Join Log in
Score:0
avatar Server

Exchange 2019 Database Permissions

au flag
USD Matt

I have an Exchange 2019 server which is running fine but ideally I would like to run offline defrag on an archive database that is now way bigger than it needs to be after removing a mailbox which, due to an errant import, copied many times more data to the archive than actually existed in the mailbox.

Name                        DatabaseSize                    AvailableNewMailboxSpace
----                        ------------                    ------------------------
Archives                    50.13 GB (53,821,308,928 bytes) 49.8 GB (53,472,526,336 bytes)

Problem is, the databases are not accessible (Administrator gets a permissions error even trying to browse to them), and I'd rather not mess with permissions on Exchange folders unless I have no choice - or following Microsoft documented procedures.

What's the correct process these days to do any sort of recovery/maintenance directly on the database files when Exchange is by default set up to only allow access to itself? Is eseutil even supported anymore or do they not recommend touching the edb files at all?

98
1 + 0
Score:0
Ivan_Wang avatar Server
us flag
Ivan_Wang

the databases are not accessible Administrator gets a permissions error even trying to browse to them

When and where did you encounter this permission issue? When you run cmdlets which is related with database(e.g. Get-MailboxDatabase, Dismount-Database) or in other scenarios?

Make sure your current account has the permission to manage database: Mailbox database permissions

What's the correct process these days to do any sort of recovery/maintenance directly on the database files when Exchange is by default set up to only allow access to itself? Is eseutil even supported anymore or do they not recommend touching the edb files at all?

As far as I know, you could use eseutil tool to check the header of your corrupted database and repair your database when the State in the header shows "Dirty Shutdown". More details about how to use ESEUTIL to repair your database: Repair your Database with ESEUTIL

Besides, if you want to shrink the size of your databases, the following actions are recommended rather than offline defragmentation of the database via ESEUTIL:

  1. Create a new database and associated database copies.

  2. Move all mailboxes to the new database.

  3. Delete the original database and its associated database copies.

The following related blog is for your reference: How to reclaim the whitespace

Edit: Location to modify permissions of database folders: enter image description here enter image description here

0 + 5
au flag
USD Matt
I'm doing all this as `administrator`. Trying to browse via explorer to `D:\Exchange Server\V15\Mailbox` just gives "You don't currently have permission to access this folder". All eseutil commands give permissions error if I try to provide the full EDB path. All Exchange Shell tools work fine (`Get-MailboxDatabase` etc)
0
Reply
au flag
USD Matt
Looks like I may be better off just moving to a new database
0
Reply
Ivan_Wang avatar
us flag
Ivan_Wang
>> **"You don't currently have permission to access this folder"** Is it a local account? By default, the account **administrator** is a member of the group **Administrators**. Maybe you could view and modify the permissions of your current account and database folders? I added a screenshot of the location which to modify the permission, see if there is any difference after modifying/adding permissions for your administrator account.
0
Reply
au flag
USD Matt
I don't have permission to view security details on the folder without pressing the "Continue" button, which according to Microsoft `a background process will change the permissions on the folder, and on all its subfolders and files, to grant your user account access to them`. As mentioned previously I'd rather not cause any sort of change on the permissions unless it's a documented procedure, as generally, forcing permissions on critical Microsoft folders is a recipe for breaking things. I've broken folder redirection in the past due to it noticing unsupported permissions on the folders.
0
Reply
au flag
USD Matt
I went with the new database, although to further complicate things, it seems deleting a database from EAC doesn't actually remove the files - it tells you to remove them manually. Fortunately it seems that a simple `rmdir /s {DatabaseFolderPath}` works, even through you can't actually look in that folder
0
Reply
Ivan_Wang avatar
us flag
Ivan_Wang
Has your disk space been shrinked after you migrated to a new database and removed the old db files?
0
Reply
au flag
USD Matt
Yes, the disk space has been reclaimed
0
Reply
Ivan_Wang avatar
us flag
Ivan_Wang
If there is any similar issue, feel free to post it. If everything works well, you could mark the best answer to finish this thread. Have a good day :)
0
Reply
Score:0
Eric Simson avatar Server
us flag
Eric Simson

As Ivan_Wang suggested all the points, but There are some prerequisites before using eseutil:

  1. Make a copy of your database before using eseutil.

  2. Verify that you have sufficient space like equivalent of 20% of the database size.

  3. Run Eseutil/P mode.

  4. Run Eseutil /D mode.

  5. Run Isinteg in -fix -test alltests mode.

Refer this: https://techcommunity.microsoft.com/t5/exchange-team-blog/repairing-exchange-databases-with-eseutil-when-and-how/ba-p/610276

https://community.spiceworks.com/how_to/168508-how-to-repair-exchange-databases-with-eseutil-when-and-how

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.