"exchange trusted subsystem" fehlt

1. offizieller Beitrag

    Hi Leute,


    ich habe gestern auf meinem Exchange Cluster ein paar Updates gemacht. Unter anderem auch das Rollup 5-v2.


    Heute morgen musste ich nun feststellen, das man nicht mehr via Outlook an den Server kommt. Lediglich OWA funktioniert.


    Mittlerweile bin ich dahinter gekommen, dass die oben genannte Gruppe nicht mehr im AD existiert. Alle anderen sind jedoch vorhanden...


    Nun wollte ich diese Gruppe mit preparead/prepareschema einfach neu in das AD schubsen. Leider geht dies nicht, da meine install CD nicht die selbe Version wie mein bereits installiertes System hat ...


    Falls einer von euch eine Idee hat wäre ich sehr dankbar!


    Gruß,
    ITNerd

    • Offizieller Beitrag

    Hallo,


    zuerst würde ich mal in AD Benutzer und Computer in den Deleted Objects Containt, der nach der Gruppe suchen.


    Wenn diese da nicht existiert, dann wäre ein Authoritative Restore aus dem Backup des Systemstatus eines DCs durchzuführen.


    Schau Dir mal die Artikel an. Vor allem KB 840001


    On the recovery domain controller, run the following command to disable inbound replication:


    repadmin /options <recovery dc name> +DISABLE_INBOUND_REPL


    1. Restart the domain controller.
    2. When the Windows Startup menu is displayed, select Directory Services Restore Mode, and then press ENTER.
    3. Restore the data from backup media for an authoritative restore. To do this, follow these steps:
    a. In Directory Services Restore mode, click Start, point to Programs, point to Accessories, point to System Tools, and then click Backup to start the Windows 2000 Server Backup utility.
    b. Click Restore Wizard, and then click Next.
    c. Select the appropriate backup location, and then make sure that at least the System disk and System State containers are selected.
    d. Click Advanced, and then make sure that you restore junction points. If you do not use the Advanced menu, the restore process will not be successful.
    e. In the Restore Files to list, click Original Location.
    f. Click OK, and then complete the restore process. A visual progress indicator is displayed.
    g. When you are prompted to restart the computer, do not restart.


    4. At a command prompt, type ntdsutil , and then press ENTER.
    5. Type authoritative restore , and then press ENTER.
    6. Type the following command, and then press ENTER:
    restore subtree ou= OU_Name ,dc= Domain_Name ,dc= xxx



    Note In this command, OU_Name is the name of the organizational unit that you want to restore, Domain_Name is the domain name that the OU resides in, and xxx is the top-level domain name of the domain controller, such as "com," "org," or "net."
    7. Type quit , press ENTER, type quit , and then press ENTER.
    8. Type exit , and then press ENTER.
    9. Restart the DC
    10. On the console of the recovery domain controller, use the Ldifde.exe utility and the ar_ YYYYMMDD-HHMMSS _links_usn.loc.ldf file to restore the user's group memberships. To do this, follow these steps:
    • Click Start, click Run, type cmd in the Open box, and then click OK.
    • At the command prompt, type the following command, and then press ENTER:
    ldifde -i -f ar_ YYYYMMDD-HHMMSS _links_usn.loc.ldf


    11. Enable inbound replication on the recovery DC - repadmin /options <recovery dc name> -DISABLE_INBOUND_REPL


    Reference:
    241594 How to perform an authoritative restore to a domain controller in Windows 2000
    http://support.microsoft.com/d…aspx?scid=kb;EN-US;241594


    240363 How To Use the Backup Program to Back Up and Restore the System State in Windows 2000
    http://support.microsoft.com/d…aspx?scid=kb;EN-US;240363


    840001 How to restore deleted user accounts and their group memberships in Active Directory
    http://support.microsoft.com/d…aspx?scid=kb;EN-US;840001