Exchange Updates installing slow on Windows Server 2012 R2

For customers who are running Exchange on Windows Server 2012 R2, we want to make certain you are aware of a condition which can substantially increase the amount of time it takes to install Exchange Updates on this OS. Working with the .Net team, we have discovered that systems which have applied Windows Update KB3097966 can take 50% more time to install Exchange. The .Net team is working on a resolution to this and will include a fix in a future product update. In the meantime, customers who have deployed this Windows update can take a one-time action on their server before installing Exchange or a Cumulative Update to bring installation time back to normal. This procedure needs to be done once on every Exchange server running Windows Server 2012 R2. The command to execute is:

“%windir%\Microsoft.NET\Framework64\v4.0.30319\ngen.exe update”

Errors and warnings encountered running this command can be safely ignored provided the final exit status code of 0 is reported in the output.

Cumulative Update 1 for Exchange Server 2016

Exchange Team released:  Cumulative Update 1 for Exchange Server 2016

Issues that the cumulative update fixes

KB 3139730 Edge Transport service crashes when you view the properties of a poison message in Exchange Server 2016
KB 3135689 A custom SAP ODI URI is removed by ActiveSync from an email message in an Exchange Server environment
KB 3135688 Preserves the web.config file for Outlook Web App when you apply a cumulative update in Exchange Server 2016
KB 3135601 Cyrillic characters are displayed as question marks when you run the “Export-PublicFolderStatistics.ps1” script in an Exchange Server 2016 environment
KB 3124242 Mailbox quota is not validated during migration to Exchange Server 2013 or Exchange Server 2016

Exchange Server 2016 Cumulative Update 1 (KB3134844), Download, UM Lang Packs

Cumulative Update 12 for Exchange Server 2013

Exchange team released CU12 for Exchange 2013

Issues that this cumulative update fixes:

KB 3143710 “Failed Search or Export” error occurs when an eDiscovery search in the Exchange Admin Center finishes

Rollup 13 for Exchange Server 2010 Service Pack 3

This update rollup includes the following changes: 

  • A new Office 365 Hybrid Configuration wizard (HCW) is used in Exchange Server 2010 that was bundled in the Exchange Management Console (EMC). This change makes sure that EMC always runs the latest version of the HCW that contains up-to-date experience when the HCW is initiated from the EMC.
  • An updated Secure/Multipurpose Internet Mail Extensions (S/MIME) Control for Outlook Web Access. The control is signed to use aSHA-2 compliant code signing certificate. After you install this update, an updated version of the control on the Exchange server will be replaced. Users who have installed the earlier version of the control into a computer’s browser must log on to Outlook Web Access and download the updated control after the Exchange server updates are completed.
  • Exchange Server 2010 Service Pack 3 Update Rollup 13 (KB3141339) Download

Staying up-to-date with Windows Server updates for Remote Desktop Services (RDS)

Microsoft Remote Desktop Team get customer enquiries asking which RDS updates are available for a particular Windows Server platform; or when providing support we need to verify if certain hotfixes and servicing rollups are installed on the customers’ servers. To make it easier for customers and ourselves, we regularly revise KB articles that list all of the available updates specific to Remote Desktop services for each Windows Server release:

Important notice about certificate expiration for Exchange 2013 Hybrid customers

If you’re running Exchange 2013 and you’ve configured a hybrid deployment with Office 365, this post contains important information that might impact you. Please evaluate this information and take any necessary action before April 15, 2016.

On April 15 2016, the Office 365 TLS certificate will be renewed. This certificate is used by Office 365 to provide TLS encryption between Office 365 and external SMTP servers. The new certificate, which will help improve the security of mail sent to and from Office 365, will be issued by a new Certificate Authority and it will have a new Issuer and Subject.

This change has the potential to stop hybrid mailflow between Office 365 and your on-premises Exchange servers if one of the following conditions applies to you:

  • Your on-premises Exchange servers are running Exchange 2013 Cumulative Update 8 (CU8) or lower.
  • You’ve upgraded the Exchange 2013 servers that handle hybrid mailflow to Exchange 2013 CU9 or higher. However, since upgrading to CU9, you HAVE NOTre-run the Hybrid Configuration wizard (either from the Exchange Admin Center or via the direct download link).

If one of the previous conditions applies to your organization, hybrid mailflow between Office 365 and your organization will stop working after April 15, 2016unless you complete the steps below.

Note: This only affects hybrid mailflow. Regular mailflow and TLS encryption is NOT affected.

How to keep hybrid mail flowing (MUST be completed before 4/15/2016)
Let the new Hybrid Configuration wizard do it for you

You can use the latest Hybrid Configuration wizard (HCW) to configure your Exchange 2013 servers to work with the new TLS certificate. Just follow these steps:

  1. If the Exchange 2013 servers handling hybrid mailflow are running Exchange 2013 CU8 or lower, follow the instructions in Updates for Exchange 2013 to install the latest cumulative update on at least one server.
  2. After you install the latest cumulative update, download the new HCW application and run the wizard following the instructions here .

Note: For information on which releases of Exchange are supported with Office 365, see Hybrid deployment prerequisites.

Manual update

If you can’t upgrade Exchange 2013 to latest cumulative update right now (although we would like to remind you of our support policy), you can manually configure your servers to work with the new TLS certificate. On each Exchange 2013 server that’s used for hybrid mailflow, open the Exchange Management Shell, and run the following commands:

$rc=Get-ReceiveConnector |where {$_.TlsDomainCapabilities -like “*<I>*”}

Set-ReceiveConnector -Identity $rc.Identity -TlsDomainCapabilities “mail.protection.outlook.com:AcceptCloudServicesMail

http://blogs.technet.com/b/exchange/archive/2016/02/19/important-notice-about-certificate-expiration-for-exchange-2013-hybrid-customers.aspx

Microsoft Exchange Server User Monitor For Exchange 2013 and 2016

        Use the Microsoft Exchange Server User Monitor to gather real-time data to better understand current client usage patterns, and to plan for future work.
        Administrators can view details on server resource utilization as reported through server-side tracing. This tool works with Microsoft Exchange Server 2013 and 2016.
        The tool is provided as-is. At this time, there are no updates or patches planned for future release. No formal support is provided for the tool. Some minimal support may be provided by Microsoft but not all reported issues will be able to be addressed or resolved.

        Exchange Server User Monitor

      On .NET Framework 4.6.1 and Exchange Skype4B Lync compatibility

      We wanted to post a quick note to call out that since yesterday, the .NET Framework 4.6.1 has been made a recommended update on WU (Windows Update).

      As we have already stated in the Exchange Supportability Matrix, at this time, this version of .NET framework is not supported by Exchange. In fact, we know of some issues if it is installed.

      We are working with the .NET team to ensure that Exchange customers have a smooth transition to .NET Framework 4.6.1, but in the meantime, delay this particular .NET update on your Exchange servers (information on how this can be accomplished can be found in the KB article 3133990, How to temporarily block the installation of the .NET Framework 4.6.1).

      http://blogs.technet.com/b/exchange/archive/2016/02/10/on-net-framework-4-6-1-and-exchange-compatibility.aspx.

      As a result of this recommendation from the Exchange team, the Skype for Business team is recommending the same course of action for Lync/Skype for Business servers.

      Please follow the guidance located here to block the installation: 3133990, How to temporarily block the installation of the .NET Framework 4.6.1).

      Don’t use DHCP Option 60/66/67 when you want to use UEFI & Legacy PXE Boot with MDT

      If you want to use EUFI Boot with MDT 2013 Update X.
      Don’t use DHCP Option 60/66/67!!!

      DC01 = Windows Server 2008 R2 SP1
      DC02 = Windows Server 2012
      MDT01 = Windows Server 2012 R2

      UEFI Client: Dell Laptop E5450
      BIOS Client: HyperV Virtual machine with Legacy network adapert

      DC1; MDT01 and DHCPServer all in Subnet1.
      (IP Helper is set for DHCPServer for DHCP and for DC01 & MDT01 for DHCP and BootP – I checked serveral times if everything is right here)
      UEFI Client and BIOS Client in Subnet2.

      Situation1 — Using no DHCP Options and WDS running (IP HELPER-ADDRESS):
      UEFI Client – Boots perfectly (contacting Server MDT01)
      BIOS Client – Boots perfectly (contacting Server MDT01)

      Situaion2 — Using no DHCP Options and WDS just running on MDT01:
      UEFI Client – Does not boot (no error information is provided)
      BIOS Client – Does not boot (no Bootfilename recieved)

      Situation3 — Using DHCP Options(Option 66=”IP of MDT01″ Option 67=”\x86\wdsnbp.com”) and WDS just running on MDT01:
      UEFI Client – Does not boot (no error information is provided)
      BIOS Client – Boots perfectly (contacting Server DP1)

      Situation4 — Using DHCP Options(Option 60=”PXEClient” Option 66=”IP of MDT01″ Option 67=”\x86\wdsnbp.com”) and WDS just running on MDT01:
      UEFI Client – Boots perfectly (contacting Server DP1)
      BIOS Client – Does not boot (taking hours to recieve dhcp options..)

      Solution:

      On most switches you can configure ip helper-addresses. This is most time al ready configured for the use of DHCP.

      Add the IP of the MDT server als ip helper-address:

      Example:

      interface Vlan100
      description GEBRUIKERS VLAN
      ip address 192.168.101.254 255.255.254.0 show
      ip helper-address 192.168.25.6   (DC01)
      ip helper-address 192.168.25.7   (DC02)
      ip helper-address 192.168.25.30 (MDT01)
      end

      MDT Display The Task Sequence Name

      I While ago i blogd about MDT Displaying The Task Sequence Name

      This is still ongoing issue in MDT 2013 Update 2

      Sow:
      oEnvironment.Item(“_SMSTSPackageName”) = “Lite Touch Installation”

      And change it like so:
      oEnvironment.Item(“_SMSTSPackageName”) = oEnvironment.Item(“TaskSequenceName”)

      Change this please Microsoft Winking smile

      Download here the changed litetouch.swf

      Translate »