250 Hello - Exchange 2016

0

Does Exchange Setup Automatically Run PrepareSchema?

Posted on 13th May 2021 by Rhoderick Milne [MSFT]

The question "Does Exchange setup automatically run /PrepareSchema?" was something that came up many times in the recent Hafnium remediation activities. This was due to many customers not updating Exchange for multiple years, and being extremely behind on updates. In order to get Exchange updated, it was necessary to perform multiple steps in the upgrade process. Sometimes the /PrepareSchema ta… Read the rest “Does Exchange Setup Automatically Run PrepareSchema?”

7

TenantOrganizationConfig Required When Preparing Active Directory

Posted on 10th May 2021 by Rhoderick Milne [MSFT]

When running /PrepareSchema in an Exchange organisation with an existing Exchange Hybrid deployment you may run into an error which states:

"A hybrid deployment with Office 365 has been detected. Please ensure that you are running setup with the /TenantOrganizationConfig switch"

This is shown below:

A similar issue will occur if you specify only /PrepareAD

Note that the /TenantOrganizationConfig switc… Read the rest “TenantOrganizationConfig Required When Preparing Active Directory”

0

Unable to Run Exchange Setup–Pending Reboot From a Previous Installation

Posted on 3rd May 2021 by Rhoderick Milne [MSFT]

When installing Exchange updates, I place the server into maintenance mode and restart it prior to installing the actual Exchange update. This is due to have being burned many times by other teams or third party tools that conveniently "overlooked" the fact that their setup required the machine to restart. It also provides an opportunity for issues caused by those third party tools to surface be… Read the rest “Unable to Run Exchange Setup–Pending Reboot From a Previous Installation”

0

Exchange Managed Availability State Unknown

Posted on 30th April 2021 by Rhoderick Milne [MSFT]

The below is one of the cases where the "Zen of Exchange Management" is what fixes the issue. I've been know to say that sometimes you just need to wait for Exchange to do what it needs to do. To pass the time, feel free to adopt a meditation pose and emit calm and peaceful humming noises. This is Zen.

Exchange Managed Availability Reports Status: Unknown

After remediating multiple other i… Read the rest “Exchange Managed Availability State Unknown”

1

Exchange 2016 CU20 PrepareAD Required

Posted on 28th April 2021 by Rhoderick Milne [MSFT]

This is a quick heads up for those who may be deploying Exchange 2016 in the near future. If you are currently on Exchange 2016 CU19 there are no AD schema changes required, but there are AD changes. The former is performed by /PrepareSchema, and the latter by /PrepareAD.

You can take a look at the history of Exchange 2016 schema changes in Active Directory schema changes in Exchange Server and th… Read the rest “Exchange 2016 CU20 PrepareAD Required”

0

Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room

Posted on 27th April 2021 by Rhoderick Milne [MSFT]

It is critical Exchange installations are properly maintained in all regards. In order to stay current with Exchange Cumulative Updates (CUs), it is necessary to read the release notes for a given CU to determine if an update is required for the .NET Framework. Staying current on updates is required to receive full support from Microsoft. Exchange Hybrid supports N and N-1 for on-premises CUs, … Read the rest “Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room”

13

Should I Overwrite The Default Exchange SMTP Certificate?

Posted on 26th April 2021 by Rhoderick Milne [MSFT]

Exchange Prompt To Overwrite Default SMTP Certificate

When adding a TLS certificate on an Exchange server, the inevitable prompt will appear to enquire if you wish to overwrite the default SMTP certificate binding. While the UI in the current versions of Exchange is slightly different, it was basically the same prompt in Exchange 2010 & Exchange 2007.

While the prompt language was the same in Exchange 2007 and newer versions, the way that transpo… Read the rest “Should I Overwrite The Default Exchange SMTP Certificate?”

1

April 2021 Exchange Security Updates

Posted on 13th April 2021 by Rhoderick Milne [MSFT]

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release. You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019. Details can be found in KB 5001779.

Update 5-5-2021. Two articles with known issues relating to this securit… Read the rest “April 2021 Exchange Security Updates”

0

Exchange & TCP/IP Port Range

Posted on 12th April 2021 by Rhoderick Milne [MSFT]

The below is an interesting result after installing Exchange. The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
Network team sets a very restrictive firewall ACL which is

… Read the rest

2

Exchange Setup Fails – Error 3221685616

Posted on 9th April 2021 by Rhoderick Milne [MSFT]

The saying goes that nothing monitors AD better than Exchange. While the symptom is an Exchange issue, the underlying root cause is typically something else. Though as an added "feature" Exchange can also monitor additional elements of your infrastructure and indicate they are also unhealthy...

This is one of those such cases, where an Exchange CU was not installing. In the screenshot below, yo… Read the rest “Exchange Setup Fails – Error 3221685616”