Exchange 2013 Cumulative Update 5

Ex2013 LogoToday, Cumulative Update 5 for Exchange Server 2013 was released by the Exchange Team (KB2936880). This update raises Exchange 2013 version number to 15.0.913.22.

This Cumulative Update contains the following fixes compared to SP1 (CU4):

  • 2963590 Message routing latency if IPv6 is enabled in Exchange Server 2013
  • 2963566 Outlook Web App accessibility improvement for UI appearance in Exchange Server 2013
  • 2962439 You cannot sync contacts or tasks in Microsoft CRM client for Outlook in an Exchange Server 2013 environment
  • 2962435 CRM synchronization fails if the time zone name of a meeting is not set in an Exchange Server 2013 environment
  • 2962434 Slow performance in Outlook Web App when Lync is integrated with Exchange Server 2013
  • 2958430 “Some or all Identity references could not be translated” error when you manage DAG in Exchange Server 2013 SP1 in a disjoint namespace domain
  • 2957592 IME is disabled in Outlook Web App when you press Tab to move the focus in an email message in Exchange Server 2013
  • 2942609 Exchange ActiveSync proxy does not work from Exchange Server 2013 to Exchange Server 2007
  • 2941221 EWS integration for Lync works incorrectly in an Exchange Server 2013 and 2007 coexistence environment
  • 2926742 Plain-text message body is cleared when writing in Outlook Web App by using Internet Explorer 8 in Exchange Server 2013
  • 2926308 Sender’s email address is broken after importing a PST file into an Exchange Server 2013 mailbox
  • 2925559 Users always get the FBA page when they access OWA or ECP in Exchange Server 2013
  • 2924519 “SyncHealth\Hub” folder is created unexpectedly after installing Cumulative Update 2 for Exchange Server 2013
  • 2916113 Cannot open .tif files from email messages by using Windows-based applications in an Exchange Server 2013 environment
  • 2592398 Email messages in the Sent Items folder have the same PR_INTERNET_MESSAGE_ID property in an Exchange Server 2010 environment

Notes:

  • Be advised that this CU includes a Managed Availability probe configuration that may result in the frequently restarting of the Microsoft Exchange Shared Cache Service in some environments. More information, see KB2971467.
  • Be advised of OAB architectural changes documented here. If you are affected, it is recommended to update CAS servers prior to Mailbox servers.

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15300.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM or Service Packs prior to installing Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 5 here; UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement.

Get-MyMailboxStatistics

powershellLast update: Version 1.01, July 14th, 2014.

Those leveraging quota settings to manage their Exchange environments, you are probably periodically running some sort of script or set of cmdlets to retrieve information on mailbox sizes, quota settings and if any mailbox is above any of the quota thresholds. For a quick indication of the current size in relation to the quota settings, StorageLimitStatus may contain one of the following indicators depending on the quota settings on the mailbox or mailbox database hosting the mailbox:

  • BelowLimit – Speaks for itself
  • IssueWarning – Mailbox size above Issue Warning limit
  • ProhibitSend – Mailbox size above Prohibit Send limit
  • NoChecking – No quota checking
  • MailboxDisabled – Mailbox size above Prohibit Send and Receive quota limit

So, to get a list of all mailboxes with any over-quota status, you can use:

Get-MailboxDatabase | Get-MailboxStatistics | Where {$_.StorageLimitStatus -match 'IssueWarning|ProhibitSend|MailboxDisabled'} | Select DisplayName, ItemCount, TotalItemSize, StorageLimitStatus, LastLogonTime

Unfortunately, in Exchange 2013 the StorageLimitStatus gets no longer populated:

image

As KB2819389 explains, this is by design. In Exchange 2013, mailbox quotas are no longer cached. By not being cached, retrieving quota information may result in poor performance as it queries Active Directory for quota related attributes. The argument is a bit puzzling, considering there is a NoADLookup switch which directs the cmdlet to retrieve information from the mailbox database (cache) instead of Active Directory. Perhaps a better workaround would have been to make NoADLookup a parameter, make it $true by default and leave StorageLimitStatus unpopulated when NoADLookup is $true.

Of course, that does not help customers who want a quick quota report. For this purpose I have created two things in 1 script:

  1. A helper function Get-StorageLimitStatus() which will take a mailbox statistics object and return a StorageLimitStatus object.
  2. A script Get-MyMailboxStatistics.ps1, a proxy function for Get-MailboxStatistics which will use the Get-StorageLimitStatus helper function to populate the StorageLimitStatus.

Get-StorageLimitStatus
When you want to use the helper function, extract it and include it in your quota reporting script or PowerShell profile (making it available when firing up a shell). To use the helper function in the cmdlet shown earlier, use:

Get-MailboxDatabase | Get-MailboxStatistics | Where {$_.StorageLimitStatus -match 'IssueWarning|ProhibitSend|MailboxDisabled'} | Select -ExcludeProperty StorageLimitStatus DisplayName, ItemCount, TotalItemSize, @{n="StorageLimitStatus"; e={ Get-StorageLimitStatus $_}}, LastLogonTime

This will remove StorageLimitStatus from the output and add a calculated field bearing the same the name, calling the Get-StorageLimitStatus helper function with the current mailbox statistics object to set its value.

Get-MyMailboxStatistics.ps1
This is a proxy function for the Exchange Management Shell cmdlet Get-MailboxStatistics. This means that the current, original cmdlet was used to create a wrapper which will call the original cmdlet. Having a wrapper allows you to restrict or enhance the original cmdlet and tailor it to your needs.

A quick tip on how to create a proxy script in the clipboard (more information on creating proxy commands here):

$data= New-Object System.Management.Automation.CommandMetaData (Get-Command Get-MailboxStatistics) 
[System.Management.Automation.ProxyCommand]::create($data) | clip.exe

Downside is that future changes to the Get-MailboxStatistics cmdlet will not be automatically incorporated in the wrapper. Feeding it objects also doesn’t work, but you can work around that by temporary storing the objects in a variable and passing that to the script (see examples below).

To populate the StorageLimitStatus, we will post-process each object in the output of Get-MailboxStatistics, using Add-Member to overwrite (-Force) its current value and –PassThru to pass it along in the pipeline. Being a proxy command, the parameter options are identical to the original Get-MailboxStatistics. Some examples:

.\Get-MailboxStatistics.ps1 -Database MDB2
$m= Get-Mailbox –Database MDB2 
$m | .\Get-MailboxStatistics.ps1 | ft –AutoSize DisplayName,TotalItemSize,StorageLimitStatus

image

Do be aware that this will incur Active Directory queries and thus performance of the script may not seem fast. However, in previous versions of Exchange you got immediate results as all the quota information was readily available from the cache. On the plus side, the status you see will be non-cached, current information.

On a final note and maybe needless to say that in order to use this you need to run it from the Exchange Management Shell and since it’s an unsigned script you need to set ExecutionPolicy to Unrestricted.

Feedback
Feedback is welcomed through the comments. If you got scripting suggestions or questions, do not hesitate using the contact form.

Download
You can download the script from the TechNet Gallery here.

Revision History
See Technet Gallery page.

Exchange 2013 Server Role Requirements Calculator 6.3

Excel-2013[1]The Exchange 2013 Server Role Requirements Calculator received an update to reflect changed incorporated in Exchange 2013 SP1, such as adjusted guidance to accomodate for MAPI/http and its impact on the CAS role, as well as revised pagefile sizing guidance. The new version number is 6.3.

Changes since version 6.1:

  • Fixed Backup Requirements calculations to include greater than 50 databases.
  • Added additional processor core support.
  • Fixed the number of database volumes calculation when disk count is specified.
  • Fixed the database size calculation for A/P scenarios to match A/A scenario calculations.
  • Fixed the calculator to take into account halving database number per volume in non-site resilient scenarios.
  • Fixed conditional formatting errors on transport configuration settings.
  • Fixed transport sizing to take into account mailbox growth.
  • Updated CAS megacycle calculations to align with SP1 guidance.
  • Revised Dispart.ps1 script to create database mount points consistent with JetStress performance counters.
  • Added Calculator version number to record one field three of CSV export files.

You can download the calculator here. For more information, please consult the release notes and read me

Exchange 2013 SP1 Transport Agent Fix (updated)

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1, people reported issues with Transport Agents. Symptoms are that the Transport service doesn’t start or stops shortly after starting the service or you can’t install the 3rd party product.

Products experiencing the issue are TrendMicro ScanMail, McAfee Email Security (GroupShield), Symantec Mail Security for Exchange, AVG for Servers, ESET Mail Security for Exchange and CodeTwo Exchange Rules. Products from other vendors may be affected as well.

Microsoft is aware of this issue and has published KB2938053 which has a small Exchange2013-KB2938053-FixIt.zip script to fix the issue.

The cause of the issue lies in XML files containing invalid XML markup in the form of “comments” which prevents .NET from loading the XML files, e.g.

<!-- 15.0.847.30 -------------------------------->

The two files containing the invalid XML markup are:

$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Common\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Common.VersionPolicy.cfg
$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Transport\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Transport.VersionPolicy.cfg

Be advised that the script supplied in the KB article tries to locate and fix various alternate versions of those files. Something you might want to consider as well when fixing it manually, should you be unable to locate the specific files mentioned above.

After running the script you should be able to start the Transport service or install 3rd party containing transport agents..

Update (3/5): Updated blog after official KB article got published. The issue was also blogged on by fellows Jason Sherry, Paul Cunningham while Tony Redmond has additionanal background details here.

Inbound e-mail not accepted after applying Exchange 2013 SP1

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1 you may notice that inbound e-mail is not accepted and attempts to connect to port 25 will result in a timeout.

The application event log will contain event log entries ID 7012, generated by the MSExchangeFrontEndTransport, mentioning that “The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active”:

image

When inspecting the component state from the Exchange Management Shell using:

Get-ServerComponentState <ServerID> -Component FrontendTransport

you will notice that it really is inconsistent, as Exchange will report that the component is active:

image

The quick workaround for this issue at the moment is to restart the Frontend Transport service:

Restart-Service MSExchangeFrontendTransport

After a restart of the service, or system restart if you must, the component state is working fine again and connections are accepted. In addition, the MSExchangeFrontendTransport will generate an event log entry ID 7009, “Retrieved the service state. Host service – FrontendTransport, Service state data – Active.”

Exchange and The UC Architects fellow Paul Cunningham discovered the same issue and blogged about it here.

Exchange 2013 Service Pack 1

Ex2013 LogoThe long awaited Service Pack 1 for Exchange Server 2013 was released today by the Exchange Team (KB2926248). This update raises Exchange 2013 version number to 15.0.847.32.

Service Pack 1 introduces the following changes or enhancements:

  • Support for running Exchange Server 2013 SP1 on Windows Server 2012 R2.
  • Support for Windows Server 2012 R2 Domain Controllers and Windows Server 2012 R2 Forest and Domain Functional Level.
  • MAPI over HTTP.  More information on MAPI over HTTP here. Note that MAPI over HTTP requires Outlook 2013 SP1; you can download Office 2013 SP1 32-bit version here and the 64-bit version here.
  • DLP policy tips for OWA.
  • Add custom document types to DLP using fingerprinting technologies.
  • Cmdlet logging in Exchange Administrative Console.
  • Support for IP-less DAGs (on Windows Server 2012 R2).
  • S/MIME support.
  • Rich-Text editor for OWA.
  • Edge Transport server role.
  • Support for SSL Offloading.

Service Pack 1 includes the following fixes:

  • 2860242 HTML format is lost after saving as an MSG file in Exchange 2013
  • 2900076 Mailbox quota warning message uses an incorrect language in Exchange Server 2013
  • 2910199 “Reply all by IM” chat window displays seven recipients in Outlook Web App
  • 2913999 Meeting request body and instructions are lost in delegate’s auto-forwarded meeting request
  • 2918655 Microsoft.Exchange.Servicehost.exe crashes after you enable FIPS
  • 2918951 Users cannot access public folders after you upgrade to Exchange Server 2013 Cumulative Update 3
  • 2925281 Outlook connectivity issue if SSLOffloading is “True” in Exchange 2013
  • 2925544 Empty ExternalURL value for ActiveSync virtual directory after build-to-build upgrade of Exchange Server 2013
  • 2927708 Resource mailboxes that are created by EAC will not be updated by policies in Exchange Server 2013
  • 2928748 Default from delegate’s address in shared mailboxes in Exchange Server 2013
  • 2928803 Long server connection for Outlook after a database failover in Exchange Server 2013
  • 2930346 POP3 access does not work if the name of the resource mailbox differs from the user’s name
  • 2930348 Manual redirection occurs in Outlook Web App if External URLs in each site are the same
  • 2930352 Outlook Web App cross-site silent redirection does not work in Exchange Server 2013

Cumulative Updates and Service Packs includes schema and AD changes, so make sure you run PrepareSchema /PrepareAD. After updating, the schema version will be 15292.

Note that Service Packs and Cumulative Updates can be installed directly, i.e. no need to install RTM prior to Cumulative Updates or Service Packs. Note that once applied, you can’t uninstall a Cumulative Update or Service Pack nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous Exchange generations.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

Also check with any 3rd party products you may use – there are reports of compatibility issues with 3rd party transport agents by Exclaimer, Trendmicro (other AV solutions possibly as well) and CodeTwo. The cause of the Transport service failing to start or problems with installing 3rd party transport agents has been identified. A workaround can be found here.

You can download Exchange 2013 Service Pack 1 here. The Exchange 2013 SP1 UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement here.

Exchange 2013 Server Role Requirements Calculator 6.1

Excel-2013[1]The Exchange 2013 Server Role Requirements Calculator received an update to reflect changed incorporated in Exchange 2013 CU2, like the increased maximum number of databases. The new version number is 6.1.

Changes since version 5.9:

  • Fixed operator mistake in calcNumActiveDBsSF formula
  • Fixed missed validation scenario where the calculator could recommend a copy count that could not be deployed on the custom disk architecture
  • Optimized remaining servers formula
  • Fixed an issue where single datacenter, multiple databases per volume architecture with lagged copies didn’t calculate the correct number of
    copies/volume
  • Fixed VirtCPUFactor reference
  • Various comment changes
  • Improved cell highlights for insufficient disk capacity on storage design tab
  • Added additional storage capacities – 1.2TB, 6TB and 8TB
  • Fixed database count validation logic to take into consideration dedicated lagged copy servers

You can download the calculator here. For more information please consult the release notes and read me

Exchange 2013 Cumulative Update 3

Ex2013 LogoThe long awaited Cumulative Update 3 for Exchange Server 2013 was released today by the Exchange Team (KB2892464). This update raises Exchange 2013 version number to 15.0.775.38.

This CU contains the following functional enhancements:

  • Usability improvements when adding members to new and existing groups in the Exchange Administration Console
  • Online RMS available for use by non-cloud based Exchange deployments
  • Improved admin audit log experience
  • Windows 8.1 / Internet Explorer 11 no longer requires using OWA Light

The CU contains the following fixes:

  • MS13-061 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)
  • 2865161 “Errors: Failed exporting item id: from source id” when you try to copy search results in an Exchange Server 2013 environment
  • 2871980 Child domains are not displayed for selection when you create a mailbox by using EAC in an Exchange Server 2013 environment
  • 2878160 “The Active Directory user wasn’t found” error when you create or update an In-Place eDiscovery search in an Exchange Server 2013 environment
  • 2882608 Exchange Server 2013 does not share the inproxy.dll file
  • 2886115 Retention policies are not applied to Exchange Server 2013 mailboxes when user accounts are on different domains
  • 2888274 WebClientReadFormQueryString string and WebClientEditFormQueryString string return incorrect URLs in an Exchange Server 2013 environment
  • 2888315 Event 2112 or 2180 is logged when you try to back up a database in an Exchange Server 2013 environment
  • 2888612 Retention policy does not work after you run a cmdlet in an Exchange Server 2013 environment
  • 2889786 Sign-in format for Outlook Web App on mobile devices is not adjusted according to the Set-OwaVirtualDerictory cmdlet in an Exchange Server 2013 environment
  • 2890650 Items in the Drafts folder are not stamped with the retention policy tag in an Exchange Server 2010 or 2013 environment
  • 2895487 “Copy Search Results” option does not work in an Exchange server 2013 environment
  • 2895500 DBCS characters appear garbled when you run some PowerShell scripts in EMS in an Exchange Server 2013 environment
  • 2895678 “Nombre de usuario\dominio” is displayed unexpectedly on the Spanish version of the OWA and EAC logon pages in an Exchange Server 2013 environment
  • 2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
  • 2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
  • 2902933 “Generate incident report” does not display the “Bcc” field in an Exchange Server 2013 environment
  • 2902934 Korean language localization issue in Exchange 2013 OWA user interface
  • 2902936 You cannot change SMTP addresses for distribution groups by using EAC in an Exchange Server 2013 environment
  • 2902938 You cannot preview Office documents in shared folders by using Outlook Web App in an Exchange Server 2013 environment
  • 2902939 EMS connection error when you separately install an Exchange Server 2013 Mailbox server and a Client Access server
  • 2883203 Exchange Server 2013 restarts frequently after Cumulative Update 2 is installed
  • 2890814 No redirection to the Outlook Web App URL for Exchange Online users in an Exchange hybrid deployment

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15283.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM prior to Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 3 here; CU3 UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement.

Rerelease of MS13-06/KB2874216 for Exchange 2013

Ex2013 LogoToday the rereleases of MS13-061 Security Fix for Exchange 2013 CU1 and Exchange 2013 CU2 saw daylight. This security update KB2874216 fixes the issue described in Microsoft Security Bulletin MS13-061 and supposedly fixes the issues found with the original release. After installing the v2 patch, the version will be upped 2 notches compared to the original patch.

As mentioned in an earlier article, security fixes are Cumulative Update level specific. In practice, this means there are two different versions of the security update patch file: one for CU1 and one for CU2.

Be advised both files carry the same file name, Exchange2013-KB2874216-v2-x64-en.msp. I suggest adding some form of Cumulative Update identification to the file name when you archive it, e.g. Exchange2013-KB2874216-v2-x64-en-CU2.msp.

As with any patch or update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. If you don’t have the resources and risk management can agree, you might want to consider postponing implementation for a short period while monitoring for issues in the online.

You can download the security updates here:

Fix for MS13-061 breaking Exchange 2013 (Updated)

Ex2013 LogoUPDATE: The MS13-061 security update for Exchange 2013 CU1 & CU2 has been pulled until further notice. Microsoft recommends not installing MSI13-061 at the moment and disable Data Loss Prevention and WebReady as described in the Oracle Outside In Contains Multiple Exploitable Vulnerabilities section in the MS13-061 bulletin.

After some people reported issues after installing the MS13-061 (KB2874216) security update on Exchange 2013, it turns out MS13-061 breaks your installation of Exchange 2013 and you can experience the following symptoms:

  • The Microsoft Exchange Search Host Controller service is missing;
  • You see a new service named “Host Controller service for Exchange”;
  • Content index (CI) for mailbox databases shows Failed on affected server.

This is described in KB2879739 including the ‘workaround’, which is consists of three steps:

  1. Set HKLM\SOFTWARE\Microsoft\Search Foundation for Exchange\Data Directory to $exinstall\Bin\Search\Ceres\HostController\Data (REG_SZ), where $exinstall is the installation folder of your Exchange 2013 installation folder, e.g. C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\HostController\Data;
  2. Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DisplayName=”Microsoft Exchange Search Host Controller” (REG_SZ);
  3. Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DependOnService=”http” (REG_MULTI_SZ);
  4. (Re)start the “Microsoft Exchange Search Host Controller” service.

For your convenience, I’ve create a small quick & dirty script as a potential time saver (as far as you can call a three-liner a script and don’t expect extensive error handling as well). This script Workaround-KB2879739.ps1 performs the steps described in the KB2879739 so you can run it right after deploying MS13-061 / KB2874216 on your Exchange 2013 server.

You can download the script here.