figure 14: Recovery Type

Figure 15: Select Location
In figure 15 Original Location was selected since it’s a single DC. Also Non-Authoritative Restore option was selected.

Figure 16: Warning Alert

Figure 17: Select Automatically Reboot

Figure 18: Warning

Figure 19: Recovery Progress

The server will reboot automatically. Please follow instructions for logging in as shown in figure 10 above.

Figure 20: Successfully Completed

Now that the restore is completed time to login to the DC in normal mode. Please follow instructions to disable Safe Boot mode as shown in figure 7 and 8. The system will be rebooted. Post which login with Domain Admin Credentials.
Post logging in. Open ADSI Edit.msc tool as shown below.

Figure 21: ADSI Edit
Now that we are able to see Exchange Server Object. Its time to reboot the Exchange Server Box.

Figure 22: Exchange Services are up

Figure 23: EMC Opened

Figure 24: EMS Opened

And Finally Clients are Connected
Figure 25: Clients Showing Connected

Conclusion: System State backup plays an Important role. It is very important to perform a thorough check on System State Backup of a DC on a regular interval.

I hope it was helpful. Do share your thoughts or any comments and we will be more than glad to respond.


