6

Exchange 2016 CU20 Released

Exchange 2016 CU20 has been released to the Microsoft download centre!  Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously.    CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 has the same servicing methodology.

Note there is a security update to be installed AFTER CU20 installation.  Please see this post for details on the April 2021 security update for Exchange.

Download Exchange 2016 CU20

This is build 15.01.2242.002 of Exchange 2016 and the update is helpfully named ExchangeServer2016-x64-CU20.iso which allows us to easily identify the update.  Details for the release are contained in KB 4602569.

Exchange 2016  has transitioned out of  mainstream support lifecycle, and is now it the extended support phase of its lifecycle.

Updates Of Particular Note

As always security updates deserve a particular focus. Exchange 2016 CU20 includes all previously released security updates. This is nothing new, but is of particular importance given the recent issues with Hafnium.

The latest DST time zone updates are also included.

The below was an ongoing issue for some customers with multiple sites.

5001192 Microsoft Teams fails to show calendar due to Autodiscover v2 isn't site aware in Exchange Server 2019 and 2016

Update 5-4-2021: Known Issue creating mailboxes after installing the update.  Please see: "500 Unexpected Error" when trying to create a user mailbox in ECP

Note that there are some known issues when preparing AD which are discussed in the release KB.  There are additional operations required for multiple domain environments where /PrepareAD needs to be executed manually in the other domains.

 

This CU still has the Autodiscover EventID 1 error in the Application event log.  See KB 4532190 for details.

 

Please note  that .NET Framework 4.8 is a requirement.  See this post if installing .NET and the Exchange CU in the same maintenance window.

Details are listed in the Exchange Server prerequisites.  Also note the requirement for Visual C++ Redistributable Package for Visual Studio 2013.

Please note that while Exchange 2016 CU20 does not contain any schema changes, there are AD changes - details here.

AD Schema version details for Exchange 2016 are here.

Issues Resolved

This cumulative update also fixes the issues that are described in the following Microsoft Knowledge Base articles:
  • 5001183 Attachment is treated as bad zip file on Edge Transport server in Exchange Server 2019 and 2016
  • 5001184 EAC has no option to select the correct tenant for an Office 365 mailbox in Exchange Server 2019 and 2016
  • 5001185 EAC has no option to select an archive domain for cloud-based archive in Exchange Server 2019 and 2016
  • 5001186 Encoding of special characters isn't preserved which causes missing text in Outlook in Exchange Server 2019 and 2016
  • 5001188 Incorrect MRM properties stamped on mail item delivery when sending to multiple mailboxes on the same database in Exchange Server 2019 and 2016
  • 5001189 Mailbox Audit log searches and Outlook both tied to MaxHitsForFullTextIndexSearches in Exchange Server 2019 and 2016
  • 5001190 MonitoringGroup can't control the placement of CAS monitoring mailboxes in Exchange Server 2019 and 2016
  • 5001192 Microsoft Teams fails to show calendar due to Autodiscover v2 isn't site aware in Exchange Server 2019 and 2016
  • 5001193 New health mailboxes for databases are created every time Exchange Health Manager service is restarted
  • 5001194 RFC certificate timestamp validation in Exchange Server 2019 and 2016
  • 5001195 UPN specified when creating mailbox is overwritten automatically causing login failures in Exchange Server 2019 and 2016
  • 4583558 PDF preview function in OWA leads to download action unexpectedly

 

Some Items For Consideration

Exchange 2016 follows the same servicing paradigm for Exchange 2013 which was previously discussed on the blog.  The CU package can be used to perform a new installation, or to upgrade an existing Exchange Server 2016 installation to this CU.  Cumulative Updates are well, cumulative.  What else can I say…

Customers with a hybrid Exchange deployment, must keep their on-premises Exchange servers updated to the latest update or the one immediately prior ( N or N-1).

  • Test the CU in a lab which is representative of your environment

  • Review this post to also factor in AD preparation which is to be done ahead of installing the CU onto the first Exchange server

  • Follow your organisation’s change management process, and factor the approval time into your change request

  • Provide appropriate notifications as per your process.  This may be to IT teams, or to end users.

  • After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange. If you uninstall this cumulative update package, Exchange is removed from the server.

  • Place the server into SCOM (or whatever is used) maintenance mode prior to installing, confirm the install then take the server out of maintenance mode

  • Place the server into Exchange maintenance mode prior to installing, confirm the install then take the server out of maintenance mode

  • I personally like to restart prior to installing CUs.  This helps identifies if an issue was due to the CU or happened in this prior restart, and also completes any pending file rename operations.  3rd party AV products are often guilty of this

  • Restart the server after installing the CU

  • Ensure that any Exchange security updates are installed. 
  • Ensure that all the relevant services are running

  • Ensure that event logs are clean, with no errors

  • Ensure that you consult with all 3rd party vendors which exist as part of your messaging environment.  This includes archive, backup, mobility and management services.

  • Ensure that you do not forget to install this update on management servers, jump servers/workstations and application servers where the management tools were installed for an application.  FIM and 3rd party user provisioning solutions are examples of the latter.

  • Ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed.  See this article on setting PowerShell to Unrestricted..

  • Disable file system antivirus prior to installing. Do this through the appropriate console.  Typically this will be a central admin console, not the local machine.

  • Verify file system antivirus is actually disabled

  • Once server has been restarted, re-enable file system antivirus.

Please enjoy the update responsibly!

What do I mean by that?  Well, you need to ensure that you are fully informed about the caveats with the CU  and are aware of all of the changes that it will make within your environment.  Additionally you will need to test the CU your lab which is representative of your production environment.

Cheers,

Rhoderick

Rhoderick Milne [MSFT]

6 Comments

  1. Microsoft's doc referes to schema extension being needed for CU20. I'm already at CU19 which had a schema extension...do you know if CU20 will still require one?

    • Thanks Hans,

      You are correct, that is an issue and there was an updated added to the post.

      Cheers,
      Rhoderick

Leave a Reply

Your email address will not be published. Required fields are marked *