[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2889
  • Last Modified:

Unable to restore from Backup Exec 2010 R2 to Exchange 2010

Since we have upgraded to exchange 2010 sp1 I've been unable to restore from Symantec Backup Exec 2010 R2.

After spending a good 3 hours on the phone to symantec support we've narrowed it down to this potentially orphaned record in AD.

CN=SymantecEWSImpersonationRole\0ADEL:689c4dcc-adcc-4e6c-b596-1b107cee7467,CN=ApplicationImpersonation,CN=Roles,CN=RBAC,CN=Centrestone,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=local

If I recreate the role which is needed and is created by default when a restore job is run from BE 2010 it will create the role but we are still unable to restore.

Further information: Error from BE2010 is "e0000389 - The resource credentials for the restore job were unable to create a role assignment for ApplicationImpersonation. Review the credentials to ensure that it has the rights that are required for ApplicationImpersonation."

A search of the Symantec support website leads you to the following technotes: http://www.symantec.com/business/support/index?page=content&id=TECH125119 and http://www.symantec.com/business/support/index?page=content&id=TECH124615 which I've followed through, without any joy.

The jobs are being run under the domain administrator account, which has the Exchange Organisation, Server, Hygeine Management roles assigned. Just to be double sure I've assigned the Application Impersonation role to both the Organisation and Server Management roles in exchange, so that shouldn't be the issue.

I've confirmed that this record is no longer needed and have tried using ADSIedit to delete the record, but it doesn't appear in ADSIedit.

PS > I used ADExplorer from sysinternals to find the record.
0
Tristan
Asked:
Tristan
  • 2
1 Solution
 
louisreevesCommented:

Did you try Rebuilding the EWS virtual directories? it is Just two steps from:

http://technet.microsoft.com/en-us/library/dd767439(WS.10).aspx

      Get-WebServicesVirtualDirectory | Remove-WebServicesVirtualDirectory  -Confirm:$false

      New-WebServicesVirtualDirectory -WebsiteName "SBS Web Applications" -InternalUrl "https://Sites/EWS/Exchange.asmx" -basicauthentication 1 -windowsauthentication 1

I am thinkin the role would  be deleted when you remove and add.
0
 
TristanIT ManagerAuthor Commented:
Thanks for your comment, I've actually now resolved the problem.

Issue was Time sync issue between the backup media server and the exchange server, the Role Assignment actually had nothing to do with it.

Thanks,
NL

0
 
TristanIT ManagerAuthor Commented:
I ran net time \\dc /set /yes and the problem was resolved.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now