Exchange 2013 Server Role Requirements Calculator 6.3

Excel-2013[1]The Exchange 2013 Server Role Requirements Calculator received an update to reflect changed incorporated in Exchange 2013 SP1, such as adjusted guidance to accomodate for MAPI/http and its impact on the CAS role, as well as revised pagefile sizing guidance. The new version number is 6.3.

Changes since version 6.1:

  • Fixed Backup Requirements calculations to include greater than 50 databases.
  • Added additional processor core support.
  • Fixed the number of database volumes calculation when disk count is specified.
  • Fixed the database size calculation for A/P scenarios to match A/A scenario calculations.
  • Fixed the calculator to take into account halving database number per volume in non-site resilient scenarios.
  • Fixed conditional formatting errors on transport configuration settings.
  • Fixed transport sizing to take into account mailbox growth.
  • Updated CAS megacycle calculations to align with SP1 guidance.
  • Revised Dispart.ps1 script to create database mount points consistent with JetStress performance counters.
  • Added Calculator version number to record one field three of CSV export files.

You can download the calculator here. For more information, please consult the release notes and read me

Exchange 2013 SP1 Transport Agent Fix (updated)

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1, people reported issues with Transport Agents. Symptoms are that the Transport service doesn’t start or stops shortly after starting the service or you can’t install the 3rd party product.

Products experiencing the issue are TrendMicro ScanMail, McAfee Email Security (GroupShield), Symantec Mail Security for Exchange, AVG for Servers, ESET Mail Security for Exchange and CodeTwo Exchange Rules. Products from other vendors may be affected as well.

Microsoft is aware of this issue and has published KB2938053 which has a small Exchange2013-KB2938053-FixIt.zip script to fix the issue.

The cause of the issue lies in XML files containing invalid XML markup in the form of “comments” which prevents .NET from loading the XML files, e.g.

<!-- 15.0.847.30 -------------------------------->

The two files containing the invalid XML markup are:

$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Common\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Common.VersionPolicy.cfg
$Env:Windir\Microsoft.NET\assembly\GAC_MSIL\policy.8.0.Microsoft.Exchange.Data.Transport\v4.0_15.0.847.30__31bf3856ad364e35\Microsoft.Exchange.Data.Transport.VersionPolicy.cfg

Be advised that the script supplied in the KB article tries to locate and fix various alternate versions of those files. Something you might want to consider as well when fixing it manually, should you be unable to locate the specific files mentioned above.

After running the script you should be able to start the Transport service or install 3rd party containing transport agents..

Update (3/5): Updated blog after official KB article got published. The issue was also blogged on by fellows Jason Sherry, Paul Cunningham while Tony Redmond has additionanal background details here.

Inbound e-mail not accepted after applying Exchange 2013 SP1

Ex2013 LogoAfter installing Exchange 2013 Service Pack 1 you may notice that inbound e-mail is not accepted and attempts to connect to port 25 will result in a timeout.

The application event log will contain event log entries ID 7012, generated by the MSExchangeFrontEndTransport, mentioning that “The service state for frontend transport is inconsistent. Current state – Inactive. Expected state – Active”:

image

When inspecting the component state from the Exchange Management Shell using:

Get-ServerComponentState <ServerID> -Component FrontendTransport

you will notice that it really is inconsistent, as Exchange will report that the component is active:

image

The quick workaround for this issue at the moment is to restart the Frontend Transport service:

Restart-Service MSExchangeFrontendTransport

After a restart of the service, or system restart if you must, the component state is working fine again and connections are accepted. In addition, the MSExchangeFrontendTransport will generate an event log entry ID 7009, “Retrieved the service state. Host service – FrontendTransport, Service state data – Active.”

Exchange and The UC Architects fellow Paul Cunningham discovered the same issue and blogged about it here.

Exchange 2013 Service Pack 1

Ex2013 LogoThe long awaited Service Pack 1 for Exchange Server 2013 was released today by the Exchange Team (KB2926248). This update raises Exchange 2013 version number to 15.0.847.32.

Service Pack 1 introduces the following changes or enhancements:

  • Support for running Exchange Server 2013 SP1 on Windows Server 2012 R2.
  • Support for Windows Server 2012 R2 Domain Controllers and Windows Server 2012 R2 Forest and Domain Functional Level.
  • MAPI over HTTP.  More information on MAPI over HTTP here. Note that MAPI over HTTP requires Outlook 2013 SP1; you can download Office 2013 SP1 32-bit version here and the 64-bit version here.
  • DLP policy tips for OWA.
  • Add custom document types to DLP using fingerprinting technologies.
  • Cmdlet logging in Exchange Administrative Console.
  • Support for IP-less DAGs (on Windows Server 2012 R2).
  • S/MIME support.
  • Rich-Text editor for OWA.
  • Edge Transport server role.
  • Support for SSL Offloading.

Service Pack 1 includes the following fixes:

  • 2860242 HTML format is lost after saving as an MSG file in Exchange 2013
  • 2900076 Mailbox quota warning message uses an incorrect language in Exchange Server 2013
  • 2910199 “Reply all by IM” chat window displays seven recipients in Outlook Web App
  • 2913999 Meeting request body and instructions are lost in delegate’s auto-forwarded meeting request
  • 2918655 Microsoft.Exchange.Servicehost.exe crashes after you enable FIPS
  • 2918951 Users cannot access public folders after you upgrade to Exchange Server 2013 Cumulative Update 3
  • 2925281 Outlook connectivity issue if SSLOffloading is “True” in Exchange 2013
  • 2925544 Empty ExternalURL value for ActiveSync virtual directory after build-to-build upgrade of Exchange Server 2013
  • 2927708 Resource mailboxes that are created by EAC will not be updated by policies in Exchange Server 2013
  • 2928748 Default from delegate’s address in shared mailboxes in Exchange Server 2013
  • 2928803 Long server connection for Outlook after a database failover in Exchange Server 2013
  • 2930346 POP3 access does not work if the name of the resource mailbox differs from the user’s name
  • 2930348 Manual redirection occurs in Outlook Web App if External URLs in each site are the same
  • 2930352 Outlook Web App cross-site silent redirection does not work in Exchange Server 2013

Cumulative Updates and Service Packs includes schema and AD changes, so make sure you run PrepareSchema /PrepareAD. After updating, the schema version will be 15292.

Note that Service Packs and Cumulative Updates can be installed directly, i.e. no need to install RTM prior to Cumulative Updates or Service Packs. Note that once applied, you can’t uninstall a Cumulative Update or Service Pack nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous Exchange generations.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

Also check with any 3rd party products you may use – there are reports of compatibility issues with 3rd party transport agents by Exclaimer, Trendmicro (other AV solutions possibly as well) and CodeTwo. The cause of the Transport service failing to start or problems with installing 3rd party transport agents has been identified. A workaround can be found here.

You can download Exchange 2013 Service Pack 1 here. The Exchange 2013 SP1 UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement here.

Exchange 2013 Server Role Requirements Calculator 6.1

Excel-2013[1]The Exchange 2013 Server Role Requirements Calculator received an update to reflect changed incorporated in Exchange 2013 CU2, like the increased maximum number of databases. The new version number is 6.1.

Changes since version 5.9:

  • Fixed operator mistake in calcNumActiveDBsSF formula
  • Fixed missed validation scenario where the calculator could recommend a copy count that could not be deployed on the custom disk architecture
  • Optimized remaining servers formula
  • Fixed an issue where single datacenter, multiple databases per volume architecture with lagged copies didn’t calculate the correct number of
    copies/volume
  • Fixed VirtCPUFactor reference
  • Various comment changes
  • Improved cell highlights for insufficient disk capacity on storage design tab
  • Added additional storage capacities – 1.2TB, 6TB and 8TB
  • Fixed database count validation logic to take into consideration dedicated lagged copy servers

You can download the calculator here. For more information please consult the release notes and read me

Exchange 2013 Cumulative Update 3

Ex2013 LogoThe long awaited Cumulative Update 3 for Exchange Server 2013 was released today by the Exchange Team (KB2892464). This update raises Exchange 2013 version number to 15.0.775.38.

This CU contains the following functional enhancements:

  • Usability improvements when adding members to new and existing groups in the Exchange Administration Console
  • Online RMS available for use by non-cloud based Exchange deployments
  • Improved admin audit log experience
  • Windows 8.1 / Internet Explorer 11 no longer requires using OWA Light

The CU contains the following fixes:

  • MS13-061 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)
  • 2865161 “Errors: Failed exporting item id: from source id” when you try to copy search results in an Exchange Server 2013 environment
  • 2871980 Child domains are not displayed for selection when you create a mailbox by using EAC in an Exchange Server 2013 environment
  • 2878160 “The Active Directory user wasn’t found” error when you create or update an In-Place eDiscovery search in an Exchange Server 2013 environment
  • 2882608 Exchange Server 2013 does not share the inproxy.dll file
  • 2886115 Retention policies are not applied to Exchange Server 2013 mailboxes when user accounts are on different domains
  • 2888274 WebClientReadFormQueryString string and WebClientEditFormQueryString string return incorrect URLs in an Exchange Server 2013 environment
  • 2888315 Event 2112 or 2180 is logged when you try to back up a database in an Exchange Server 2013 environment
  • 2888612 Retention policy does not work after you run a cmdlet in an Exchange Server 2013 environment
  • 2889786 Sign-in format for Outlook Web App on mobile devices is not adjusted according to the Set-OwaVirtualDerictory cmdlet in an Exchange Server 2013 environment
  • 2890650 Items in the Drafts folder are not stamped with the retention policy tag in an Exchange Server 2010 or 2013 environment
  • 2895487 “Copy Search Results” option does not work in an Exchange server 2013 environment
  • 2895500 DBCS characters appear garbled when you run some PowerShell scripts in EMS in an Exchange Server 2013 environment
  • 2895678 “Nombre de usuario\dominio” is displayed unexpectedly on the Spanish version of the OWA and EAC logon pages in an Exchange Server 2013 environment
  • 2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
  • 2902929 You cannot forward an external meeting request in an Exchange Server 2013 environment
  • 2902933 “Generate incident report” does not display the “Bcc” field in an Exchange Server 2013 environment
  • 2902934 Korean language localization issue in Exchange 2013 OWA user interface
  • 2902936 You cannot change SMTP addresses for distribution groups by using EAC in an Exchange Server 2013 environment
  • 2902938 You cannot preview Office documents in shared folders by using Outlook Web App in an Exchange Server 2013 environment
  • 2902939 EMS connection error when you separately install an Exchange Server 2013 Mailbox server and a Client Access server
  • 2883203 Exchange Server 2013 restarts frequently after Cumulative Update 2 is installed
  • 2890814 No redirection to the Outlook Web App URL for Exchange Online users in an Exchange hybrid deployment

This Cumulative Update includes schema and AD changes, so make sure you run PrepareSchema / PrepareAD. After updating, the schema version will be 15283.

Note that Cumulative Updates can be installed directly, i.e. no need to install RTM prior to Cumulative Updates. Note that once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles. The order of upgrading servers is irrelevant, unlike with previous generations of Exchange.

Finally, and I can’t emphasize this enough: For any Hotfix, Rollup, Service Pack or Cumulative Update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. When you lack such facilities, hold out a week or two and monitor the comments on the release article or TechNet forum for any issues.

You can download Exchange 2013 Cumulative Update 3 here; CU3 UM Language Packs can be found here. More details about these changes, preparing Active Directory or installing this Cumulative Update can be found in the original announcement.

Rerelease of MS13-06/KB2874216 for Exchange 2013

Ex2013 LogoToday the rereleases of MS13-061 Security Fix for Exchange 2013 CU1 and Exchange 2013 CU2 saw daylight. This security update KB2874216 fixes the issue described in Microsoft Security Bulletin MS13-061 and supposedly fixes the issues found with the original release. After installing the v2 patch, the version will be upped 2 notches compared to the original patch.

As mentioned in an earlier article, security fixes are Cumulative Update level specific. In practice, this means there are two different versions of the security update patch file: one for CU1 and one for CU2.

Be advised both files carry the same file name, Exchange2013-KB2874216-v2-x64-en.msp. I suggest adding some form of Cumulative Update identification to the file name when you archive it, e.g. Exchange2013-KB2874216-v2-x64-en-CU2.msp.

As with any patch or update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production. If you don’t have the resources and risk management can agree, you might want to consider postponing implementation for a short period while monitoring for issues in the online.

You can download the security updates here:

Fix for MS13-061 breaking Exchange 2013 (Updated)

Ex2013 LogoUPDATE: The MS13-061 security update for Exchange 2013 CU1 & CU2 has been pulled until further notice. Microsoft recommends not installing MSI13-061 at the moment and disable Data Loss Prevention and WebReady as described in the Oracle Outside In Contains Multiple Exploitable Vulnerabilities section in the MS13-061 bulletin.

After some people reported issues after installing the MS13-061 (KB2874216) security update on Exchange 2013, it turns out MS13-061 breaks your installation of Exchange 2013 and you can experience the following symptoms:

  • The Microsoft Exchange Search Host Controller service is missing;
  • You see a new service named “Host Controller service for Exchange”;
  • Content index (CI) for mailbox databases shows Failed on affected server.

This is described in KB2879739 including the ‘workaround’, which is consists of three steps:

  1. Set HKLM\SOFTWARE\Microsoft\Search Foundation for Exchange\Data Directory to $exinstall\Bin\Search\Ceres\HostController\Data (REG_SZ), where $exinstall is the installation folder of your Exchange 2013 installation folder, e.g. C:\Program Files\Microsoft\Exchange Server\V15\Bin\Search\Ceres\HostController\Data;
  2. Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DisplayName=”Microsoft Exchange Search Host Controller” (REG_SZ);
  3. Set HKLM\SYSTEM\CurrentControlSet\Services\HostControllerService\DependOnService=”http” (REG_MULTI_SZ);
  4. (Re)start the “Microsoft Exchange Search Host Controller” service.

For your convenience, I’ve create a small quick & dirty script as a potential time saver (as far as you can call a three-liner a script and don’t expect extensive error handling as well). This script Workaround-KB2879739.ps1 performs the steps described in the KB2879739 so you can run it right after deploying MS13-061 / KB2874216 on your Exchange 2013 server.

You can download the script here.

MS13-061 Security Fix for Exchange 2013 (updated)

Ex2013 LogoUPDATE: The MS13-061 security update for Exchange 2013 CU1 & CU2 has been pulled until further notice.If you have installed it, there are issues with it which can be fixed (link). Microsoft recommends not installing MSI13-061 at the moment and disable Data Loss Prevention and WebReady as described in the Oracle Outside In Contains Multiple Exploitable Vulnerabilities section in the MS13-061 bulletin.

Today the Exchange Team released the first Security Update for Exchange 2013. This security update KB2874216 fixes the issue described in Microsoft Security Bulletin MS13-061.

As mentioned in an earlier article, security fixes are Cumulative Update level specific. How that would turn out in practice remained to be seen at the time of writing that article, but at the moment it means there are two different versions of the security update, one patch file for CU1 and one for CU2 (or the re-release of CU2 actually, version 15.0.712.24 – more information on that here). I assume the .MSP format limits the ability to merge the two and let it make an intelligent decision on what to install.

Be warned that both files carry the same file name, I suggest adding some form of Cumulative Update identification to the file name when archiving it, e.g. Exchange2013-KB2874216-x64-en-CU2.msp.

As with any patch or update, I’d recommend to thoroughly test this in a test and acceptance environment first, prior to implementing it in production.

You can download the security updates here:

Exchange 2013 CU2 v2

Ex2013 LogoCumulative Update 2 for Exchange Server 2013 was re-released today.  This re-release fixes a serious permission issue when moving modern public folders mailboxes around, as described by the Exchange team here. For more information on changes already incorporated in the original CU2, check the original post on CU2 here.

The part which might confuse some people is that they updated the version of the CU (like they did for some Rollups in the past) while keeping the knowledge base article KB2859928 and download link identical to the original CU2; only the version number has been increased a notch (15.0.712.24). When you download the file it will contain a v2 postfix, i.e. Exchange2013-KB2859928-x64-v2.exe, which is helpful for identification purposes.

Because of the “every server is an island” principle, you don’t need to stick to a certain order when implementing Exchange 2013 updates and in theory you can just update your Mailbox servers. However, be advised that Exchange 2013 security fixes – which are CU level bound as mentioned here and emphasized here – will be based on CU2v2, which means you ultimately must implement CU2v2 on all of your Exchange 2013 servers.

Note that CU2v2 is a full installation set. Before installing CU2v2, make sure to save customized OWA settings as the web.config files might get overwritten causing OWA to use default settings (see KB2871485).

As with any update, I’d recommend to thoroughly test this in a test and acceptance environment first (re-releases make a great business case), prior to implementing it in production.

You can download Exchange 2013 CU2 v2 here.