Restoring to an Exchange 2007 Based System
 		Previous Topic  Next Topic 

Restoring to an Exchange 2007 Message Store

NOTE: Restores into an Exchange 2007 based system cannot create new users in the directory - it can only bind to existing users based on the alias of the user from the backup.  Any users bound to an Exchange 2007 mailstore will have to exist as a user with a mailbox already in the directory BEFORE you do the DiRT restore.

Exchange 2007 does not natively support ExMerge tool which DiRT uses to migrate subscriber messages and Microsoft does not currently support it's use with Exchange 2007.  As such DiRT disables the message restore option if there are Exchange 2007 mailstores present.  There are known work arounds to make ExMerge work with Exchange 2007 but they are not supported and Cisco will not assist you with this or help you recover from any damage that may befall your system from their use.  You take complete responsibility for the consequences if you choose to go this route.

Before restoring from a backup, you must install the same, exact version of Unity you backed up from.  You need to install Unity and get it hooked up to the Exchange 55, 2K, 2K3, 2K7 or Domino server you want to use as the partner back end server.  This can be either on (in the case of Exchange) or off box and that Exchange or Domino version you were hooked to on the server you backed up from does not have to match the version on the new box youre restoring to.  

The Unity installation must be complete, clean and running before the restore will be allowed to run.  DiRT will not “iron out the wrinkles” on a bad or incomplete installation for you.  Unity must be running, must have no more than 10 subscribers and must have successfully synchronized with the directory during installation before DiRT will run.  If the DiRT restore detects ANY problems with the installation it will abort and not allow the restore to continue.  It is an extremely good idea to make sure Unity is taking calls and the SA is working etc… before doing the DiRT restore. The entire DiRT application depends on the system you do the restore on being clean and functional.  

Before restoring, please review the Restore prep and troubleshooting section for test procedures to complete BEFORE doing the restore. 

Here is the combination of permissions that the dirt user account requires to restore settings and subscriber messages. In this example, we will create a new user called “dirtuser”. It is highly recommended to create a new user to avoid inherited permissions that deny Exchange “receive as” and “send as” privileges. This page is not intended to be an extensive guide for Active Directory, Unity or Exchange 2007 privileges. 

The following set of permissions has been successfully tested for restoring subscriber messages to Exchange 2007:

Active Directory (AD) Permissions

  1. Create a user under the domain in the “Users” Organization Unit (OU) called “dirtuser” as a member of the default “Domain Users” group. 
  2. Add the “dirtuser” to the builtin “Server Operators” group. This gives the “dirtuser” permissions to login to the Unity and Exchange servers when the servers belong to a domain.

Unity Permissions

  1. Add the “dirtuser” as a member of the local “Administrators” group on the Unity server.
  2. Give the “dirtuser” SA privileges with the GrantUnityAccess tool. View the script used to create Unity mailboxes on the Exchange 2007 to identify the exact EAdmin account name.

 

GrantUnityAccess.exe -u "<domain name>\dirtuser" -s EAdmin3d40b  

 

Example: 

GrantUnityAccess.exe -u "xyz.com\dirtuser" -s EAdmin3d40b

 

Exchange 2007 Permissions

  1. Add the “dirtuser” as a member of the local “Administrators” group on the Exchange 2007 server.
  2. Give the “dirtuser” Exchange View-Only Administrator rights. 

 

Add-ExchangeAdministrator -Identity "dirtuser@<domain name>" -Role "ViewOnlyAdmin"

 

Example: 

Add-ExchangeAdministrator -Identity "dirtuser@xyz.com" -Role "ViewOnlyAdmin"

 

  1. Give the “dirtuser” Exchange 2007 “Receive As” privileges. 

 

Get-MailboxDatabase -Identity "<Exchange Server Name>\First Storage Group\Mailbox Database" | Add-ADPermission -User "dirtuser@<domain name>" -ExtendedRights "Receive As"

 

Example: 

Get-MailboxDatabase -Identity "ExchangeServer\First Storage Group\Mailbox Database" | Add-ADPermission -User "dirtuser@xyz.com" -ExtendedRights "Receive As"

 

  1. Give the “dirtuser” Exchange 2007 “Send As” privileges. 

 

Get-MailboxDatabase -Identity "<Exchange Server Name>\First Storage Group\Mailbox Database" | Add-ADPermission -User "dirtuser@<domain name>" -ExtendedRights "Send As"

 

Example: 

Get-MailboxDatabase -Identity "ExchangeServer\First Storage Group\Mailbox Database" | Add-ADPermission -User "dirtuser@xyz.com" -ExtendedRights "Send As"

 

 

Proceed with the restore instructions on the “Restore Procedure Overview” page at the “Once you have Unity up and running, launch the Unity Disaster Recovery Restore application.” step.

 

After the Unity configuration has been successfully restored, run the “Message Store Configuration Wizard” and “Services Configuration Wizard” from the Unity Tools Depot. This will sync any differences in the message store and service accounts that exist from the restore process. Reboot the Exchange 2007 server and test that the Unity integration remains stable.