Установка и CU14 + KB4536987
Внимание, если вы на лицензии Standart увеличивали в реестре макс. размер базы этот параметр может затерется при установки куммулятивного апдейта , внимание ! https://domino--exchange.blogspot.com/2020/03/db-store-1024-gb.html
We are currently upgrading our Exchange 2016 servers to CU14 Exchange 2016 and started to install CU14 on servers that host only relayed copies.
We are currently upgrading our Exchange 2016 servers to CU14 Exchange 2016 and started to install CU14 on servers that host only relayed copies.
CU14 Exchange 2016 is a bridge CU. It is compatible with .NET 4.7.2 and compatible with .NET 4.8 as well. You can upgrade from .Net 4.7.2 to .Net 4.8 after you have CU14 Exchange 2016 in place.
CU14 ( and CU15 ) both come with a vulnerability for which Microsoft released a patch in February.
The patch is classified important and should be installed after CU14 has been installed.
The patch is classified important and should be installed after CU14 has been installed.
You can read more to the mentioned vulnerability and download the patch from Microsoft here.
Tasks before installing CU14 Exchange 2016:
Backup your web.config files where you have modified parameters or have added new keys.
As we experienced it still only the web.config file in the OWA directory takes over parameters and keys you have modified before. To be safe I recommend backup every web.config file you have ever touched/modified. So you can easily reapply the changes you have made.- Disable Check for publisher’s certificate revocation in IE.
- Make sure you have enough free space on the install drive.
I noticed from 2010 and 2013 times a recommendation for at least 10GB of free space. - Take a look at the supportability matrix if you plan to upgrade to .NET 4.8
- Check Auth methods on service directories like Powershell, OWA, and ECP and note the output.
- Switch mailbox databases and put the server in maintenance mode.
Order of install:
- Install the regular Windows patches ( if necessary )
- Install CU14 Exchange 2016
- Install patch KB4536987 for Exchange Server 2016 CU14 from an elevated Command Prompt
The CU installation itself took between 2 and 3 hours on the servers in our environment.
Experiences after CU14 Exchange 2016 has been installed:
- We had mailtips disabled. Mailtips were enabled afterward.
- To go for sure we checked the Authentication methods on the Virtual Directories again and validated them against the output we made before. All fine.
- The web.config files in the following directories have been overwritten. Changes needed to be reapplied.
Active Sync – [ We have an increased attachment size ] :
C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\sync
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\syncECP – [ We have additional keys in place. ] :
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\exchweb\ewsAnyway, I always check the OWA web.config as well:OWA – [ We have additional keys in place ] :
C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa - Virtual directories for additional OWA and ECP needed to be recreated.
Experiences vulnerability patch KB4536987:
After the install and restart it happened on some servers that the content index state on relayed copies was and stayed in status failed.
The following command displayed the cause:
Get-MailboxDatabaseCopyStatus -Server Servername | fl Identity, ContentIndexErrorMessage
Output:
ContentIndexErrorMessage:
The Microsoft Exchange Search Host Controller Service is not running on server Servername
The Microsoft Exchange Search Host Controller Service is not running on server Servername
After restarting the Microsoft Exchange Search Host Controller Service the ContentIndexState went back to AutoSuspend.
It took about 45 – 60 minutes to install the patch.
Комментарии
Отправить комментарий