CoderNotIT
asked on
How to recover AD and Exchange data
SBS 2003 on RAID 10.. Had a catastrophic loss of registry hive with no backups. Chkdisk and bootfix no help. Would not boot. The \windows\system32\config directory is gone. No images in \windows\repair. But successfully installed Server 2003 on a standalone HD. Can mount original C drive and access directories with user shares and Exchange store. It looks like a complete re-install is required. Don't know what happened. Maybe write cache enabled and had a glitch, but it was on a UPS.
Anyway, if I copy the Exchange files off to a CD, after re-installing SBS, can I (how do i) hook up a fresh install of Exchange to the existing store? Any way to recover AD and users/computers?
Any other ideas on repair? The installer won't install over the existing Windows installation because it says it's corrupted.
Anyway, if I copy the Exchange files off to a CD, after re-installing SBS, can I (how do i) hook up a fresh install of Exchange to the existing store? Any way to recover AD and users/computers?
Any other ideas on repair? The installer won't install over the existing Windows installation because it says it's corrupted.
Follow this KB article to restore Exchange after you've rinstalled the OS:
http://support.microsoft.com/kb/313184
The fact that you say you installed Server 2003 on a "standalone HD" has me worried though. Is that HD actually installed in the same machine? Because SBS does not react well to multiple-boot situations. To access data on the crashed SBS you would be much better off running a boot CD such as www.ubcd4win.com 's version of BartPE.
Jeff
TechSoEasy
http://support.microsoft.com/kb/313184
The fact that you say you installed Server 2003 on a "standalone HD" has me worried though. Is that HD actually installed in the same machine? Because SBS does not react well to multiple-boot situations. To access data on the crashed SBS you would be much better off running a boot CD such as www.ubcd4win.com 's version of BartPE.
Jeff
TechSoEasy
ASKER
By standalone HD, I meant not in the RAID group. Yes, it is in the box, but is only temporary. I just installed Windows on this HD to get access to the filesystem to retrieve important files.
Now that I've thought about it, restoring AD is not that important because there are only about a dozen users and as many computers. I can recreate the AD environment pretty quickly. Only concern is if there are different user IDs or something is it going to create a problem with Exchange.
But getting the Exchange data is the most important thing I need to do. It doesn't matter how much work, I have to try to get it done. Can you elaborate on the steps and the software needed?
Now that I've thought about it, restoring AD is not that important because there are only about a dozen users and as many computers. I can recreate the AD environment pretty quickly. Only concern is if there are different user IDs or something is it going to create a problem with Exchange.
But getting the Exchange data is the most important thing I need to do. It doesn't matter how much work, I have to try to get it done. Can you elaborate on the steps and the software needed?
Hi again
Check this link
http://pcwin.com/Internet/Recovery_for_Exchange_Server/index.htm
Robert Lundqvist
Small Business Specialist
Sweden
Check this link
http://pcwin.com/Internet/Recovery_for_Exchange_Server/index.htm
Robert Lundqvist
Small Business Specialist
Sweden
I've already provided you with the how-to for restoring Exchange data. As described in the KB Article, you will need the following files:
" Priv1.edb
" Priv1.stm
" Pub1.edb
" Pub1.stm
Also, you will want to make sure that when you reinstall that you use the same domain name and server name to make it easier to restore the Exchange Database. Make sure that you also remove the workstations from the current domain and then re-add them using http://<servername>/connectcomput
Jeff
TechSoEasy
" Priv1.edb
" Priv1.stm
" Pub1.edb
" Pub1.stm
Also, you will want to make sure that when you reinstall that you use the same domain name and server name to make it easier to restore the Exchange Database. Make sure that you also remove the workstations from the current domain and then re-add them using http://<servername>/connectcomput
Jeff
TechSoEasy
One other thing... remove that other drive before reinstalling because the boot sector needs to really be wherever your SBS system drive is. And as I stated above, SBS doesn't really want to be on a dual-boot machine.
Jeff
TechSoEasy
Jeff
TechSoEasy
If I were you I'd ring Microsoft PSS at this point and see what solutions they can offer, there may be easier ways out of this. For instance on a Windows XP PC you could now boot off the Windows CD and install XP on top of the existing installation, which would maintain the filesystem and effectively install a clean version of the CONFIG hive (but would leave the other hives intact). This could well be possible with SBS and in theory your AD and Exchange info is seperate to the registry (within reason), so this may get you back up and going to the point where you could maybe swing the installation onto a clean SBS install.
I'd suggest you try this install-over-the-top but it's probably a bit risky unless you get a disk image of the dead server first.
I'd suggest you try this install-over-the-top but it's probably a bit risky unless you get a disk image of the dead server first.
This is one good reason to run an NTBACKUP of the System State every now and then, even if you delete the backups it creates. Those images you were looking for in Windows\Repair are created when NTBACKUP does its System State backup. Just something for future reference.
Zenith63... that is NOT possible with SBS. Servers (and especially SBS) are VERY different with regards to disaster recovery than Windows XP. Especially since CoderNotIT already stated "The installer won't install over the existing Windows installation because it says it's corrupted."
If you haven't worked with SBS much, please do take the time to fully understand the complexity of SBS's functionality and why it would be vastly different than Windows XP.
But I can tell you from experience that it would not be a better solution than just extracting the four files I listed above and following KB313184. That process will remount the original Exchange database in a Recovery Store and then the mailboxes can be restored.
This reminds me though, that Exchange needs to be installed on the new SBS with the /disasterrecovery switch for this to work (and it's not totally clear in the KB article). Since Exchange is installed during the initial installation, Exchange Setup will just need to be rerun once the full SBS is up and CoderNotIT is ready to restore the database. All current Exchange Service Packs must also be applied before the DB's will restore.
It really is too bad that they didn't run the SBS Backup wizard to configure the backup. By default, this would have included the system state.
Jeff
TechSoEasy
If you haven't worked with SBS much, please do take the time to fully understand the complexity of SBS's functionality and why it would be vastly different than Windows XP.
But I can tell you from experience that it would not be a better solution than just extracting the four files I listed above and following KB313184. That process will remount the original Exchange database in a Recovery Store and then the mailboxes can be restored.
This reminds me though, that Exchange needs to be installed on the new SBS with the /disasterrecovery switch for this to work (and it's not totally clear in the KB article). Since Exchange is installed during the initial installation, Exchange Setup will just need to be rerun once the full SBS is up and CoderNotIT is ready to restore the database. All current Exchange Service Packs must also be applied before the DB's will restore.
It really is too bad that they didn't run the SBS Backup wizard to configure the backup. By default, this would have included the system state.
Jeff
TechSoEasy
I fully agree with Jeff
It´s to bad that alot of proffesionals doesn´t know SBS.
Why all these wizards and what they do.
You can make some things easier but not without knowing SBS.
Robert Lundqvist
Small Business Specialist
Sweden
It´s to bad that alot of proffesionals doesn´t know SBS.
Why all these wizards and what they do.
You can make some things easier but not without knowing SBS.
Robert Lundqvist
Small Business Specialist
Sweden
ASKER
Here's an update...When the new install of W2K3 Server on the added-on hard drive booted up after I installed the RAID drivers, it recognized the problems with the old C drive (currently E) and corrected and recovered a lot of files. After that, the files were back in the config and repair directories. I was hopeful it would just boot, but it still complained that the system file was corrupt. I tried renaming it and copying the one from the repair directory onto config, which worked, but is the same as starting from scratch... So at least now it booted and I could run a "repair install" So it looks like I'm rebuilding this thing...but at least I have the exchange data and other important data that was on a share.
I ran the repair install up to Windows being installed and wanting to go on doing the SBS config stuff. I think I'd better take the system back down to the business before I do that. My plan is to install the 5 components of SBS SP1. Should I run the SPs for SP1 before continuing with SBS setup or after?
I'm packing it all up and heading down to there. Great way to spend a Sunday afternoon -- not.
(By the way TechSoEasy, I will remove the extra drive -- I never booted SBS with it connected -- but it did help me get at and repair the file system on the RAID.)
I ran the repair install up to Windows being installed and wanting to go on doing the SBS config stuff. I think I'd better take the system back down to the business before I do that. My plan is to install the 5 components of SBS SP1. Should I run the SPs for SP1 before continuing with SBS setup or after?
I'm packing it all up and heading down to there. Great way to spend a Sunday afternoon -- not.
(By the way TechSoEasy, I will remove the extra drive -- I never booted SBS with it connected -- but it did help me get at and repair the file system on the RAID.)
Hi
Install SBS before SP´s
Robert Lundqvist
Small Business Specialist
Sweden
Install SBS before SP´s
Robert Lundqvist
Small Business Specialist
Sweden
"but it did help me get at and repair the file system on the RAID"
This statement, and most everything in your first paragraph is based on false premises. If a secondary Windows Server 2003 installation "repaired" the file system, it made it part of that OS's Master File Table, not the SBS's. You cannot repair an operating systems file structure by installing a second OS on the same machine. So, I'm sorry to say you have fooled yourself into thinking that you were making progress.
And again, I'm sorry to say, your second paragraph is a totally flawed plan. You really need to do a complete FRESH install on reformatted drives. If this is a Dell PowerEdge then you can do this by inserting the Dell Server Assistant CD to begin the reinstallation. The Server assistant will rebuild your RAID and propt you for the SBS install CD to continue on. If it's not a Dell server, then you should rebuild your RAID with the appropriate methods for that machine.
By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation.
Jeff
TechSoEasy
This statement, and most everything in your first paragraph is based on false premises. If a secondary Windows Server 2003 installation "repaired" the file system, it made it part of that OS's Master File Table, not the SBS's. You cannot repair an operating systems file structure by installing a second OS on the same machine. So, I'm sorry to say you have fooled yourself into thinking that you were making progress.
And again, I'm sorry to say, your second paragraph is a totally flawed plan. You really need to do a complete FRESH install on reformatted drives. If this is a Dell PowerEdge then you can do this by inserting the Dell Server Assistant CD to begin the reinstallation. The Server assistant will rebuild your RAID and propt you for the SBS install CD to continue on. If it's not a Dell server, then you should rebuild your RAID with the appropriate methods for that machine.
By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation.
Jeff
TechSoEasy
ASKER
Installing the SBS components now...
After I re-install SBS and the SP1 stuff-- and then hopefully can restore the Exchange store, can I install Windows Server SP2? Are there any issues with this? I that the right time to do it?
After I re-install SBS and the SP1 stuff-- and then hopefully can restore the Exchange store, can I install Windows Server SP2? Are there any issues with this? I that the right time to do it?
I definitely would NOT even think about installing Windows Server SP2 until you are FULLY confident that everything is back in working order. Including your workstations.... don't forget that you must remove them from the old domain (even though it's the same name) You should do that now while the server is installing.
SP2 does have a number of issues. But you should install it. Wait a few days at least though to make sure there aren't any problems with what you've done so far. The full list of SP2 on SBS documentation and issues can be found at http://sbsurl.com/sp2
Jeff
TechSoEasy
SP2 does have a number of issues. But you should install it. Wait a few days at least though to make sure there aren't any problems with what you've done so far. The full list of SP2 on SBS documentation and issues can be found at http://sbsurl.com/sp2
Jeff
TechSoEasy
ASKER
Well, I don't think I really got a clean install (I started by doing a repair install) so may have had remaining damaged files. I got to a wizard screen that later seemed like it might be the final screen. The first time there, it complained about two items 1) AD didn't install correctly -- told me to open AD and create a test user to see if worked. It did. 2) It also complained about one of the "tools" not being able to install all of its files properly -- i googled it and it seemed that had to do with the Fax service -- which I should not have installed. Next time through I chose to remove the fax services. At this point I think I installed the first component of SP1 (which is Windows Server SP1) to see if it would help it run cleanly (figuring I'm looking at a fresh format/reinstall anyway). After that, it ran cleanly to that wizard dialog which this time did not list any problems -- but it also didn't have the Finish button enabled....all I could do was cancel. It seemed like everything was installed, but no kind of success or congratulations message. I don't know if that was a failure or if there are wizard pages after that one if it gets through it correctly. Also, when you go to reboot for some reason it gets stuck on "Windows is shutting down" for about 10 minutes each time.-- I'm skeptical it is clean.
But I had to leave. I'll try again tomorrow.
But I had to leave. I'll try again tomorrow.
I cannot stress enough how important it is for you to get a proper installation from the start. When you are so close to the initial installation, when you get errors like that it is ALWAYS a better option to start over again. That may take you a couple of hours, but could possibly save the company untold amounts of time and money over the life span of the server.
SBS installations do not spit out errors under normal circumstances. You should expect them to be error free. So if there's something causing the errors, you need to resolve that before proceeding. Additionally, I don't know if you did the above before you had a chance to read my post above, but I'll repeat it here for good measure:
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
What do I mean by that? DO NOT INSTALL WINDOWS SERVER SP1 to see if it will help things. IT WON'T! In fact, it will cause significant harm to your installation.
Small Business Server uses a UNIFIED Installation Package that coordinates all of the various server components so that they will be able to operate together once installed. The scripts which make all of this happen were written before Service Pack 1 existed, so they are unaware of how to deal with the various changes made to the core system by SP1. This is why you MUST complete the release version installation before doing any sort of updating. The items on the To-Do list are all part of installation, so you must complete those as well. Only AFTER you have a fully operational server and have tested network connectivity should you start doing the updating.
The "Windows is shutting down" delay is caused by Exchange and/or networking not being connected to anything.
Sometimes, when you are first doing an install and need to reboot for some reason, if you disable the Exchange Services first, it'll reboot quickly. The problem should go away once the server installation and configuration is complete.
Jeff
TechSoEasy
SBS installations do not spit out errors under normal circumstances. You should expect them to be error free. So if there's something causing the errors, you need to resolve that before proceeding. Additionally, I don't know if you did the above before you had a chance to read my post above, but I'll repeat it here for good measure:
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
"By all means, do NOT install ANY Service Pack, update or patch until you have FULLY completed the To-Do list portion of the SBS Installation."
What do I mean by that? DO NOT INSTALL WINDOWS SERVER SP1 to see if it will help things. IT WON'T! In fact, it will cause significant harm to your installation.
Small Business Server uses a UNIFIED Installation Package that coordinates all of the various server components so that they will be able to operate together once installed. The scripts which make all of this happen were written before Service Pack 1 existed, so they are unaware of how to deal with the various changes made to the core system by SP1. This is why you MUST complete the release version installation before doing any sort of updating. The items on the To-Do list are all part of installation, so you must complete those as well. Only AFTER you have a fully operational server and have tested network connectivity should you start doing the updating.
The "Windows is shutting down" delay is caused by Exchange and/or networking not being connected to anything.
Sometimes, when you are first doing an install and need to reboot for some reason, if you disable the Exchange Services first, it'll reboot quickly. The problem should go away once the server installation and configuration is complete.
Jeff
TechSoEasy
P. S. "I'm skeptical it is clean."
If you did not start out by REFORMATTING the disk drives including the one with that Windows Server 2003 Install (or at least removing that drive) then you did not do a clean install.
Jeff
TechSoEasy
If you did not start out by REFORMATTING the disk drives including the one with that Windows Server 2003 Install (or at least removing that drive) then you did not do a clean install.
Jeff
TechSoEasy
ASKER
OK Jeff. I'll do a clean reformat from scratch install tomorrow (and apply no upgrades). (I removed the disk with WS2K3 on it.) I won't be able to start it until about 4Pm PDT so it will be a long day tomorrow.
One thing that I think may be slightly non-standard about my install is that this SBS is not the gateway for my internal network. I have a SonicWall hardware firewall, a separate W2K3 public web server and a separate W2k3 database server. Today I just disabled the second network interface on the SBS server and it didn't seem to mind that it had only one interface. Today, when the Windows re-install was complete -- but before I started the SBS install -- I set the single static internal IP address address on the network interface and set the gateway to the SonicWall and set in my ISPs DNS servers. The SBS install didn't seem to mind any of that at all.
Right now my web server is not on my SonicWall's DMZ/Opt port -- it is just on the internal LAN and ports 80 and 443 routed to it. I'm thinking about configuring the public IF on SBS to another non-routable subnet so I can route 443 traffic to it and use OWA -- which I cannot use right now because all 443 traffic goes to my web server. Do you think I would be foolish to not do this right now when I'm down anyway?
-Rick
CoderNotIT
One thing that I think may be slightly non-standard about my install is that this SBS is not the gateway for my internal network. I have a SonicWall hardware firewall, a separate W2K3 public web server and a separate W2k3 database server. Today I just disabled the second network interface on the SBS server and it didn't seem to mind that it had only one interface. Today, when the Windows re-install was complete -- but before I started the SBS install -- I set the single static internal IP address address on the network interface and set the gateway to the SonicWall and set in my ISPs DNS servers. The SBS install didn't seem to mind any of that at all.
Right now my web server is not on my SonicWall's DMZ/Opt port -- it is just on the internal LAN and ports 80 and 443 routed to it. I'm thinking about configuring the public IF on SBS to another non-routable subnet so I can route 443 traffic to it and use OWA -- which I cannot use right now because all 443 traffic goes to my web server. Do you think I would be foolish to not do this right now when I'm down anyway?
-Rick
CoderNotIT
Rick
Not having the SBS as the gateway is fine which is how a SINGLE NIC configuration would be done. In fact, with a SonicWall in the mix, you MUST use only ONE NIC on your SBS. The configuration is described in http://sbsurl.com/msicw. So all of that is just fine.
However, you cannot segment off 443 traffic that is comming in on the same IP Address. If you want 443 traffic to go to both your Web Server AND the SBS you need two public IP Addresses. That's part of the security design behind SSL and cannot be worked around. Having a second IP is generally the way to go.
Where are you located? Because most Business Class DSL lines come with 5 IP's anyhow. (If you're within the service area of www.sonic.net, I'd recommend you take a look. Their prices, service and line quality are great and I use them for all my local clients). If you're running a public web server you need to be using a business class connection.
And, just so you're not discouraged... most of us that have been working in the SBS Community for some time have the opinion that it takes THREE times to install your first SBS. (mine took me FOUR times) There's a great blog post that describes this here:
http://msmvps.com/blogs/kwsupport/archive/2006/08/17/107981.aspx
Jeff
TechSoEasy
Not having the SBS as the gateway is fine which is how a SINGLE NIC configuration would be done. In fact, with a SonicWall in the mix, you MUST use only ONE NIC on your SBS. The configuration is described in http://sbsurl.com/msicw. So all of that is just fine.
However, you cannot segment off 443 traffic that is comming in on the same IP Address. If you want 443 traffic to go to both your Web Server AND the SBS you need two public IP Addresses. That's part of the security design behind SSL and cannot be worked around. Having a second IP is generally the way to go.
Where are you located? Because most Business Class DSL lines come with 5 IP's anyhow. (If you're within the service area of www.sonic.net, I'd recommend you take a look. Their prices, service and line quality are great and I use them for all my local clients). If you're running a public web server you need to be using a business class connection.
And, just so you're not discouraged... most of us that have been working in the SBS Community for some time have the opinion that it takes THREE times to install your first SBS. (mine took me FOUR times) There's a great blog post that describes this here:
http://msmvps.com/blogs/kwsupport/archive/2006/08/17/107981.aspx
Jeff
TechSoEasy
P. S. Sorry if I sounded a bit tyrannical in my comments above. But I am very aware of the inadequate level of communication provided by forums, email and instant messaging (especially if you've been at a project like this for an extended period of time with little rest) and just wanted to make sure that we understood each other so you wouldn't waste any more of your time heading down a wrong path.
Jeff
TechSoEasy
Jeff
TechSoEasy
Apologies, I wasn't aware this wasn't a possibility with SBS. Though my point was mroe that I thought contacting PSS would be a good idea to see if there was an easier way out, my mention of installing over the top was just an example of the kind of solution they may be able to suggest, as they would with XP...
ASKER
OK. Completed the setup and the "Connect to the Internet" wizard. All seems good.
TechSoEasy, do you recommend that I create domain users in AD and try to mount the Exchange store before doing any updates or SPs? (Even though it was running with SPs before -- I guess what I'm saying is the file format for the Exchange store is the same? ... would not have been changed in a SP or update?)
TechSoEasy, do you recommend that I create domain users in AD and try to mount the Exchange store before doing any updates or SPs? (Even though it was running with SPs before -- I guess what I'm saying is the file format for the Exchange store is the same? ... would not have been changed in a SP or update?)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, the re-install went well. Finished cleanly. In fact, I gained a new respect for SBS. Didn't realize how cool it is.
However, recovering the Exchange store didn't go so well. There's almost a gig of data in the store, but exmerge is only seeing a few messages from each user. The exmerge log says something about a permissions problem -- or maybe that's what I read when I googled the error message. I downloaded the free version of "Recover for Exchange Server" and it says it can recover all of the messages -- infact it created PST files of many megs in size compared to 32K PST files that exmerge created. Since I had the PST files from the upgrade we did 5 weeks ago, I tried to import them with exmerge and it gave me the same error about permissions:
[19:07:17] Merging data from file 'D:\EXCHANGE\FROMCOZYDATA\
[19:07:17] Error. File 'D:\EXCHANGE\FROMCOZYDATA\
[19:07:17] Errors encountered. Copy process aborted for mailbox 'Diane' ('DIANE').
I've got to go to bed. And I've got to go to work tommorrow, so will be reading any ideas with interest but unable to try anything until the PM.
However, recovering the Exchange store didn't go so well. There's almost a gig of data in the store, but exmerge is only seeing a few messages from each user. The exmerge log says something about a permissions problem -- or maybe that's what I read when I googled the error message. I downloaded the free version of "Recover for Exchange Server" and it says it can recover all of the messages -- infact it created PST files of many megs in size compared to 32K PST files that exmerge created. Since I had the PST files from the upgrade we did 5 weeks ago, I tried to import them with exmerge and it gave me the same error about permissions:
[19:07:17] Merging data from file 'D:\EXCHANGE\FROMCOZYDATA\
[19:07:17] Error. File 'D:\EXCHANGE\FROMCOZYDATA\
[19:07:17] Errors encountered. Copy process aborted for mailbox 'Diane' ('DIANE').
I've got to go to bed. And I've got to go to work tommorrow, so will be reading any ideas with interest but unable to try anything until the PM.
ASKER
By the way, figured out what happened: Last week, we got a duplicate IP address error and I figured out what happened&. The moron (sorry not particularly intelligent or knowledgeable or professional person) who configured our ADT security DVR put it on a fixed IP address right in the middle of our DHCP scope range. So I ran the ADT software against the server and changed it to an IP address not in our DHCP range. No problem, except that we could not change the clients which access it because we did not know the client password they coded into it. So this ADT guy says, well, he lives out this way anyway so hell come by on Saturday and help us out with whatever little problem we are having on his own time. OK, thanks a lot. So he shows up on Saturday (and this particular Saturday is one of the busiest of the year for us. But this guy shows up with his 2 year old son is who throwing a fit the whole time because he doesnt want to be there. My wife and I are both at home. He has one of our employees call us on the phone and we tell her to let him into the server closet to do what hes got to do. So, Im talking to him on the phone, I can hear his son pitching a fit on the phone. As soon as he gets in the server closet our VPN connection goes dead. I say,
you didnt do anything do you?
he says
no
. So I go down there and he finally calls somebody and finds out what the password is, and everything works fine with the security system. After he leaves, I figure whats wrong with the VPN&.our SBS has gone down hard and wont boot complaining about a corrupted registry. Needless to say, the rest of my weekend is shot trying to recover or restore the dc. No go. Today (Monday) I took off work to get this back online. On Monday mornings, we have an all-hands staff meeting and two employees report that he put down his kid as soon the server closet was opened for him and his son immediately poked a button on one of the UPSs and killed the dc. It's RAID array didnt like getting its power shut off abruptly like that and was completely unrecoverable. Two employees witnessed this.
Really glad you got things back in working order... but I should state that you never mentioned at all that you were trying to use EXMerge.
If you're still having problems with that, take a look at this article about EXMerge permissions:
http://mostlyexchange.blogspot.com/2005/07/recipe-for-setting-up-permissions-to.html
You may also need to modify the ownership of the .pst files themselves to be sure that the EXMerge Admin User has full control.
Jeff
TechSoEasy
If you're still having problems with that, take a look at this article about EXMerge permissions:
http://mostlyexchange.blogspot.com/2005/07/recipe-for-setting-up-permissions-to.html
You may also need to modify the ownership of the .pst files themselves to be sure that the EXMerge Admin User has full control.
Jeff
TechSoEasy
To repair AD you+ll have to have a backup of Systemstate. Using the old Exchange database is possible if you have the same domain name but requiers alot of work. You´ll have to remove new mailboxes from the users and mail enable again and connect to their old mailbox. There are software that can export from database to pst file, and you import by Outlook.