By Ace Fekay
MCT, MVP, MCSE 2012/Cloud, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & 2010, Exchange 2010 Enterprise Administrator, MCSE 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP: Directory Services
Active Directory, Exchange and Windows Infrastructure Engineer & Janitor
Hey everyone, Ace here again. Here’s an interesting issue I came across when an administrator, while using ADSI Edit, deleted one of their Exchange 2010 servers from the Exchange Organization in AD’s Configuration Container. Of course, it was not intentional, so I didn’t even ask why or how, but I was told that they were working on something else in ADSI Edit, and the administrator unintentionally deleted the Exchange server object. And as we all know, there is no “Undelete” button in ADSI Edit.
Before I went about trying to perform an Authoritative Restore with AD, I figured I would try to use the AD Recycle Bin to recover the object. However, I knew it wouldn’t be there, because it was never deleted from ADUC Computer Container, rather it was deleted from the Exchange Organization. But I did it just to show how to do it, and to illustrate the differences in the object’s locations and significance.
What I did was is re-animated the deleted server using ADSI Edit. I used a lab machine to test it before attempted to try it on their production system.
Before I performed a test delete in my lab
Here are the three Exchange Servers, Van-EX1, Van-EX2, and Van-EX3, showing in the ADUC’s Computers Container:
Here’s VAN-EX3 in ADSI Edit and its attributes. This is what it’s supposed to look like.
Looking further into the server object attributes in ADUC Advanced View, Attribute Editor, it shows the server’s ObjectSID:
Here’s where I deleted VAN-EX3 in ADSI Edit:
The delete warning message:
And the second delete warning message. Apparently ADSI Edit, the tool that doesn’t have an Undelete” button, wants to make sure that you want to delete it. I think it’s good that it asks twice:
VAN-EX3 has now been deleted from the Exchange Organization section in the Configuration Container:
However, as you an see in ADUC, it still shows VAN-EX3. That’s because we didn’t delete it from AD, rather it was deleted from the Configuration Container.
As you can see here, Exchange’s services still show that they’re still running.
Trying to find the deleted object in the Recycle Bin using LDP
Here’s where I looked for the Exchange object in the Recycle Bin using LDP. However, since the Exchange computer object still exists in AD, rather it was deleted from the Organization. I knew it won’t be in the Recycle Bin, because it wasn’t really deleted from AD.
These steps were more to show everyone the differences between a deleted computer object, that would show up here, and an Exchange server deleted from the Organization.
Click Connection, then Bind:
We’re binding using default values, meaning it will use the currently logged on domain administrator account.
In LDP, click Options, then Controls:
In the Load Predefined drop-down box, I chose to “Return Deleted Objects:”
As you can see, Return Deleted Objects chosen in the drop-down box:
Under Tree View, for the base DN, I typed in cn=deleted objects,dc=adatum,dc-com. As you can see, nothing showed up. So VAN-EX3 is not in the Recycle Bin.
Recreating VAN-EX3 in the Exchange Organization in the Configuration Container
I drilled down into the Exchange Organization in the Configuration Container, CN=Exchange Administrative Group (FYDIBOHF23SPDLT), CN=Servers. Then I right-clicked CN=Servers, New, Object.
By the way, not to get off topic, but if you’re wondering how the Exchange team came up with that Administrative Group name, “(FYDIBOHF23SPDLT),” click here.
Once the server object has been created, now we need to create the necessary Exchange server object containers under the server object we created. What helps is that the attributes are still in AD:
For “Select a Class” dialog box, scroll down and select msExchServersContainer
For the Value field, type in VAN-EX3:
Now we must create the Exchange Information Store container. Right-click, New, choose Object:
In the Select a Class dialog box, choose msExchInformationStore:
Type “Information Store” in the Value field:
The values appear correct so far. If you double-click on the CN=Information Store object, scroll down, you can see the DN value is correct (sorry, I didn’t screenshot that part):
Now let’s create the MTA. Same deal as above, in the Select a Class dialog box, right-click, New, scroll down and choose mTA:
Type in Microsoft MTA:
To get the time out and other values it’s asking, I opened another instance of ADSI Edit, and looked at the values for one of the other existing Exchange Servers:
The transRetryMins value of 5 that I populated, which I found from the other Exchange server:
The last attribute, which of course is the server’s name:
Now we must create the Microsoft System Attendant object for VAN-EX3 by right-clicking Van-Ex3, new, choose Object, and in the Select a Class dialog box, scroll down and select exchangeAdminService:
For the CN value, type in Microsoft System Attendant:
Scroll down in the Attribute Editor to deliveryMechanism, set it to 0 (zero):
Now test logging on with a mailbox that exists in VAN-EX3, and try to send and receive an email. You should find that it works perfectly.
Point of the story: Be careful what you do in ADSI Edit.
Suggestions, Comments, Corrections are welcomed.