Data Protection for Exchange provides support for protecting Microsoft Exchange databases.
If you encounter a problem during Data Protection for
Exchange processing when using VSS for backup and restore, complete
the following steps:
- Retry the operation that failed.
- Restart the Tivoli Storage Manager services, including the TSM
Client Acceptor and the TSM Remote Client Agent.
- If the problem still exists, close other applications, especially
those applications that interact with Exchange (antivirus applications,
for example). Retry the operation that failed.
- If the problem persists, look for information in the event logs: tdpexc.log and dsmerror.log.
You can also review the messages in the Windows event log. There might
be some log entries that help you identify a VSS event that triggers
the issue.
If you do not find a resolution to the problem in the
log files, you can complete the following procedure:
- Shut down the Exchange server.
- Restart the Exchange server.
- Run the operation that failed.
Alternatively, you can also complete this procedure:
- Shut down the entire computer.
- Restart the computer.
- Run the operation that failed.
Another troubleshooting procedure to consider: Determine if this
problem is reproducible on other Exchange servers.
When troubleshooting a mailbox restore error, you can use
the
TDPMAPI TESTMAPI command. The command helps
diagnose MAPI connection issues when connecting to the mailbox. The
following parameters can be used:
- /MAILBOXALIAS
- This parameter is the alias name for the mailbox that was specified
when the mailbox was originally created. The parameter refers to
the email alias for the user and is the portion of the email address
on the left side of the @ symbol. You should run this command against
both the mailbox to be restored and the mailbox of the administrator
you are currently logged in as.
- /EXCSERVER
- (Exchange 2010 environments) This parameter is the name of the
Exchange Server that has the Client Access Server (CAS) role. The
default is the local server. The get-ExchangeServer | fl Exchange
PowerShell command can be used to determine which Exchange Server
has the CAS role defined for the mailbox database. It is mandatory
to specify this parameter when there is a CAS Load Balancer within
the environment.
(Exchange 2013 environments) Depending on the information
that you need, use one of the following formats:
- Retrieve the ExchangeGUID for the user that is logged on
- Enter the following command:
whoami | Get-Mailbox | fl ExchangeGUID
- Retreive diagnostic information
- Enter the following command:
tdpmapi.exe /excserver={ExchangeGUID@domain}
- /TRACEFILE
- This parameter is the filename used to hold the output from the
tracing. By default, tracing is turned off. The filename can be
qualified with a drive and full path location, and must have write
permissions for the user running the command.
For example:
TDPMAPI TESTMAPI /MAILBOXALIAS=alias /EXCSERVER=cas /TRACEFILE=filename
Exchange 2013
The following list identifies
troubleshooting information when protecting data for an Exchange 2013
server:
- For the target mailbox, grant full access permission.
When using the Administrator mailbox, Exchange 2013 usually, by default,
blocks full access permission for this administrator.
- Log on as an Exchange administrator with a mailbox on an Exchange
2013 database.
- Make sure both the administrator mailbox and the target mailbox
are accessible in either Microsoft Outlook or Outlook Web Access.
- Use an Exchange 2013 CAS. Specifically, set the CLIENTACCESSServer parameter
to an Exchange 2013 CAS.
- If you are using a load balancer, for troubleshooting, set the CLIENTACCESSServer parameter
to an actual server instead of the load balancer.
- To open the administrator mailbox and the target mailbox, try
using the Mailbox Restore Browser with Open
Exchange Mailbox.
- Check the MAPI registry key. The key is located at HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\Current Version\Windows Messaging Subsystem. The name
of the key is RpcHttpProxyMap_TSM. Depending
on your environment, you might have to change the HTTP to HTTPS, or
change the authentication method, or change the domain name to *.
The MAPI download contains the Microsoft documentation for setting
this registry key.
If the default registry key is something like
the following example:
contoso.com=http://mail.contoso.com,ntlm,ntlm,false
You
might make one or more of the following updates:
contoso.com=https://mail.contoso.com,ntlm,ntlm,false
*=http://mail.contoso.com,ntlm,ntlm,false
contoso.com=http://mail.contoso.com,negotiate,negotiate,false
For
all of the information about registry keys, see the Microsoft documentation.
In addition, when completing a backup and restore tasks
for an Exchange 2013 server, if a Client Access Server (CAS) is used
and later removed as the CAS, or, if the CAS is enabled for SSL authentication,
an
Enter Password window might be displayed.
This window prompts you to enter the domain, user name, and password.
To verify and workaround this problem is occurring, complete the following
steps:
- From a command prompt, enter regedit.exe.
- Use the Microsoft documentation to backup the registry.
- Locate the following registry key: RpcHttpProxyMap_TSM.
This key is located at
HKCU\Software\Microsoft\WindowsNT\CurrentVersion\Windows Messaging Subsystem
- To go from HTTPS to HTTP, change the subdomain.domain.com=https://server.subdomain.domain.com,ntlm,ntlm,false value
to subdomain.domain.com=http://server.subdomain.domain.com,ntlm,ntlm,false.