Exchange 2016 CU4 Released

This is build 15.01.0669.032 of Exchange 2016 and the update is helpfully named ExchangeServer2016-x64-CU4.iso which allows us to easily identify the update.  Details for the release are contained in KB 3177106.

image408

Updates Of Particular Note

CU4 contains the latest time zone updates.

Exchange 2016 CU3 added support to install onto Windows Server 2016.  However, there was an issue with Windows which required that DAG based installations were paused.  The required fix has been released by Windows in KB3206632.  This update is required on Windows 2016 servers with Exchange 2016 installed.  CU4 will check if the update is installed, and will block the install if KB3206632 is missing.

The fix for the recent public folder indexing issues is included with CU4.  This was an issue introduced in both Exchange 2013 CU14 and Exchange 2016 CU3.  This is discussed in KB 3202691 – Public folders indexing doesn’t work correctly after you apply latest cumulative updates for Exchange Server.  Note After you install this update on either version of Exchange Server, you should move the public folder mailbox to a new database to make sure that all items are indexed correctly.

CU4 supports .NET framework 4.6.2 – while this is an optional upgrade at this time, it makes sense to plan the .NET upgrade as it will become a required pre-requisite for the next CU.

On net-new installs the Desktop Experience feature is no longer required, since Windows has refactored how the components are installed in the newer versions of Windows.  This allows net-new installs of Exchange 2013 CU15 and Exchange 2016 CU4 to install less components than before as only the Media Foundation feature will be installed when using the /InstallWindowsComponents setup switch.  Since this is for net-new installs, upgrades to existing servers using either of the two aforementioned CUs will not change the installed OS components.  If you desire, you can add Media Foundation and remove the desktop experience after installing these CUs. This is optional.

 

Issues Resolved

KB 3202691 Public folders indexing doesn’t work correctly after you apply latest cumulative updates for Exchange Server

KB 3201358 Set-Mailbox and New-Mailbox cmdlets prevent the use of the -Office parameter in Exchange Server 2016

KB 3202998 FIX: MSExchangeOWAAppPool application pool consumes memory when it recycles and is marked as unresponsive by Health Manager

KB 3208840 Messages for the health mailboxes are stuck in queue on Exchange Server 2016

KB 3186620 Mailbox search from Exchange Management Shell fails with invalid sort value in Exchange Server 2016

KB 3199270 You can’t restore items to original folders from Recoverable Items folder in Exchange Server 2016

KB 3199353 You can’t select the receive connector role when you create a new receive connector in Exchange Server 2016

KB 3193138 Update to apply MessageCopyForSentAsEnabled to any type of mailbox in Exchange Server 2016

KB 3201350 IMAP “unread” read notifications aren’t suppressed in Exchange Server 2016

KB 3209036 FIX: “Logs will not be generated until the problem is corrected” is logged in an Exchange Server 2016 environment

KB 3212580 Editing virtual directory URLs by using EAC clears all forms of authentication in Exchange Server 2016

 

Some Items For Consideration

Exchange 2016 follows the same servicing paradigm for Exchange 2013 which was previously discussed on the blog.  The CU package can be used to perform a new installation, or to upgrade an existing Exchange Server 2016 installation to this CU.  Cumulative Updates are well, cumulative.  What else can I say…

  • After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange 2016. If you uninstall this cumulative update package, Exchange 2016 is removed from the server.
  • Place the server into maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
  • Restart the server after installing the CU
  • Ensure that you consult with all 3rd party vendors which exist as part of your messaging environment.  This includes archive, backup, mobility and management services.
  • Ensure that you do not forget to install this update on management servers, jump servers/workstations and application servers where the management tools were installed for an application.  FIM and 3rd party user provisioning solutions are examples of the latter.
  • Ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed.  See KB981474.
  • Disable file system antivirus prior to installing.
  • Once server has been restarted, re-enable file system antivirus.
  • Note that customised configuration files are overwritten on installation.  Make sure you have any changes fully documented!
  • CU4 does not contain new AD Schema updates for your organisation, though depending upon which version of Exchange you are upgrading from, changes may be required.

via https://blogs.technet.microsoft.com/rmilne/2016/12/13/exchange-2016-cu4-released/

Exchange OWA HTTP Redirect – 2

Due to some changes from Exchange CU3 version this method not works anymore. You should use default redirect method as described here: https://support.microsoft.com/en-us/kb/975341

Some standard modules removed by Exchange Server 2016 for reducing per-request memory footprint and to reduce native/managed context switches as described in the web.config file:

<!– Standard set of module removes for reducing per-request memory footprint and to reduce native/managed context switches –>
<remove name=”CustomErrorModule” />
<remove name=”DefaultAuthentication” />
<remove name=”DirectoryListingModule” />
<remove name=”DynamicCompressionModule” />
<remove name=”FileAuthorization” />
<remove name=”FormsAuthentication” />
<remove name=”HttpCacheModule” />
<remove name=”OutputCache” />
<remove name=”Profile” />
<remove name=”RequestFilteringModule” />
<remove name=”RoleManager” />
<remove name=”ScriptModule-4.0″ />
<remove name=”ServiceModel” />
<remove name=”ServiceModel-4.0″ />
<remove name=”Session” />
<remove name=”StaticCompressionModule” />
<remove name=”UrlAuthorization” />
<remove name=”UrlMappingsModule” />
<remove name=”UrlRoutingModule-4.0″ />

Skype for Business on Mac: Readiness Update

Today announced the release of Skype for Business on Mac Cumulative Update 1. With this release comes some new features as well as some client improvements. There is also a significant change that pertains to the Single window (tabbed) mode. We have updated our Skype for Business on Mac readiness video to help educate you about these changes. Below you will find links to the official update announcement as well as a link to the updated readiness training.

Official Announcement on Next hop

https://blogs.technet.microsoft.com/nexthop/2016/11/22/skype-for-business-on-mac-cu1-released/

Readiness Update for Cumulative Update 1

Recording: http://aka.ms/sa-mac

Pptx deck: Attached to this blog post

MAPI Over HTTP Is the default Outlook Desktop Connection Protocol for Office 365

MAPI Over HTTP Is the default Outlook Desktop Connection Protocol for Office 365

Microsoft released MAPI over HTTP (the “Alchemy” project) as part of Exchange 2013 SP1 in May 2014. Well before that time, MAPI over HTTP had been running inside Office 365 to shake down the new protocol before it was released to on-premises customers. The replacement for the long-established RPC over HTTP (aka “Outlook Anywhere”) protocol, MAPI over HTTP is designed to accommodate the demands of modern networking environments where devices hop from network to network and seamless mobility is everything.

The natural conclusion for the process has now come to pass. Microsoft is giving Office 365 tenants almost a year’s warning that RPC over HTTP connections will not be supported for Exchange Online after October 31, 2017. Outlook Anywhere is heading for the rubbish heap, but only for Office 365 as on-premises Exchange will continue to support this venerable protocol.

Outlook Anywhere Gets the Bullet

Exchange: MAPI over HTTP

Messaging Application Programming Interface (MAPI) over HTTP is a transport protocol that improves the reliability and stability of the Outlook and Exchange connections by moving the transport layer to the industry-standard HTTP model. This allows a higher level of visibility of transport errors and enhanced recoverability. Additional functionality includes support for an explicit pause-and-resume function. This enables supported clients to change networks or resume from hibernation while maintaining the same server context.

MAPI over HTTP is a new transport used to connect Outlook and Exchange. MAPI/HTTP was first delivered with Exchange 2013 SP1 and Outlook 2013 SP1. MAPI/HTTP removes the complexity of Outlook Anywhere’s dependency on the legacy RPC technology.

Client requirements: Outlook 2016, Outlook 2013 SP1, Outlook 2010 with KB2899591 installed.

Server requirements: Exchange 2016, Exchange 2013 SP1.

In Exchange Server 2016, MAPI over HTTP is enabled by default at the organization level. In Exchange Server 2013 SP1 isn’t enabled and administrators will have to configure MAPI over HTTP.

Virtual directory configuration

Set-MapiVirtualDirectory -InternalUrl https://mail.contoso.com/mapi –ExternalUrl https://mail.contoso.com/mapi -IISAuthenticationMethods Negotiate

Certificate configuration

Certificate must include domains from InternalUrl and ExternalUrl, e.g. mail.contoso.com

Enable MAPI over HTTP

Enable for entire organization:

Set-OrganizationConfig -MapiHttpEnabled $true

Enable for indiviadual mailbox:

Set-CasMailbox -id <mailbox> -MapiHttpEnabled $true

Connection settings made at the mailbox level take precedence over any organization-wide settings.

Test MAPI over HTTP connections

Test-OutlookConnectivity -RunFromServerId <YourMailServer> -ProbeIdentity OutlookMapiHttpSelfTestProbe

Outlook connection status

RPC connection:

capture

MAPI over HTTP connection:

capture2

Web browser check

Follow URL https://mail.contoso.com/mapi/emsmdb

capture3

Log paths

CAS: %ExchangeInstallPath%\Logging\HttpProxy\Mapi\

Mailbox: %ExchangeInstallPath%\Logging\MAPI Client Access\

Mailbox: %ExchangeInstallPath%\Logging\MAPI Address Book Service\