MikeKane
asked on
Question on Exchange 2010 Litigation Hold and Deletion of Entire Mailbox
We use an Exchange 2010 solution. We placed a litigation hold on every mailbox in the company. During this period, one of the employees left. One of the email admins Removed the end user mailbox and LDAP account (this was not malicious, just normal procedure otherwise).
Now when legal wanted to search this, now separated, employee's mailbox, the Mailbox is not listable from within the Multi Mailbox Search. This is using Multi Mailbox Search -> New Search -> Mailboxes to Search -> Add -> Then searching for the employee name turn up no results. I assume the 'no results' is because the mailbox and account are no longer present.
1) Thoughts on how to retrieve/search the mailbox?
2) I would have thought that a Litigation Hold would prevent accidental Deletion. Was this an incorrect assumption?
Now when legal wanted to search this, now separated, employee's mailbox, the Mailbox is not listable from within the Multi Mailbox Search. This is using Multi Mailbox Search -> New Search -> Mailboxes to Search -> Add -> Then searching for the employee name turn up no results. I assume the 'no results' is because the mailbox and account are no longer present.
1) Thoughts on how to retrieve/search the mailbox?
2) I would have thought that a Litigation Hold would prevent accidental Deletion. Was this an incorrect assumption?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SP1 will prevent you from deleting a mailbox on litigation hole
ASKER
We are running SP1 Rollup 3. The user was removed from within the EMC, not from AD User manager. It seems that this removes the account and mailbox regardless of the hold.
Seems like a hole in our procedures where any account marked for deletion will now have to be checked to see if it is in Litigation Hold unless there is another method to have Exchange check for us.
Right now, I'm going back and restoring the USer account from LDAP backup and will try to restore the mailbox into it.
Seems like a hole in our procedures where any account marked for deletion will now have to be checked to see if it is in Litigation Hold unless there is another method to have Exchange check for us.
Right now, I'm going back and restoring the USer account from LDAP backup and will try to restore the mailbox into it.
Did you find the Disconnected mailbox?
ASKER
The mailbox for the end user never appeared in Disconnected mailbox. The account and mailbox were both removed with the same action in EMC by right clicking the mailbox list and selecting remove.
I was able to restore the end user LDAP entry (it now appears in the user lists).
However, the restore of the mailbox is failing.... This might turn into a 3 hour Symantec BES call.... but I'll post the errors here in case anyone had any ideas.
Restore started on 3/28/2011 at 3:29:13 PM.
Restore Set Detail Information
V-79-57344-760 - Unable to open the item Database - skipped.
V-79-57344-760 - Unable to open the item Database - skipped.
V-79-57344-760 - Unable to open the item Database - skipped.
Item <server>\hidden\Database\< user> \Top of Information Store\Inbox\<email subj>
Item <server>\hidden\Database\< user> \Top of Information Store\Inbox\<email subj>
That repeats for about 700 items in the inbox. No items are restored.
I did verify that I was using proper credentials (domain admin to be exact).
Are there any additional steps after restoring an account before I can restore mailbox items into that account?
I was able to restore the end user LDAP entry (it now appears in the user lists).
However, the restore of the mailbox is failing.... This might turn into a 3 hour Symantec BES call.... but I'll post the errors here in case anyone had any ideas.
Restore started on 3/28/2011 at 3:29:13 PM.
Restore Set Detail Information
V-79-57344-760 - Unable to open the item Database - skipped.
V-79-57344-760 - Unable to open the item Database - skipped.
V-79-57344-760 - Unable to open the item Database - skipped.
Item <server>\hidden\Database\<
Item <server>\hidden\Database\<
That repeats for about 700 items in the inbox. No items are restored.
I did verify that I was using proper credentials (domain admin to be exact).
Are there any additional steps after restoring an account before I can restore mailbox items into that account?
Did you try
Get-mailboxdatabase | clean-mailboxdatabase
Get-mailboxdatabase | clean-mailboxdatabase
ASKER
No change after that command.
I did find a Symantec KB article related to those errors along with a HotFix. Issue relates to attempting a mailbox restore to a CAS with SSL cert installed.
So I'm trying it now.... will post results.
I did find a Symantec KB article related to those errors along with a HotFix. Issue relates to attempting a mailbox restore to a CAS with SSL cert installed.
So I'm trying it now.... will post results.
OK
ASKER
Turns out Symantec has a known issue that is to be resolved in the upcoming Backup exec 2010 R3 release.
So all is restored and I learned a bit more about how symantec is slowly sucking away my life force.
So all is restored and I learned a bit more about how symantec is slowly sucking away my life force.