On February 25, 2014 Microsoft released Exchange 2013 SP1, an interesting upgrade in the Exchange 2013 program. Besides SP1 new UM Language Packs have been released as well. For more detailed information please check the SP1 release notes. At the same time Microsoft has released Update Rollup 5 for Exchange 2010 SP3 and Update Rollup 13 for Exchange 2007 SP3.
Looking at the Cumulative Updates with Exchange 2013, SP1 is identical to CU4. One reason for releasing a Service Packs is the support lifecycle. Major releases and Service Packs of a Microsoft product are included in the support lifecycle, Cumulative Updates are not.
More information regarding the lifecycle of Exchange 2013 can be found here: http://bit.ly/2013LifeCycle
Besides a large number of hotfixes, Exchange 2013 SP1 contains a number of new and interesting features.
- Windows 2012 R2 support – Exchange 2013 SP1 supports Windows 2012 R2, both for the Exchange server as well as the Domain Controllers. Please note that Exchange 2013 RTM does NOT support Windows 2012 R2. For a complete overview of the various options please check the Exchange Supportability Matrix at http://bit.ly/SupportMatrix.
- SSL Offloading – Exchange 2013 SP1 now supports SSL offloading. When using SSL offloading the SSL connection is terminated at the Load Balancer. This will take away the processor cycles from the Client Access server. SSL offloading can also be easier from an SSL Certificate management point of view.
- Edge Transport Server – This server role was available in Exchange 2007 and Exchange 2010 but not in Exchange 2013 RTM. With Exchange 2013 SP1 it is reintroduced. The Edge Transport server is used for message hygiene purposes, in contains several anti-spam features like connection filtering, content filtering, recipient filtering etc.
There’s one challenging factor when using the Edge Tranport server, it can only be managed using the Exchange Management Shell. There’s no GUI available on this server. The good thing is that this reduces the attack surface of the server (since it is placed in the Perimeter network it is more vulnerable to attacks) because of the absence of IIS components, the downside is that management can become difficult for the average Exchange administrator.
- MapiHttp – MapiHttp (codename Alchemy) is a new protocol in Exchange 2013 SP1 and is a replacement for RPC/HTTP. When using MapiHttp the Outlook 2013 SP1 (!) client uses HTTP natively to communicate with the Exchange 2013 SP1 server, without the need for an RPC proxy. Doing this removes the dependency towards RPC which actually is a Windows component.
Outlook using MapiHttp has a more reliable connection with the Exchange server, especially when a flaky Internet connection is used, a scenario where RPC/HTTP does not work very well.
MapiHttp is only available for Outlook 2013 SP1, but rumors are that it might well be available in a future update for Outlook 2010.
More features in SP1 include….
- Junk Mail Reporting Tool : FFO extension
- ADFS 2.0 config support
- Compose Apps
- Paid Apps
- Hybrid using OAuth
- Firefox support for offline/app cache
- Cmdlets to support S/MIME control in OWA
- DLP Policy Tip support in OWA
- DLP classifications in Exchange based on Document fingerprints
- DLP classification rules and DLP policies for new regions
I’d like to show a bit more on a few of these features….
Rich Text Editor in OWA
OWA in Exchange 2013 SP1 now has a rich text editor and this is really cool. You can now format new messages, copy-and-paste formatted text from other sources and even copy-and-paste images into OWA:
This is really a cool feature and makes OWA definitely more useful than ever.
PowerShell Command Logging
In Exchange 2010 Management Console there was the option to view the actual PowerShell commands when you were clicking around. This feature was not available in Exchange 2013 but is reintroduced in Exchange 2013 SP1 Exchange Admin Center.
Installing Exchange 2013 SP1
Upgrading from a previous release of Exchange 2013 to Exchange 2013 SP1 is not different then upgrading to for example Exchange 2013 CU3.
If you have any UM Language packs installed you have to remove these first before upgrading to Exchange 2013 SP1. To do this you have to use the unattended setup:
setup.exe /RemoveUMLanguagePack: <UmLanguagePackName>
Once removed you can continue upgrading to SP1.
Exchange 2013 SP1 contains schema changes. To upgrade the Schema to SP1 you can execute the following command:
Setup.exe /PrepareSchema /IacceptExchangeServerLicenseTerms
If you want to check the Schema version you can use the following PowerShell commands:
$root = [ADSI]"LDAP://RootDSE" $m = [ADSI]("LDAP://" + "CN=ms-Exch-Schema-Version-Pt," + $root.schemaNamingContext) $m.rangeUpper
It should return 15292 when upgraded to SP1.
Upgrading to SP1 is very straightforward. Open a command prompt and enter the following command:
Setup.exe /Mode:Upgrade /IacceptExchangeServerLicenseTerms
There have been reports that the Front-End Transport Service (FETS) was running but unwilling to accept new connections after an upgrade. Rebooting the server solves this issue, but it’s my personal best practice to reboot the server anyway.
Upgrading DAG members
If you have multiple Exchange 2013 servers you have to put the DAG member that will be upgraded in maintenance mode. In maintenance mode all active copies of the Mailbox databases will be moved off of the server and the possibility of moving back will be blocked. Also the Primary Active Manager (PAM) is running on this server will be moved to another DAG member.
The process is as follows:
- Put a DAG member in maintenance mode.
- Install the Cumulative Update.
- Take the DAG member out of maintenance mode.
- Redistribute the active Mailbox databases across the DAG.
Note. If you’re running a DAG most likely you will have multiple Exchange Server 2013 Client Access servers as well, or maybe you have both roles on the same server. Either way, the Client Access server needs to be disabled in the load balancers as well of course as shown in the following figure where the EXCH02 Real Server is disabled (and therefore not servicing any client requests).
To put a DAG member in Maintenance Mode open the Exchange Management Shell, navigate to the $Exscripts directory and enter the StartDAGServerMaintenance.ps1 -Server <<servername>> command.
Now install the SP1 binaries as explained before. Once installed the DAG member can be taken out of Maintenance Mode. Open the Exchange Management Shell and enter the StopDAGServerMaintenance.ps1 -Server <<servername>> command from the $Exscripts directory.
Repeat these steps for the other DAG members and if you’re running multi-role servers, don’t forget to enable/disable the Real Servers at the same time.
The last step is to redistribute the Mailbox database across the DAG. You can use the RedistributeActiveDatabases.ps1 script in the $Exscripts directory to do this:
RedistributeActiveDatabases.ps1 -DagName <<name>> -BalanceDbsByActivationPreference -Confirm:$False
Exchange 2013 SP1 brings a a lot of new features and I’ve highlighted a couple of these here. Upgrading from a previous CU to SP1 is fairly straightfoward. To prevent issues like services not accepting new connections reboot the server after upgrading to SP1.
When upgrading DAG members you better put the individual DAG members in maintenance mode when upgrading to SP1.
The upcoming weeks I’ll blog a bit more about new features in SP1.