With Exchange 2013 Microsoft has change the support policy to N-1. That means if Microsoft release a new cumulative update (CU) or a service pack, that version and the previous version are supported.
Microsoft released the Exchange CU 7 so then CU6 and CU 7 are the supported environment from the point of Microsoft.
If the product is actual in the life cycle window Microsoft product support will always support you. But what they won´t do is cerate fixes for bugs and problems in unsupported versions.
- Download the CU from the official Microsoft Download center web site.
- Backup the Active Directory
- Backup the existing Exchange 2013 servers and all databases
- Check the documentation of all customization you made for the Exchange 2013 environment like OWA config files, Lync integration, registry changes
Installing Cumulative Updates or Service Packs
First step is to deploy the update in the internet fencing site first, before deploy in the other sites of your organization.
Begin with the mailbox server in the site and the update the Client Access server. On multi-role server both roles are updated at the same time.
In the time of update a site that contains load-balanced Client Access server oder Database Availability Group (DAG) members there will be a period where this systems are not at the same version. This is still ok for a short time, you should update the members in a short time slot.
AD Schema update
Before you start the update it is recommended to check the Active Directory Health by running DCDIAG and REPADMIN / SYNCALL in a command prompt with administrative privileges. If any error occurred it´s a good starting point to troubleshoot.
For some cumulative update a Schema Update is needed. Therefore the next step is to prepare the AD schema using the following statement on a Domain Controller in the root domain:
setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms
Once the schema update is complete, run repadmin /showreps to check that the AD replication has completed and there is no schema mismatch.
Now is time to prepare the AD with the following command (in am command prompt with administrative privileges):
setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms
And at least prepare the domain with:
Repeat the AD health checks outline above to make sure that the schema has no mismatches.
After a success full schema update you can start with the deployment of the update on the exchange servers systems.
To install the update on the server you should place the mailbox or multi-role server into maintenance mode, whether the system is installed as standalone or as DAG member.
To start the maintenance mode you can use the script from MVP Michael Van Horenbeeck.
Start-ExchangeServerMaintenanceMode.ps1 -Server <ServerToUpdate> -TargetServerFQDN <DAGMemberServer>
The script move the active database to another mailbox server and mark the server as unavailable to other servers in the DAG.
If you are running load-balanced Client Access server in the site you should change the configuration of the load balancer to remove the server from the pool of hosts.
Upgrading the servers
The cumulative updates can be deployed with either the command line or the graphical setup.
Run the upgrade from a elevated command prompt – not from the Exchange Management Shell!
Set the PowerShell execution policy for each server to Unrestricted (KB981474)
If you have installed UM Language Packs you must de-install this before you can install the CU. You can use Get-UMService to list the installed Language Packs.
For the de-installation use the setupe.exe from the installed Exchange Version:
After the de-installation run in an elevated command prompt:
Setup /m:upgrade /IAcceptExchangeServerLicenseTerms
to update the installed roles on the Exchange Server. After the update is installed reboot the server.
Install the new appropriated language packs on the system.
Now it´s time to stop the maintenance mode for the server with the script from Michal Van Horenbeeck.
Stop-ExchangeServerMaintenanceMode -Server <SeverName>
After deploying a Exchange 2013 Cumulative Update I recommend the following additional steps.
Rebalance the Databases in the DAG
On the end of the process that all DAG members are updated to the new version you should remove the active mailbox databases to the system with the first activation preference. The process is the same like it was in Exchange 2010, in $exscripts execute the RedistributeActiveDatabases.ps1 script.
.\RedistributeActiveDatabases.ps1 -DagName <DAGNAME > -BalanceDbsByActivationPreference
Restore the customizations you made
To bring up the systems to a productive state you will need to re-apply the change you made during the configuration phase like the change in the web.config file for the um integration.
Make a Health Check of the systems
The last step is to check the health of the updated systems.
- All DAG nodes up
Run Get-ClusterNode on one node.
- Test service health
Run Test-ServiceHealth for every server.
- Test MAPI connectivity to every database
Run Test-MAPIConnectivity for each mailbox server with active databases.
- Check the database copy status of the databases in the DAG
Use Get-MailboxDatabaseCopyStatus to check that all database copies,
copy/replay queues, and content indexes are healthy.
- Test replication health for the DAG
Test-ReplicationHealth on each DAG member.
- Check the databaseactivation policy for each Mailboxserver
- Check the server component status
Get-ServerComponent to check that all components are not left in maintenance
mode on any server.