Tag Archives: DAG

Exchange 2016 CU9 and Exchange 2013 CU20 released

On March 20, 2018 Microsoft has released two new quarterly updates:

  • Exchange 2016 Cumulative Update 9 (CU9)
  • Exchange 2013 Cumulative Update 20 (CU20)

There aren’t too many new features in these CUs. The most important ‘feature’ is that TLS 1.2 is now fully supported (most likely you already have TLS 1.2 only on your load balancer). This is extremely supported since Microsoft will support TLS 1.2 ONLY in Office 365 in the last quarter of this year (see the An Update on Office 365 Requiring TLS 1.2 Microsoft blog as well).

Support for .NET Framework 4.7.1, or the ongoing story about the .NET Framework. The .NET Framework 4.7.1 is fully supported by Exchange 2016 CU9 and Exchange 2013 CU20. Why is this important? For the upcoming CUs in three months (somewhere in June 2018) the .NET Framework 4.7.1 is mandatory, so you need these to be installed in order to install these upcoming CUs.

Please note that .NET Framework 4.7 is NOT supported!

If you are currently running an older CU of Exchange, for example Exchange 2013 CU12, you have to make an intermediate upgrade to Exchange 2013 CU15. Then upgrade to .NET Framework 4.6.2 and then upgrade to Exchange 2013 CU20. If you are running Exchange 2016 CU3 or CU4, you can upgrade to .NET Framework 4.6.2 and then upgrade to Exchange 2016 CU9.

Schema changes

If you are coming from a recent Exchange 2013 CU, there are no schema changes since the schema version (rangeUpper = 15312) hasn’t changed since Exchange 2013 CU7. However, since there can be changes in (for example) RBAC, it’s always a good practice to run the Setup.exe /PrepareAD command. For Exchange 2016, the schema version (rangeUpper = 15332) hasn’t changed since Exchange 2016 CU7.

As always, check the new CUs in your lab environment before installing into your production environment. If you are running Exchange 2013 or Exchange 2016 in a DAG, use the PowerShell commands as explained in my earlier EXCHANGE 2013 CU17 AND EXCHANGE 2016 CU6 blog.

More information and downloads

Exchange 2016 Database Availability Group and Cloud Witness

When implementing a Database Availability Group (in Exchange 2010 and higher) you need a File Share Witness (FSW). This FSW is located on a Witness Server which can be any domain joined server in your internal network, as long as it is running a supported Operating System. It can be another Exchange server, as long as the Witness Server is not a member of the DAG you are deploying.

A long time ago (I don’t recall exactly, but it could well be around Exchange 2013 SP1) Microsoft started to support using Azure for hosting the Witness server. In this scenario you would host a Virtual Machine in Azure. This VM is a domain joined VM, for which you most likely also host a Domain Controller in Azure, and for connectivity you would need a site-2-site VPN connection to Azure. Not only from your primary datacenter, but also from your secondary datacenter, i.e. a multi-site VPN Connection, as shown in the following picture:

image

While this is possible and fully supported, it is costly adventure, and personally I haven’t seen any of my customers deploy it yet (although my customers are still interested).

Windows 2016 Cloud Witness

In Windows 2016 the concept of ‘Cloud Witness’ was introduced. The Cloud Witness concept is the same as the Witness server, but instead of using a file share it is using Azure Blob Storage for read/write purposes, which is used as an arbitration point in case of a split-brain situation.

The advantages are obvious:

  • No need for a 3rd datacenter hosting your Witness server.
  • No need for an expensive VM in Azure hosting you Witness server.
  • Using standard Azure Blob Storage (thus cheap).
  • Same Azure Storage Account can be used for multiple clusters.
  • Built-in Cloud Witness resource type (in Windows 2016 of course).

Looking at all this it seems like a good idea to use the Cloud Witness when deploying Windows 2016 failover clusters, or when deploying a Database Availability Group when running Exchange 2016 on Windows 2016.

Unfortunately, this is not a supported scenario at this point. All information you find on the Internet is most likely not officially published by the Microsoft Exchange team. If at one point the Cloud Witness becomes a supported solution for Exchange 2016, you can find it on the Exchange blog. When this happens, I’ll update this page as well.

More information

Using a Microsoft Azure VM as a DAG witness server – https://technet.microsoft.com/en-us/library/dn903504(v=exchg.160).aspx

The Microsoft Exchange Replication service does not appear to be running.

Last week we had a major outage in our Exchange 2010 environment (28 multi-role servers in 2 DAGs). The provisioning system (based on Quest software) did some unexpected things after a restore of the provisioning database, resulting in (lots of) security groups in Active Directory being deleted. We were relatively lucky since the default groups (Domain Admins, Enterprise Admins etc.) were not deleted, but all Exchange Security Groups (in OU=Microsoft Exchange Security Group) were deleted.

These Exchange Security Groups can be recreated using the Setup.com /PrepareAD and Setup.com /PrepareDomain commands.

All seems to be running fine, but when executing PowerShell commands against a remote server (i.e. not the server being logged on to) would result in error message. For example, it was not possible to move an active Mailbox database from server1 to server2 in a DAG using the Move-ActiveMailboxDatabase command. When executing this command it would return the following error:

The Microsoft Exchange Replication service does not appear to be running on “computername”. Make sure the server is operating, and that the services can be queried remotely.

image

Continue reading The Microsoft Exchange Replication service does not appear to be running.

Install Exchange 2013 Cumulative Update 8

On March 17 Microsoft released the 8th Cumulative Update for Exchange Server 2013, 98 days after the release of CU7 which is nicely in line with the quarterly release cadence of Cumulative Updates. This Cumulative Update is called CU8, not a word about Service Pack 2, so SP1 still continues to be the officially supported Service Pack.

There are some new features in CU8 that are worth noticing.

  • With CU8 there are improvements for mobile clients in a Hybrid Configuration. When a Mailbox is moved the Outlook client will automatically detect and reconfigure accordingly. This was not the case with Mobile clients. This behavior has changed in CU8. When a mobile client connects the local Exchange server and the Mailbox is moved to Exchange Online an additional check for the TargetOWAUrl on the Organization Relationship object is performed. This will return an HTTP/451 redirect to the mobile client which in turn will be redirected to this new URL. This feature will be available to all EAS compatible devices that can handle the HTTP/451 redirect option. Unfortunately this feature is only available for onboarding customers (i.e. to Office 365) and not for offboarding (from Office 365) customers.
  • There an improved migration for Public Folders migration, now supporting batch migrations. This is faster (supports multiple jobs), more reliable and provides an easier migration management.
  • CU8 supports viewing calendar and contact types of modern Public Folders in OWA

Continue reading Install Exchange 2013 Cumulative Update 8

Balance Mailbox databases in a DAG

If you have a DAG with multiple Mailbox servers and a lot of Mailbox databases it’s a good practice to regularly have a look at the distribution of the Mailbox database.

When you reboot a Mailbox server for example all active copies of Mailbox databases are moved to other Mailbox server but they are never moved back to their original location.

Continue reading Balance Mailbox databases in a DAG