Complete Windows 2008 domain w/o Exchange Reinstall

I'm working with a small windows 2008 32 bit domain with four workstations. The network has been compromised by a hacker.  I've manually copied all user docs from the server to an external USB drive along with their one database app and I've screen printed all settings,

We just installed a new TZ205 firewall.

My plan is to reformat the server and all four workstations, install Windows 2008 R2/64 on the server and XP back on the 4 pc's, manually recreate the user accounts, create their login scripts, shared folders, copy their docs back in and get them clean again. I will be installing SEP 12.1.2 and it's manager.

The workstations all use Outlook with PST files and get mail from pop3 accounts on the web.

I have the following questions:

1. What's the best and surest way to backup everything (PST/NK2/Contacts) in Outlook and perform a restore on an XP box?

2. Since AD has been hacked, I'm not sure what is clean so I want to totally reinstall the server. Any suggestions other than what I've already stated to make the restore clean and quick?  I have a Backup Exec backup, but I'm sure some of it has been hacked and I'm not sure what can be restored safely.
LVL 25
Tony GiangrecoAsked:
Who is Participating?
 
Larry Struckmeyer MVPConnect With a Mentor Commented:
I have the following questions:

1. What's the best and surest way to backup everything (PST/NK2/Contacts) in Outlook and perform a restore on an XP box?

Based on what you posted you cannot do a restore on an XP box.  You will have to reinstall unless you have known good backups.  A pst file is just that.  So long as you can safeguard those you can copy them back to a system running Outlook and point OL to the .pst and it will be able to load the mail box.



2. Since AD has been hacked, I'm not sure what is clean so I want to totally reinstall the server. Any suggestions other than what I've already stated to make the restore clean and quick?  I have a Backup Exec backup, but I'm sure some of it has been hacked and I'm not sure what can be restored safely.

Reinstall and restore are different.  When you restore you create a new domain and all new sids.  Any user or computer will be "different" than before, so you need to safeguard the data and put it back onto the new server into a logical folder set and assign permissions and security in the same way as before.
0
 
Tony GiangrecoAuthor Commented:
2. Since AD has been hacked, I'm not sure what is clean so I want to totally reinstall the server. Any suggestions other than what I've already stated to make the restore clean and quick?  I have a Backup Exec backup, but I'm sure some of it has been hacked and I'm not sure what can be restored safely.

Reinstall and restore are different.  When you restore you create a new domain and all new sids.  Any user or computer will be "different" than before, so you need to safeguard the data and put it back onto the new server into a logical folder set and assign permissions and security in the same way as before.

I plan to run the 2008 r1 install by deleting the partitions a d running a clean install of 2008 r2. Then isetting up ad and dns, user accounts and copying data back. Can you elaborate on how I should do differently?
0
 
Tony GiangrecoAuthor Commented:
I meant r2 instead of r1
0
All Courses

From novice to tech pro — start learning today.