Speaking at Office 365 Engage 2017

I am happy to announce I will be co-hosting a workshop, as well as present a session at the Office 365 Engage conference. The event will be held in the beautiful city of Haarlem, The Netherlands, from June 19 to June 22.

For an independent event in Europe, track chair Tony Redmond managed to come up with a pretty impressive line-up with lots of Microsoft MVPs, consisting of folks such as Michael van Horenbeeck, Jaap Wesselius, Ingo Gegenwarth, Siegfried Jagott, Brian Reid, Vasil Michev, Paul Robichaux, Chris Goosen, Alan Byrne, Brian Desmond, and last but not least Steve Goodman who I am finally going to meet in person after missing each other for several reasons for the last 5 years.

The single day workshop will be hosted together with Jaap, and we will discuss managing Office 365 and its workloads using PowerShell, and its part of the Office 365 Administration track. The day after, I will be giving a session on Managing Exchange Online using PowerShell – Tips & Tricks, part of the Exchange Online track. If you would like to see something specific addressed, leave it in the comments section or pop me an e-mail.

For visitors, the city of Haarlem, a small distance from Amsterdam or The Netherlands – well, everything in The Netherlands is near, is also a nice city to spend some leisure time. You can check out the Office 365 Engage schedule here. I hope to see you there!

PS: The people behind the conference gave me discount code which you can use when registering. Use code SPRMR467 to get 20% off. You can register here.

Michel de Rooij 728x90

Exchange Updates – March 2017

Ex2013 LogoToday, the Exchange Team released the March updates for Exchange Server 2013 and 2016, as well as Exchange Server 2010 and 2007. The latter will receive its last update, as Exchange 2007 will reach end-of-life April 11, 2017.

As announced in December updates, Exchange 2013 CU16 and Exchange 2016 CU5 require .NET 4.6.2. The recommended upgrade paths:

  • If you are still on .NET 4.6.1, you can upgrade to .NET 4.6.2 prior of after installing the latest Cumulative Update.
  • If you are on .NET 4.52, upgrade to Exchange 2016 CU4 or Exchange 2013 CU15 if you are not already on that level, then upgrade to .NET 4.6.2, and finally upgrade to the the latest Cumulative Update.

The Cumulative Updates also include DST changes, which is also contained in the latest Rollups published for Exchange 2010 and 2007.

For a list of fixes in these updates, see below.

Exchange 2016 CU5 15.1.845.34 KB4012106 Download UMLP
Exchange 2013 CU16 15.0.1293.2 KB4012112 Download UMLP
Exchange 2010 SP3 Rollup 17 14.3.352.0 KB4011326 Download
Exchange 2007 SP3 Rollup 23 8.3.517.0 KB4011325 Download
  • KB4015665 SyncDelivery logging folders and files are created in wrong location in Exchange Server 2016
  • KB4015664 A category name that has different case-sensitivity than an existing name is not created in Exchange Server 2016
  • KB4015663 “The message content has become corrupted” exception when email contains a UUE-encoded attachment in Exchange Server 2016
  • KB4015662 Deleted inline picture is displayed as attachment after you switch the message to plain text in Exchange Server 2016
  • KB4015213 Email is still sent to Inbox when the sender is deleted from the Trusted Contacts list in Exchange Server 2016
  • KB4013606 Search fails on Exchange Server 2016 or Exchange Server 2013
  • KB4012994 PostalAddressIndex element isn’t returning the correct value in Exchange Server 2016

Exchange 2013 CU16 fixes:

  • KB4013606 Search fails on Exchange Server 2016 or Exchange Server 2013

Exchange 2010 SP3 RU17 fixes:

  • KB4014076 Migration ends and errors reported when you on-board or off-board a mailbox through Exchange Online in an Exchange Server 2010 hybrid environment
  • KB4014075 UNC path does not open in OWA when the path contains non-ASCII characters in an Exchange Server 2010 environment
  • KB4013917 You cannot search in a shared mailbox through OWA in an Exchange Server 2010 Service Pack 3 (Update Rollup 15 or 16) environment
  • KB4012911 Culture element is added in the wrong order when you use the ResolveNames operation in EWS in Exchange Server 2010

Notes:

  • Exchange 2016 CU5 doesn’t include schema changes, however, Exchange 2016 CU5 as well as Exchange 2013 CU16 may introduce RBAC changes in your environment. Where applicable, use setup /PrepareSchema to update the schema or /PrepareAD to apply RBAC changes, before deploying or updating Exchange servers. To verify this step has been performed, consult the Exchange schema overview.
  • When upgrading your Exchange 2013 or 2016 installation, don’t forget to put the server in maintenance mode when required. Do note that upgrading, before installing the Exchange binaries, setup will put the server in server-wide offline-mode.
  • Using Windows Management Framework (WMF)/PowerShell version 5 on anything earlier than Windows Server 2016 is not supported. Don’t install WMF5 on your Exchange servers running on Windows Server 2012 R2 or earlier.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are allowed to stay at least one version behind (n-1).
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order of upgrading servers with Cumulative Updates is irrelevant.

Caution: As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.

A short 2016 retrospective

oscarFirst of all, happy new year to all dear readers and followers. With January well underway, and taking some (largely offline) time off for the holiday period, it’s time to see what 2016 brought.

But first a new year resolution: step up the blogging game. While there isn’t much development happening in the Exchange space, with Microsoft’s cloud-first strategy, there is still a lot to talk about or script for. My list list of ‘scripting ideas’ is substantial, now let’s find some time to realize some of these ideas. Knowing that when you publish scripts, you automatically become its support channel, so that may put some additional stress on my mailbox, but it’s a small price for helping lots of people out.

Some Highlights:

  • Re-awarded as Office 365 Servers and Services MVP
  • Awarded 2016 Exchange Oscar for Best Code Contribution
  • Workshop: Advanced PowerShell Management of Office 365
    IT/Dev Connections
  • Webinar: How to Benefit from MS Office 365 and Maintain Control of Your Data
  • Session: Exchange 2016 & OOS, Office Online Server

Global Stats of 2016:

  • Number of views: 309,767 (total: 1,888,669)
  • Visitors: 220,900 (total 894,316)
  • Number of posts: 22 (total 547)

Popular Posts of 2016:

Note: Not considering the Archives, Versions, Builds and Dates, Schema Versions and Toolkit pages.

  • Exchange ActiveSync and Inheritable Permissions issue
  • TargetAddress, ExternalEmailAddress and Set As External
  • The Attribute, the Myth, the legacyExchangeDN
  • Limiting Exchange 2010 Database Cache
  • Outlook for iOS adds Contacts support

Top 5 Visitor Countries of 2016:

  • United States (96,286)
  • United Kingdom (29,606)
  • Germany (19,968)
  • India (14,355)
  • Netherlands (13,056)

image

Top 5 Referrers of 2016:

  • exchangeserverpro.com (Paul Cunningham’s)
  • blogs.technet.com (MSFT blogs)
  • meridian.ws (blog)
  • experts-exchange (community)
  • veritas.com (support forum)

Top 5 Search Terms of 2016:

  • kb2506143
  • targetaddress
  • federation information could not be retrieved from the external organization
  • exchange 15.1
  • exchange version numbers

Top 5 Scripts of 2016:

  • Ignite 2016 Slidedeck and Video downloader (4,941, total 4,941)
  • Exchange v15 (2013/2016) Unattended Installation Script (2,601, total 8,577)
  • Removing Duplicate Items from a Mailbox (2,079, total 6,843)
  • Clearing AutoComplete and other Recipient Caches (1,932, total 3,920)
  • Removing Messages by Message Class from Mailbox (915, total 2,942)

Exchange Server Role Requirements Calculator 8.4

Exchange 2010 Mailbox Role Sizing Calculator 16.4Last week, the Exchange team published an update for the Exchange Server Role Requirements Calculator, the tool to aid you in properly sizing your Exchange Server 2013 or Exchange Server 2016 deployments.

The new version number is 8.4, and it contains the following changes since version 8.3:

New Functionality

  • Added support for ReplayLagMaxDelay
  • Added support for SafetyNetHoldTime in CreateDAG.ps1

Bug Fixes

  • Improved the DAG auto-calculation results display to highlight deployment configuration in both datacenters
  • Fixed an issue that prevented DAG auto-calculation in single site DAG deployments
  • Fixed a SPECInt2006 validation issue with DAG auto-calculation
  • Fixed a bug with the DAG auto-calculation with Active/Passive deployments
  • Fixed conditional formatting issues with the transaction log table
  • Removed data validation from certain unused cells on the Input tab
  • Fixed bug in calcNumActiveDBsSF formula

You can download the calculator here. For more information, please consult the list of changes here or Read Me here.

Exchange Updates – December 2016

Ex2013 LogoToday, the Exchange Team released the December updates for Exchange Server 2013 and 2016, as well as Exchange Server 2010 and 2007.

Changes introduced in Exchange Server 2016 CU4 are an updated OWA composition window, and on Windows Server 2016, KB3206632 needs to be present before CU4 can be deployed. This KB fixes – among other things – the problem with DAG members experiencing crashing IIS application pools. Be advised that the KB3206632 update for Windows Server 2016 is a whopping 1 GB. You can download this update here.

The biggest change for Exchange Server 2013 is support for .NET 4.6.2. Be advised organizations running Exchange 2016 or 20103 on .NET 4.6.1 should start testing with and planning to deploy .NET 4.6.2, as the March updates will require .NET 4.6.2, which is currently still optional.

Both Cumulative Updates introduce an important fix for indexing of Public Folder when they were in the process of being migrated. To ensure proper indexing, it is recommended to move public folder mailboxes to a different database so they will get indexed properly.

The Cumulative Updates also include DST changes, which is also contained in the latest Rollups published for Exchange 2010 and 2007.

For a list of fixes in these updates, see below.

Exchange 2016 CU4 15.1.669.32 KB3177106 Download UMLP
Exchange 2013 CU15 15.0.1263.5 KB3197044 Download UMLP
Exchange 2010 SP3 Rollup 16 14.3.339.0 KB3184730 Download
Exchange 2007 SP3 Rollup 22 8.3.502.0 KB3184712 Download
  • KB 3202691 Public folders indexing doesn’t work correctly after you apply latest cumulative updates for Exchange Server
  • KB 3201358 Set-Mailbox and New-Mailbox cmdlets prevent the use of the -Office parameter in Exchange Server 2016
  • KB 3202998 FIX: MSExchangeOWAAppPool application pool consumes memory when it recycles and is marked as unresponsive by Health Manager
  • KB 3208840 Messages for the health mailboxes are stuck in queue on Exchange Server 2016
  • KB 3186620 Mailbox search from Exchange Management Shell fails with invalid sort value in Exchange Server 2016
  • KB 3199270 You can’t restore items to original folders from Recoverable Items folder in Exchange Server 2016
  • KB 3199353 You can’t select the receive connector role when you create a new receive connector in Exchange Server 2016
  • KB 3193138 Update to apply MessageCopyForSentAsEnabled to any type of mailbox in Exchange Server 2016
  • KB 3201350 IMAP “unread” read notifications aren’t suppressed in Exchange Server 2016
  • KB 3209036 FIX: “Logs will not be generated until the problem is corrected” is logged in an Exchange Server 2016 environment
  • KB 3212580 Editing virtual directory URLs by using EAC clears all forms of authentication in Exchange Server 2016

Exchange 2013 CU15 fixes:

  • KB 3198092 Update optimizes how HTML tags in an email message are evaluated in an Exchange Server 2013 environment
  • KB 3189547 FIX: Event ID 4999 for a System.FormatException error is logged in an Exchange Server 2013 environment
  • KB 3198046 FIX: The UM mailbox policy is not honored when UM call answering rules setting is set to False in an Exchange Server 2013 environment
  • KB 3195995 FIX: Event ID 4999 with MSExchangerepl.exe crash in Exchange Server 2013
  • KB 3208886 Send As permission of a linked mailbox is granted to a user in the wrong forest in Exchange Server 2013
  • KB 3188315 Messages are stuck in outbox when additional mailboxes are configured in Outlook on Exchange Server 2013
  • KB 3202691 Public folders indexing doesn’t work correctly after you apply latest cumulative updates for Exchange Server
  • KB 3203039 PostalAddressIndex property isn’t returning the correct value in Exchange Server 2013
  • KB 3198043 Shadow OAB downloads don’t complete in Exchange Server 2013
  • KB 3208885 Microsoft.Exchange.Store.Worker.exe process crashes after mailbox is disabled in Exchange Server 2013
  • KB 3201966 MSExchangeOWAAppPool application pool consumes excessive memory on restart in Exchange Server 2013
  • KB 3209041 FIX: An ActiveSync device becomes unresponsive until the sync process is complete in an Exchange Server environment
  • KB 3209013 FIX: The LegacyDN of a user is displayed incorrectly in the From field in the Sent Items folder on an ActiveSync device
  • KB 3209018 FIX: Results exported through the eDiscovery PST Export Tool never finishes in an Exchange Server environment
  • KB 3199519 Inconsistent search results when email body contains both English and non-English characters in Exchange Server 2013
  • KB 3211326 “ConversionFailedException” error when emails are sent on the hour in Exchange Server 2013

Notes:

  • Exchange 2016 CU4 doesn’t incldue schema changes compared to CU4, however, Exchange 2016 CU4 as well as Exchange 2013 CU15 may introduce RBAC changes in your environment. Where applicable, use setup /PrepareSchema to update the schema or /PrepareAD to apply RBAC changes, before deploying or updating Exchange servers. To verify this step has been performed, consult the Exchange schema overview.
  • When upgrading your Exchange 2013 or 2016 installation, don’t forget to put the server in maintenance mode when required. Do note that upgrading, before installing the Exchange binaries, setup will put the server in server-wide offline-mode.
  • Using Windows Management Framework (WMF)/PowerShell version 5 on anything earlier than Windows Server 2016 is not supported. Don’t install WMF5 on your Exchange servers running on Windows Server 2012 R2 or earlier.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are allowed to stay at least one version behind (n-1).
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order of upgrading servers with Cumulative Updates is irrelevant.

Caution: As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or TechNet forum for any issues.

IT/DEV Connections 2016 Wrap-Up

IMG_2130Note: For those that attended Jaap and my workshop on Monday, Advanced PowerShell Management of Office 365, the EXO slidedeck is available here, and the sample code is available here. Session slidedecks or handouts available through the app or Connections site.

Last Monday, I returned from the largest, independent conference on Microsoft technologies, IT/Dev Connections. Well, that should have been Sunday, but technical issues with the airplane and lack of options to fly back to The Netherlands the same day resulted in an extended stay, but that’s something for another story. IT/Dev Connections is a 3-day conference, consisting of 6 tracks holding a total of ~280 sessions. Like previous editions, the event again took place in the nice resort that is Aria, Las Vegas.

Almost traditionally, the is a pre-conference day where workshops are given. One of these workshops was Advanced PowerShell Management of Office 365, done by Jaap Wesselius and yours truly. The turn-up was good, even considering we had some though competition this year from workshops such as PowerShell Masterclass and Office 365 IT/Dev Connections Power Camp. Again it was my only session, so I had the rest of the week ‘off’ to attend sessions by fellow presenters.

GEWK4725

Left to right: Tony Redmond, Paul Cunningham, Gareth Grudger, Jeff Guillet, Michael van Horenbeeck, Konrad Sagala, Andrew Higginbotham, Gary Steele, Ingo Gegenwarth, Paul Robichaux, J. Peter Bruzzese, Jaap Wesselius, Michel de Rooij and Sigi Jagott.

Picking sessions for wasn’t an easy task this year. For Office 365 / Exchange (On-Premises) and PowerShell minded professionals, there were a multitude of sessions to choose from, and many times you discovered they were given the same time slot. The app was a big help picking sessions, and to be honest the app was a big improvement over last year’s app – kudos to Penton there. It could also be used to retrieve handouts, which made it easier to follow the contents presented by clicking through it on your own screen.

 

 

 

Wednesday saw an interesting ‘Bamboozle the Exchange Experts’. People from the Exchange Product Group were flown in for Connections to answer audience questions. During this session, none other than Greg Taylor, Ross Smith IV, Brian Day, David Espinoza, and Jeff Mealiffe took part in the panel, and Tony Redmond took it upon him to be the MC. It was not only insightful and interactive, it was fun, and the PG seemed to enjoy it as well.

If you are considering attending this event next year – and you should – know that with an attendance of ~1200 people (guesstimate), and apart from the fact that it’s independent and sessions are done by experienced people from the field, it also excels in that it is big enough to matter, yet small enough to hold an intimate feel to it. Compared to Ignite, one could say that there is less walking involved – or congestion, no full room issues, way better food and thus an overall better experience. Now if you plan on attending (or trying to get a speaking engagement – yes you, Maarten) for IT/Dev Connections 2017, and as the group shot above gives away, be aware Penton has decided to move the event for next year to San Francisco. So save the date: October 23-26, the Hilton, San Francisco (Union Square)!

Special thanks to Penton for having me, ENOW for hosting yet another great Scheduled Maintenance party at the Ghostbar, Quadrotech for finally being able to catch up, CodeTwo for having me for an interview.

Finally, here are some of the other IT/DEV Connections 2016 wrap-ups:

Office Servers and Services MVPs

It’s been a while since I made an overview of the number of Exchange MVPs around the world. With the recent reorganization of the MVP program, lots of product-related MVP awards were merged in container titles. For example, the former Exchange or Lync Server MVPs are now part of the Office Servers and Services MVP, making it nearly impossible to differentiate per expertise unless classifying individual MVPs.

ossmvpsmap20161003

The graphic displays distribution of Office Servers and Services MVPs over the world, per October 2016. The information is collected from the public MVP site, and while some MVPs remain anonymous (curious, as awardees are in principle active community members), it’s clear some regions are still under-represented.

Below are the numbers used to create the above map.

(Unknown) 45 Hungary 3 Russia 8
Argentina 3 India 13 Serbia 1
Australia 24 Indonesia 2 Singapore 4
Austria 1 Ireland 2 Slovakia 1
Belgium 7 Israel 2 Slovenia 2
Bosnia-Herzegovina 3 Italy 9 South Africa 4
Brazil 10 Japan 20 Spain 7
Bulgaria 2 Korea 11 Sri Lanka 5
Canada 49 Kuwait 1 Sweden 10
Chile 2 Latvia 1 Switzerland 9
China 21 Macedonia 2 Taiwan 2
Colombia 3 Malaysia 3 Netherlands 14
Costa Rica 1 Mexico 4 Tunisia 1
Croatia 4 New Zealand 6 Turkey 4
Czech Republic 2 Norway 5 Ukraine 1
Denmark 4 Pakistan 2 United Arab Emirates 5
Egypt 2 Palestine 1 United Kingdom 24
Finland 2 Peru 1 United States 106
France 19 Philippines 2 Uruguay 1
Germany 18 Poland 2 Vietnam 4
Greece 1 Portugal 5
Guatemala 1 Romania 2  TOTAL  538

2016 Microsoft MVP Award

I am proud, happy and honoured to have received the Microsoft MVP Award for Office Server and Services for the 4th consecutive year:

mvp2016

MVP awards are given to individuals by Microsoft in recognition of their contributions to the technical community, such as writing articles on this and other sites, books, presenting, forum contributions or The UC Architects podcast.

I’d like to take this opportunity to thank my readers, followers, fellow MVPs and of course the Microsoft employees that have encouraged, helped and supported me over years.

My MVP profile can be found here.

Exchange Server Role Requirements Calculator 8.3

Exchange 2010 Mailbox Role Sizing Calculator 16.4The Exchange team published an update for the Exchange Server Role Requirements Calculator, the tool to aid you in properly sizing your Exchange Server 2013 or Exchange Server 2016 deployment.

The new version number is 8.3, and it contains two major enhancements compared to version 7.9:

  • Added ability for the calculator to automatically determine the number of Mailbox servers and DAGs that need to be deployed to meet the chosen input requirements
  • Added Read from Passive support for Exchange 2016 deployments which results in decreased bandwidth utilization for HA copies

You can download the calculator here. For more information, please consult the list of changes here or Read Me here.

Exchange Updates – September 2016

Ex2013 LogoNote: There are issues with Exchange 2013 CU14 and Exchange 2016 CU3 with regards to failing Content Indexing. Fellow MVP Jaap Wesselius blogged about this here. For now, recommendation is to not upgrade to CU14, until further notice. Also, there are acknowledged issues when running Exchange 2016 CU3 on Windows Server 2016. Don’t deploy Exchange 2016 CU3 on that OS until further notice.

Today, the Exchange Team released the september updates for Exchange Server 2013 and Exchange Server 2016.

The biggest changes are for Exchange Server 2016:

  • Exchange Server 2016 CU3 or later support on Windows Server 2016, which is expected to be released at Ignite next week. Windows Server 2016 Domain Controllers are supported; requirement is just Forest Functional Level at Windows Server 2008 R2 or later. Note that it is also announced Exchange Server 2013 will not be supported (as in: now, and in the future). Performance-wise, it is recommended to exclude Exchange setup and log folders, as well as the noderunner processes in Windows Defender.
  • Finally, Exchange Server 2016 CU3 introduces the long-awaited Read from Passive feature. This means, indexes will be generated using (local) passive databases copies, and no longer require coordination with the server holding the active database copy. The result is lower bandwidth requirements, and – compared to Exchange Server 2013 – faster fail-overs. Be advised this feature does not apply to lagged copies.
  • An update for the Mailbox Server Role Calculator(s) for Exchange 2016 is available now (v8.3), incorporating Read from Passive changes. This allows organizations to not only size their deployment, but also predict the positive effect on bandwidth usage for current environments as well by using numbers. You can download the calculator here.

For a list of fixes in these updates, see below.

Exchange 2016 Cumulative Update 3 15.1.544.27 KB3152589 Download UMLP
Exchange 2013 Cumulative Update 14 15.0.1236.3 KB3177670 Download UMLP

  • KB 3154387 The DFS health set is listed as “Unhealthy” in an Exchange Server 2016 environment
  • KB 3175080 Cannot log on to OWA when FIPS is enabled in an Exchange Server 2016 environment
  • KB 3176377 Links to access Exchange items in SharePoint eDiscovery search result fail with an HTTP error 500 in Exchange Server
  • KB 3161916 Data loss may occur during public folder migration to Exchange 2013, Exchange 2016, or Exchange Online
  • KB 3176540 OWA error reporting responds with a HTTP error 500 in OwaSerializationException
  • KB 3190887 Upgrading Exchange Server causes the server to go offline unexpectedly
  • KB 3191075 You can’t install Cumulative Update 2 for Exchange Server 2016 on a Russian version operating system

  • KB 3132513 “The Delegates settings were not saved correctly” when you try to add a user to Exchange Server 2013 from Microsoft Outlook
  • KB 3172017 “NotFound Export failed with error type: ‘NotFound'” error occurs when you perform an eDiscovery search in Exchange Server 2013
  • KB 3176377 Links to access Exchange items in SharePoint eDiscovery search result fail with an HTTP error 500 in Exchange Server
  • KB 3176540 OWA error reporting responds with a HTTP error 500 in OwaSerializationException
  • KB 3176873 Can’t create a new profile or connect to Exchange Server 2013 when an organization contains many address lists
  • KB 3061079 RPC Client Access service crashes and Event 4999 is logged in Exchange Server 2013
  • KB 3134918 An IRM-protected message sent to an external contact isn’t returned in a search or discovery results when journaling is implemented in an Exchange Server 2013 environment
  • KB 3190887 Upgrading Exchange Server causes the server to go offline unexpectedly

These Cumulative Updates for Exchange Server 2016 and 2013 include the security update released last week, MS16-108. The Cumulative Updates for Exchange Server 2016 and 2013 also include DST changes.

Notes:

  • Exchange 2016 CU3 includes schema changes (version 15326, reference), and Exchange 2016 CU3 as well as Exchange 2013 CU14 may introduce RBAC changes in your environment. Where applicable, make sure you run /PrepareSchema to update the schema or /PrepareAD to apply RBAC changes, before deploying or updating Exchange servers. To verify this step has been performed, consult the Exchange schema overview.
  • When upgrading your Exchange 2013 or 2016 installation, don’t forget to put the server in maintenance mode when required. Do note that upgrading, before installing the Exchange binaries, setup will put the server in server-wide offline-mode.
  • Using Windows Management Framework (WMF)/PowerShell version 5 on anything earlier than Windows Server 2016 is not supported. Don’t install WMF5 on your Exchange servers running on Windows Server 2012 R2 or earlier.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to stay current.
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly, i.e. no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order of upgrading servers with Cumulative Updates is irrelevant.

Caution: As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or TechNet forum for any issues.