How to recover an Exchange server from Active Directory

There comes a time in any Exchange admin’s day when they will have to recover an Exchange server. Many IT admins think this is a daunting task but it is actually simple. The hardest part is building a new virtual machine and getting it ready to take over the role of the one that is not functioning. There are a few steps to follow but the process is pretty much the same as preparing a new Exchange server. The only difference would be the command you run — it will use the /mode:RecoverServer switch vs. using the /mode:Upgrade switch.

Reasons you will have to recover an Exchange server

Why will you have to recover an Exchange server? There are many reasons, and here are just a few:

  • Windows updates caused an issue with your server. It could be blue-screening or just stuck in a reboot cycle.
  • Your server was hit by ransomware and the data on the disk was encrypted.
  • You got a virus/Trojan on the server, either by an infected mail or by someone putting in an infected flash disk.
  • You got malware on your server.
  • You installed an updated version of .NET framework and it broke Exchange.
  • An admin accidentally deletes something in ADSIEdit and causes problems with the Exchange server.

These are just some of the things that I can think of. There are, of course, other reasons why the server broke or stopped functioning.

Follow these steps

Let’s now take a look at steps you need to take to get the server online again after doing a recovery install. Each part will be covered in some detail as to why it is being completed.

  • Shut down your current server that you are planning on recovering. I like to remove the network card from the machine while recovering so another admin does not boot it up and leave you with an issue. The reason you are shutting down the server is because you will be creating one with the same name.
  • Login to your domain controller and launch Active Directory and launch Active Directory users and computers. Click the search button and change the scope to computers and once you have found your computer, right-click on it and select the Reset option. You will be asked to confirm the reset. Click OK to continue.
  • If you are using Virtual Machine Manager (VMM), edit the “old” server and change its name to, for example, Server1.old, and click OK. Now create a new virtual machine and give it the same name as the old computer.
  • Attach the Windows ISO to the machine and start it up.
  • Install Windows from the ISO or if you have an image then boot from the image that is pre-created and stored in your library.
  • Once installed, configure your server settings and reboot.
  • Change the computer name and then reboot.
  • Log back into the new server and assign the IP address previously used.
  • Once you have a valid network, you can join the new VM to Active Directory.
  • Reboot your server.
  • I like to enable RSS on the network card as you get the network speeds especially for copying or downloading.
  • After you log in, run Windows updates. If Windows was installed from an ISO, you will have a few downloads and updates to do. This is the part that takes the longest, unfortunately, unless you have an image that you keep up-to-date to save you this time.
  • Once you have completed the final set of updates, reboot your server.
  • Install the prerequisites for your server. If you running Exchange 2010, then install its prerequisites from PowerShell and reboot the server when done.
  • Now you can install the following set of applications: .NET Framework for your Exchange edition, Visual C++, and the new version of VC++. Now you can install UCMA and once completed, reboot the server.
  • I normally check for Windows updates again just to be sure everything is up-to-date before continuing.
  • Now download the cumulative update or rollup required for your version of Exchange and extract the ISO.
  • Launch an elevated CMD prompt so you can run the following command:

Setup /mode:Recoverserver /IAcceptExchangeServerLicenseTerms

Be aware, this might give you an error. The error may be that the server is part of a database availability group. The fix for this is simple enough. Run the following command to remove the database availability group:

Remove-DatabaseAvailabilityGroupServer -Identity DAG09 -MailboxServer MBX1 -ConfigurationOnly

Replace DAG09 with the DAG name in question and MBX1 with your server name.

Confirm and reboot

recover an Exchange server

You will be asked to confirm the action and the easiest is to type “A” and then press enter. Wait for the command to finish.

I prefer to do a reboot so that you can proceed with a clean recovery. Launch the elevated command prompt again and run through the setup. It should go through all the checks and it will let you know what roles and services will be recovered. This will take a little while and it all depends on the speed of the virtual machine.

Once the server has finished doing its recovery installation you will need to reboot it. If you are running an Exchange 2010 server (SP3), apply the rollup that you were on previously and then reboot the server. Check for remaining Windows updates before continuing. Now you can join the server back into the database availability group it was in previously. Don’t forget to attach storage to your newly recovered server and then start seeding your database copies.

If you had backups running, ensure you have the backup agent installed again and once the seeding has completed, do a full backup so everything is consistent again.

So, as you can see, while there are several steps to recover an Exchange server, overall, it’s nothing to fear.

Featured image: Shutterstock

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top