Please allow me to offer you condolences and to assure you that most of us have done that ourselves. The lucky among us learned our lessons in a lab but rest assured that many of us have done this in production.
I believe the answer is to restore the Exchange Directory, i.e., roll it back to the state before the deletions, and then the databases. Before doing that, change the ADC CAs so that they don't do deletions. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Geni Sent: Friday, January 20, 2006 5:37 PM To: Exchange Discussions Subject: World-class I-D-ten-T on my part... Well, I just pulled a world-class screwup. A little background: I did an in-place migration of Exchange, bringing up a new Ex2K3SP2 server and running ADC to make connection agreements to my other domains (unfortunately, I still have about 28 domains - believe me, domain consolidation is my next project). I then moved user mailboxes to the new server. That's been working quite well, EXCEPT: When I ran the ADC, I'd only just upgraded three of my domains to Active Directory (Win2K3 from NT4). The ADC didn't convert those accounts properly. The users in those three domains were stuck in a bizarro state; their logon accounts worked just fine, but showed no Exchange properties (no matter how many times I ran domainprep). The ADC created disabled ADC_<gobbledegook> accounts for all of them in an OU that I specified in my root domain (where my Exchange servers reside). Those accounts had the users' Exchange properties. If you looked in Ex5.5 Admin, though, the mailboxes still pointed to the correct domain/account. ADUC showed something entirely different. The users never knew there was a problem. I've been trying to fix this since New Year's. Well, to make a long story short, don't frigging ask me why, but today I took it into my head that it'd be a good idea to delete the OU containing those disabled user accounts. Immediately, all the users' mailboxes went bye-bye. Well, I've spent most of the day trying Active Directory recovery scenarios to recover that deleted OU and/or the deleted disabled user accounts. I did finally manage to restore the accounts via ldp.exe. Yuck. (It's about 75 users all told.) Trouble is, all their mailboxes are empty. Now, before I build a recovery server and exmerge their mailboxes from my backups, is there any better way anyone can think of for me to actually recover their mailbox data? And what's going to happen if I start the directory service on the recovery server? The last thing I want is to have to restore those frigging deleted accounts again. Obviously, the users have lost all their distribution group memberships, too. That, right now, is the least of my worries. Let the lesson be, no matter how good your backups may be, they aren't as good as you think they are. And don't delete OUs! I shall now go drink heavily. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
