Link Active Directory and SBS Server management after a NDR attack.
Posted on 2005-04-12
One of my customers has a Windows 2003 SBS server. Problems occured when they had some form of attack on the server where it started to relay mail to 895 people 895 times!! One of the recipients was the main address of the customer@domain so this e-mail kept returning and the server was being a relay..
After stopping the SMTP & POP services, broadband came back up with an acceptable response time. However, on following the details as laid out in the Microsoft KB, we had to delete the mailstore which the customer had no problems with as they do not keep e-mails after they have been responded to and all information is held within their own business process software.
Here is the problem now.....
The users still show up in Server Management but there are no entries for them in Active Directory. Adding a new user through Server management is OK but all the settings that the users have are lost as we need to create a new computer for them. When they then login it is taking about 15 - 20 minutes.
The question that I have, is it going to be quicker and cleaner to perform a re-install of SBS after a full wipe of the server or are there any tools available to help us in getting this customer up and running quickly with minimum data loss?
How do we link the Active Directory so that the users appear in there with Exchange? If I try and add user Carol again into the AD, it states that she already exists but she does not appear!!
Help would be really appreciated on this one as I'm out of my depth here.