Windows Server 2003

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • blyxx86
    Contributor
    • Nov 2006
    • 258
    #1

    Windows Server 2003

    Hey Everyone,
    I'm currently trying to recover from a server breach (when I was put in charge of the server there was no AV and no firewall for about 4 months before). It appears that the server has been accessed using the "WinEggDrop " utility, and it is allowing new active directory users to be created.

    I am wanting to do a full server reinstall to start from scratch and remove any of the weird settings that were initially setup (ie, no partitioning of hard drives for system and data and database files). We have been doing 2 full backups weekly on a tape drive.

    The server in question is a Windows Server 2003 SBS edition running Active Directory, Exchange, and MSSQL.

    Now here is my question. I know it's easy to migrate MSSQL database files, just unmount them and then mount them on a new server. However, my problem lies with Active Directory and Exchange. Is there a guide that shows how to restore both of them to a new system? I know there are files for MSExchange that store the e-mails, but will it matter if I cannot backup the Active Directory? Can I create the users after I import the Exchange files? Or rather, before?

    Any help on this would be appreciated.

    Thanks,
    Kyle
    Tags: None
    • jg007
      Contributor
      • Mar 2008
      • 283
      #2
      have you tried google ?

      link is for AD backup / restore

      Active Directory Backup and Restore
      http://technet.microsoft.com/en-us/library/bb727048.aspx


      & for Exchange -

      Error - Office.com - Microsoft Support
      http://support.microsoft.com/kb/258243


      I would imagine that you would have to install the AD first but you might also want to start from scratch if you don't know how things have been amended or
      changed.

      if you do start from scratch it would probably be best if you can to build the second server them demote the old one also this article might help -

      Error - Office.com - Microsoft Support
      http://support.microsoft.com/kb/555549

        Comment

        • blyxx86
          Contributor
          • Nov 2006
          • 258
          #3
          I thank you for the reply.

          I have researched this off and on over the past couple weeks. However the link you provided regarding AD is one that I already read and dismissed. I was worried that the backup and restore of the system files might be compromising in itself, since I do not know what files have been hooked by this malicious hacker. I was hoping for just a backup of the individual pieces and not the system state portion.

          I did find one solution for the Exchange since posting here called "ExMerge" which basically allows me to remotely save each mailbox on the exchange server to a local .PST file and then after the new active directory is built I can upload each .PST file to whatever AD user I choose. Which is nice.

          I wish I had the resources (and licenses) available to build a second machine to demote and then promote, but I do not, so it looks like I will be performing a massive backup and then rebuilding the AD by hand while semi-autonomously rebuilding the exchange data.

            Comment

            Previous template Next
            Working...