Exchange Server 2003 Mailbox Recovery Using Recovery Storage Groups, NTBackup and Exmerge

OK, this is my quick-n-dirty guide to recovering a mailbox from an Exchange 2003 system. I'll tidy it up later.

• Download Exmerge from Microsoft


• Follow the instructions in MSKB 292509 to create a group that will allow the Administrator account to read/write mailbox data


• Open Exchange System Manager, expand Servers. Right-click on <server name> under Servers. Select New > Recovery Storage Group...


• Enter in a name for the RSG and also the file locations. The defaults are fine. Click OK


• Right-click on the Recovery Storage Group object.


• Choose Add Databases to Recover…


• Highlight the Mailbox Store (the one to be restored).


• Enable This Database can be overwritten by a restore


• Run NTBackup, select Restore and Manage Media, find the correct media, expand the Exchange Information Store and select Logs and Mailbox Store.


• Click Start Restore, Restore to <server name>, and set the Temporary location to the file location used to create the Recovery Storage Group. Enable Last Restore Set.


• After the database has been restored, mount the Recovery Storage Group database using Exchange Server Manager.


• Run Exmerge and select Extract or Import (Two Step Procedure).


• Select Step 1.


• Enter in <server name> for Exchange Server Name.


• Select Recovery Storage Group database.


• Select Mailbox to recover.


• Select Folder location to save .PST files to.


• Start ExMerge, click Next


• Choose Extract or Import (Two Step Procedure)


• Pick Step 2: Import data into an Exchange Server Mailbox


• Again type the name of your Exchange server then click Next


• Mark the mailboxes you want to merge, click Next twice


• Specify where the .PST files should be merged from and click Next


• Check mailbox data, then Dismount RSG database and remove files from the RSG file location


• You're done!

Understanding Group Policy

I had a client that wanted to add network printers and set a default printer on a set of computers regardless of who logged into the computer.
I found out that Group Policy has a Loopback mode that allows User Configuration to either be Merged or Replaced. This is done by enabling Loopback mode in the Computer Configuration and selecting Replace or Merge mode. The User Configuration settings in the same GPO are then applied based on the computer, rather than the user.
I then had some problems applying the GPO to a set of computers. If I only included the necessary computers in Security Filtering, the user was then denied access to the User Configuration settings. If I added Authenticated Users to the Security Filtering, the GPO was applied to everyone on all computers!
I then worked out that I misunderstood the membership of Authenticated Users. This contains all the computer accounts as well as all users.
I resolved the GPO problem by including the set of computers on which the script needed to run and also including the Domain Users group. The GPO was then only applied on the required set of computers.
So, Authenticated Users is really authenticated users and computers - a pity you can't easily see the membership of this group!