Microsoft announced in the bulletin it shared yesterday that it has changed the update model for the Exchange Server.
Updates published quarterly (March, June, September, and December) were changed after feedback from customers. And they announced that they have commissioned a new update service.
In the announcement, two CU’s per year – will releasing in H1 and H2 of each calendar year, with general target release dates of March and September (these dates may change).
If you are planning to make cumulative updates to your Exchange Servers, you must first put the server on which you will install the update into maintenance mode. To perform maintenance on Exchange Servers, follow these steps:
First of all, if you are using a load-balancer, make sure that there is no mail traffic to the server you will maintain.
Pre-Check 1 – Get-ServerComponentState ExchServerName | ft Component,State -Autosize
Pre-Check 2 – Get-MailboxServer ExchServerName | ft DatabaseCopy* -Autosize
Control 1 – Get-ServerComponentState ExchServerName | ft Component,State -Autosize
Control 2 – Get-MailboxServer ExchServerName | ft DatabaseCopy* -Autosize Get-ClusterNode ExchServerName | fl Get-Queue
By the way, if you have made changes to the configuration files (Web.config,Edgetransport.exe.config etc) before starting the update process, it is recommended to backup them, because the changes you made after the update will return to their default settings.
You can now update the server.
After completing the update process we need to take the server out of maintenance mode.
After 1 – Set-ServerComponentState ExchServerName -Component ServerWideOffline -State Active -Requester Maintenance
After 2 – CD $ExScripts .\StopDagServerMaintenance.ps1 -serverName ExchServerName
After 3 – Set-ServerComponentState ExchServerName -Component HubTransport -State Active -Requester Maintenance
After 4 – Restart-Service MSExchangeTransport
After 5 – Get-ServerComponentState ExchServerName | ft Component,State -Autosize
If you have specific configuration backups, you can compare them with your backups and rearrange them. (Don’t forget to restart the server)
Now you can add your server to the load-balancer again and include it in the mail traffic.
Some Exchange systems after installing the March 2022 Security Update, you may receive errors related to the “Microsoft Exchange Service Host” service may crash repeatedly.
Event ID 4999 (Application Log) Watson report about to be sent for process id: 4564, with parameters: E12IIS, c-RTL-AMD64, 15.01.2375.024, M.Exchange.ServiceHost, M.Exchange.Diagnostics, M.E.D.ChainedSerializationBinder.LoadType, M.E.Diagnostics.BlockedDeserializeTypeException, c0e9-dumptidset, 15.01.2375.024.
Root Cause; If there are any expired certificates or certificates nearing expiration on the Exchange Server. Workaroud; Replace any expired certificates and, if you are on Exchange Server 2016 or Exchange Server 2019, follow these steps:
Must have temporary full access to the arbitration mailbox Get-Mailbox -Arbitration "SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}" | Add-MailboxPermission -User AdminAccount -AccessRights FullAccess
Run the Remove Expiry Notification script from Exchange Management Shell (user with full permission assigned to arbitration mailbox) Remove-CertExpiryNotifications.ps1 -Server ExchangeServer -Confirm:$false
Check all the messages are deleted , again run script it should report that there are no messages present in the folder Remove-CertExpiryNotifications.ps1 -Server ExchangeServer -WhatIf
Start the MSExchangeServiceHost service and confirm that it is not crashing
Revoke the full access permission Get-Mailbox -Arbitration "SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}" | Remove-MailboxPermission -User AdminAccount -AccessRights FullAccess
Microsoft Exchange Servers security updates have been released for March 2022.
These updates are available for the following specific builds of the Exchange Server:
Exchange Server 2013 CU23 Exchange Server 2016 CU21 and CU22 Exchange Server 2019 CU10 and CU11
The recommendation is to install these updates immediately to protect your environment. You can installation security patches if you are in the specified Cumulative Update(CU) versions.
If you aren’t in the specified cumulative updates, you must first installation cumulative updates.
Note : Don't double-click the 'MSP file' to run it. Run Command Prompt (not powershell) as an Administrator.
I don’t know where and when this information will be useful to you, but I needed these values in a few problems I had, maybe you will need them one day.
There are three critical recipient values used by Exchange Server;
msExchRecipientDisplayType
msExchRecipientTypeDetails
msExchRemoteRecipientType
There is the only supported way to change these values is using the Exchange Admin Center or using the Exchange Management Shell.
If you create your user’s mailbox directly from the Office 365 management console, you will not be able to see the newly created mailbox on your On-Premises Exchange server.
The recommended method is to create the mailbox on the On-Premises Exchange server.
In order to solve the problem of the mailbox created directly on Office365 not appearing on Hybrid Exchange in our scenario above, you should run the following commands on the On-Premises Exchange according to the mailbox you are having trouble with.
$uid = read-host "Please enter username" $mailnick = read-host "Please enter username" $tempmail = $uid+"@company.mail.onmicrosoft.com" $primarymail = $mailnick+"@company.com"
If you get “Connection to remote server” / “ClientAccessServer = EXCHANGE, BackEndServer = EXCHANGE” error while opening Exchange Management Shell on your Exchange Servers and the Management Shell connects to another server that is a member of Exchange DAG.
If you get Event: 15021, HttpEvent error in the event logs like the following;
Open IIS Manager –> Sites –> Exchange Back End Sites
Check you https protocol “Exchange Back End” Binding
There is a must be self-signed “Microsoft Exchange” certificate here, if not here , it may have expired and you need to renew it on the Exchange ECP console or MMC console.
Microsoft Exchange Servers security updates have been released for May 2021.
These updates are available for the following specific builds of Exchange Server:
Exchange Server 2013 CU23 Exchange Server 2016 CU19 and CU20 Exchange Server 2019 CU8 and CU9
Recommendation is to install these updates immediately to protect your environment. You can installation security patches if you are in the specified Cumulative Update(CU) versions.
If you aren’t in the specified cumulative updates, you must first installation cumulative updates.
Note : Don't double-click the 'MSP file' to run it. Run Command Prompt (not powershell) as an Administrator.