There are few viable organizations that don’t back up their Exchange databases. The total loss of an email system and all the corporate knowledge it contains is at best a catastrophe for any organization. Everyone will agree that if you are using on-premise or private cloud Exchange servers for your business, the databases must be backed up. Most IT pros know there are dozens if not hundreds of Exchange backup tools and solutions, and the cost and complexity factors can run quite high.
While the main purpose of Exchange backup is to enable server, storage, and datacenter disaster recovery (DR) scenarios, a common and routine request of Exchange admins is to restore an individual mailbox. Microsoft does not provide a native and fully automated way to granularly restore a single mailbox from an Exchange database backup. This feature can be a make-or-break decision for Exchange admins when selecting a backup solution. Some good news is that a combination of native Exchange 2010 PowerShell commands and Microsoft System Center Data Protection Manager 2010 (DPM) can achieve mailbox-level recovery with surprising ease.
Without the ability to restore an individual mailbox, it is necessary to first restore an entire Exchange database, and then extract the desired mailbox from the recovered database. Having your Exchange 2010 recovery database folders pre-staged, and customizing the following steps for your environment can reduce the time needed to perform individual mailbox restores to a manageable level. Mailbox recovery using native Exchange 2010 and DPM 2010 features is a fairly straightforward process. Here are some proven steps to deliver a recovered mailbox to a user in the form of a PST file.
User John Smith reports he accidentally force-deleted some emails out of his mailbox, and he needs the data back. After confirming that deleted item recovery is not available to the user with Outlook, complete these steps and afterwards instruct the user to add the PST as a Data File to his Outlook profile. The entire contents of the recovered mailbox will be in a folder named “Recovery” inside that PST, and the user can browse to the PST and copy and paste the missing emails back into their normal mailbox.
1. Using Exchange Management Console, find out which mailbox server the database of the current mailbox is on, for example, “John Smith” mailbox is in database DB01 on mailbox server MAILBOX01.
2. Create a new temporary user with “(Recovered)” in the user name, with the mailbox located in the same database. “John Smith (Recovered)” in DB01 in this example.
3. Activate a recovery database on that mailbox server, MAILBOX01 in this example, by running this Exchange PowerShell cmdlet:
New-MailboxDatabase -Recovery -Name RDB1 -Server MAILBOX01 -EdbFilePath "C:\mountpoints\rdb1-db\RDB1-DB.ebd" -LogFolderPath "C:\mountpoints\rdb1-log"
Tip: Prepare two pairs of recovery database storage folders for each mailbox server. A recovery database named RDB1 might have storage folders pre-staged, such as C:\mountpoints\rdb1-db and C:\mountpoints\rdb1-log. MAILBOX01 would have an RDB1 and an RDB2 prepared, each with a database and a log folder pre-created and ready to restore into.
4. Perform the mailbox restore operation in the DPM console.
- Navigate to the Recovery space, then browse in the left pane to select the Exchange server name where the database replica resides (DB01 in this example). If you are using Exchange 2010 high-availability Database Availability Groups (DAGs), the replica will be listed in DPM under a mailbox server running a standby database copy, not the primary server where you created the recovery mailbox.
Figure A - Selecting to recover an Exchange 2010 mailbox with DPM 2010
- See in the screenshot of the DPM console (Figure A) that DPM will recover the mailbox from the standby copy backed up from mailbox server MAILBOX02.
- Select the recovery date and time from the calendar portion of the display. Locate the user mailbox in the Recoverable Item area, right click, and select Recover.
- Choose to recover to an Exchange Server database, and type the name of the server and recovery database that are prepared for the restore, such as MAILBOX01 and RDB1.
- Click through to complete the wizard and start the restore job.
5. When the DPM job is complete, run the following Exchange Powershell cmdlet to migrate the recovered mailbox content to the recovery user mailbox in a folder named “Recovery”:
Restore-Mailbox -Identity 'John Smith (Recovered)' -RecoveryDatabase RDB1 -RecoveryMailbox 'John Smith' -TargetFolder Recovery
6. Next, extract the contents of the recovery mailbox to a PST folder to deliver to the user by running the following Exchange Powershell cmdlet:
New-MailboxExportRequest -Mailbox JohnSmithRecovered -FilePath \\MAILBOX01\RECOVERED.PST$\JohnSmith.Recovered.pst
Tip: Pre-create the shared folder that will contain the PST file, RECOVERED.PST$ in this example. The folder needs to grant full access to the Exchange Trusted Subsystem group.
7. Deliver the PST file to the user, and delete the Active Directory account and mailbox of the temporary user “John Smith (Recovered)” in this example.
8. Finally, remove the recovery database created for this restore job by running the following Exchange Powershell cmdlet:
Remove-MailboxDatabase -Identity RDB1
There will still be files in the recovery database and log folders (C:\mountpoints\rdb1-db, etc. in this example). The contents of these folders must be manually deleted before you can use those folders in the next recovery job.