Tag Archives: Exchange 2016

Microsoft Teams and Exchange 2016

Microsoft Teams works best when your mailbox is in Exchange Online, and you have a license for SharePoint Online, and you have OneDrive for Business enabled.

When you have your mailbox in Exchange on-premises your options are limited, you have basic Teams functionality like audio/video and files, but that’s basically it. Not a trace of the calendar or the option to manage meetings in Teams. This is what ‘cloud partners’ have been telling me for a long time: “no, you must migrate your mailbox to Exchange Online” (and we can help you with that I was they were thinking…)

Teams with Exchange on-premises

But, if you have Exchange 2016 CU3 or higher things get better (I’m sorry if you are still running Exchange 2010). To enable the integration of Teams with on-premises Exchange 2016 you need to configure OAuth in your on-premises environment as outlined in my previous blog, and assuming you have Exchange hybrid configured of course.

When you have OAuth configured, Teams can access the on-premises mailbox on behalf of the user that’s logged on in Teams, making it possible to retrieve the user’s calendar. After configuring OAuth and without any additional configuration in Teams the user’s on-premises calendar (here in Exchange 2019) automagically appears:

Teams with Exchange on-premises OAuth

In the Teams client this is a view of your calendar, and using the new meeting option you can create new Teams meetings, invite people, set recurrence, select a channel etc. Invites are sent to other recipients using the regular Exchange process, and when accepted a response is sent (or not) back to your inbox. I never knew this was possible, but this is cool stuff.

Teams with Exchange on-premises new meeting

Integrating the calendar into Teams is a nice addition and it can help users with their daily productivity task. From a compliance perspective things are a bit different. Chats for example are not stored in the user’s mailbox, this is only possible for mailboxes in Exchange Online. The process responsible for copying Teams chat data from the Azure storage (outside of Office 365) simply cannot access the folder in the user’s mailbox.

But, for on-premises calendar integration in your Teams environment this is very nice.

More information

How Exchange and Microsoft Teams interact – https://docs.microsoft.com/en-us/microsoftteams/exchange-teams-interact

Configure OAuth authentication between Exchange and Exchange Online organizations – https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help

 

Exchange 2016 CU15 and Exchange 2019 CU4 released

On December 17, 2019 Microsoft has released its quarterly updates for Exchange Server:

  • Exchange 2016 CU15.
  • Exchange 2019 CU4 (only available via Volume License).

There are a couple of things that are worth noting:

  1. Both Exchange server versions need the .NET Framework 4.8. If you are running an older version of Exchange (much older) consult Michel de Rooij’s blogpost Upgrade Paths for CU’s and .NET.
  2. If you are running an Exchange Hybrid version there’s the n-1 policy. This means your on-premises versions of Exchange should be Exchange 2016 CU14 or Exchange 2019 CU3 at minimum.
  3. There’s an update on the Exchange calculator which is now version 10.3.
  4. There are no schema changes compared to the previous version so there’s no need to run Setup.exe /PrepareSchema. I always recommend running Setup.exe /PrepareAD to make sure any additional features or changes like (for example) RBAC are applied correctly.

So now real new features which is in line with Microsoft’s strategy. If you need the latest and greatest then Exchange Online is the way to go. If you need a stable on-premises environment you’re good with Exchange 2016 or Exchange 2019.

More information

Released: December 2019 Quarterly Exchange Updates
Exchange 2016 CU15 Download: https://www.microsoft.com/en-us/download/details.aspx?id=100780
Exchange 2016 CU15 UM Pack: https://www.microsoft.com/en-us/download/details.aspx?id=100781

 

Exchange 2016 Cumulative Update 11

Most likely you’ve seen this information before, because of my vacation in Dallas and New Orleans I’m a bit behind with blogging 😊

But on October 16, 2018 Microsoft has released Cumulative Update 11 (CU11) for Exchange 2016, this is a little later than expected to align the release of Exchange 2016 Cumulative Updates with the upcoming release of Exchange 2019. . There’s only a release for Exchange 2016, there won’t be any new CU’s for Exchange 2013 since Exchange 2013 is already in extended support. There will be security updates for Exchange 2013 though.

Exchange server and .NET Framework is not a happy marriage and it continues to be a struggle, or at least it looks that way. Exchange 2016 CU11 now supports .NET Framework 4.7.2. This version of .NET Framework is not mandatory, installation of .NET Framework 4.7.2 can be before installing of CU11 or after CU11. The .NET Framework 4.7.2 will be required for a future CU of Exchange 2016.

Another dependency is Visual C++, you might have seen this in previous CU’s and also in Exchange 2010 Update Rollup 23 as well. To avoid any issue, install Visual C++ 2012 (https://www.microsoft.com/download/details.aspx?id=30679) before installing Exchange 2016 CU11.

Exchange 2016 CU11 does not have any schema changes. If you’re upgrading from an older version of Exchange 2016, Active Directory changes (in the configuration container) might be needed. These will automatically be applied by the setup application, but you can also choose to update the configuration partition manually by running setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

As always, you should test a Cumulative Update thoroughly before bringing it to production, it won’t be the first time something goes wrong in production with a CU. But I have to say, I haven’t seen any major blocking issues so far…

More information and downloads of Exchange 2016 CU11:

Exchange 2016 Setup RecoverServer fails with internal transport certificate warning

I am currently working with a customer on their Exchange 2016 design, implementation and disaster recovery process. While writing a new Exchange 2016 disaster recovery document I ran into this issue in my lab environment while running “Setup.exe /Mode:RecoverServer /IAcceptExchangeServerLicenseTerms”.

image

For search engine options this is a part of the actual error message.

Mailbox role: Transport service FAILED

The following error was generated when “$error.Clear();

Install-ExchangeCertificate -DomainController

$RoleDomainController -Services SMTP

” was run: “System.InvalidOperationException: The internal transport certificate for the local server was damaged or missing in Active Directory. The problem has been fixed. However, if you have existing Edge Subscriptions, you must subscribe all Edge Transport servers again by using the New-EdgeSubscription cmdlet in the Shell.

The solution looks simple since it says “the problem has been fixed”. However, running the setup application again results in the next error message.

image

Again, for search engine possibilities:

Performing Microsoft Exchange Server Prerequisite Check

Configuring Prerequisites COMPLETED

Prerequisite Analysis FAILED

A Setup failure previously occurred while installing the HubTransportRole role. Either run Setup again for just this role, or remove the role using Control Panel.

For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.InstallWatermark.aspx

The Exchange Server setup operation didn’t complete. More details can be found in ExchangeSetup.log located in the

:\ExchangeSetupLogs folder.

Z:\>

To remove the watermark, start the registry editor on the Exchange 2016 server and go to HKLM\Software\Microsoft\ExchangeServer\v15\HubTransportRole and delete the Watermark and Action entries.

image

Rerunning the setup application unfortunately results in the 1st error, despite the “the problem has been fixed” and the removal of the watermark entries.

It turns out that I have two Edge Transport servers in my environment, with an Edge Subscription. This Edge subscription is using the self-signed certificate for encryption purposes, and since this self-signed certificate on the new Exchange 2016 server differs from the original (before the crash) self-signed certificate the encryption possibilities fail.

To resolve this, using ADSI Edit to find the msExchEdgeSyncCredential on the Exchange 2016 server you are recovering, and delete all credential entries.

image

When running the Setup application with the /RecoverServer option again (for the third time ) it will succeed and successfully recover the Exchange 2016 server.

Exchange 2016 CU10 and Exchange 2013 CU21 released

On June 19, 2016 Microsoft released Exchange 2016 CU10 and Exchange 2013 CU21, exactly 90 days after the previous CUs. Perfectly aligned with their regular quarterly release 🙂

Besides regular hotfixes there are a couple of important things to notice:

  • Exchange 2016 CU10 and Exchange 2013 CU21 need the .NET Framework 4.7.1. This is a hard requirement, so if .NET Framework 4.7.1 is not installed, the setup application will halt and generate an error message. You can use the Get-DotnetVersion.ps1 script that fellow MVP Michel de Rooij wrote to check the .NET version in advance.
  • A new requirement is the VC++ 2013 runtime library. This component provides WebReady Document Viewing in Exchange Server 2010 and 2013 and Data Loss Prevention in Exchange Server 2013 and 2016. In the (near) future the VC++ 2013 runtime library will be forced to install.
  • Standard support for Exchange 2013 ended on April 10th, 2018 and thus Exchange 2013 entered extended support. Exchange 2013 CU21 is the last planned CU. Customers need to install this CU to stay in a supported configuration, and to be able to install future Security Releases.
  • When running a hybrid configuration with Exchange Online, customers are required to install the latest Cumulative Update for Exchange 2013 or Exchange 2016, or install the latest Update Rollup for Exchange 2010 SP3.
  • None of these releases bring Active Directory Schema changes. You have to run Setup.exe /PrepareAD to activate new features like the following:
  • A new feature in Exchange 2016 CU10 and Exchange 2013 CU21 is the option to create shared mailboxes in Office 365 using the *-RemoteMailbox cmdlets. For example, after creating a user account in Active Directory you can use the following command to create a Shared Mailbox in Office 365 directly:
    Enable-RemoteMailbox -Identity <account> -Shared -RemoteRoutingAddress account@contoso.mail.onmicrosoft.com

Microsoft also released Update Rollup 22 for Exchange 2010 SP3. This Update Rollup brings support for Windows 2016 Domain Controllers (and corresponding Domain Functional Level and Forest Functional Level) and it fixes an issue with Web Services impersonation.

As always you should thoroughly test the new Cumulative Updates or Update Rollups in your test environment before installing in your production environment.

Installing a Cumulative Update hasn’t changed much over the years, so you can follow my previous blogpost about installing Exchange 2013 CU9, which is especially important when installing a Cumulative Update in a Database Availability Group.

More information and downloads: