March 2016 Quarterly Updates for Exchange Released

Microsoft today released the latest Cumulative Updates for Exchange 2007, 2010, 2013 and 2016.

New for Exchange 2016 only, is the option to download the updates as a single ISO file instead of a self-extracting package.  Copying a single ISO over the network from one server to another is quicker and more efficient than copying the self-extracting package or the thousands of extracted files.

Updates of note this time around:

  • Updated OWA S/MIME Control certificate
  • New distribution package for Exchange 2016
  • Change to mailbox anchoring for remote PowerShell
  • 17 new languages supported for OWA
  • Support for Standalone Hybrid Configuration Wizard in Exchange 2010

Microsoft is working on building in support for .Net 4.6.1 in the next quarter’s Cumulative Updates.  So, avoid installing that version of .Net on ANY Exchange server for the time being.

For more info and download links for the updates, follow the links below:

As a side note, yesterday (March 14th, 2016) marked the 20th anniversary of the first public version of Exchange (v4.0) Released To Manufacturing (RMT’d).

It’s been a long journey from the old MS Mail to Exchange Online/Office 365.  Here’s to the next 20 years!

Happy Birthday Exchange Server!

Update Send Connector SSL Certificate for Hybrid Configuration

​Recently had a customer with an Exchange 2013 Hybrid config require updating an expired SSL certificate.  When they imported the new certificate and assigned it SMTP services, mail flow from on-premises to Office 365 stopped.

This was because the on-premises send connector to Office 365 was still configured to look for that expired certificate (which had also been deleted already).

The fix was to perform the following:

  1. Open Exchange Management Shell on the on-premises Exchange server
  2. Run Get-ExchangeCertificate, and note the Thumbprint of the correct certificate to be used. 
  3. Run $cert = Get-ExchangeCertificate -Thumbprint <thumbprint>
  4. Set a new variable and assign it the concatenated values of the Issuer and Subject values of the certificate (must also include <I> and <S> before each field):
    $TLSCert = (‘<I>’+$cert.issuer+'<S>’+$cert.subject)
  5. Update the send connector with the new values
    Set-SendConnector -Identity “Send Connector Name” -TLSCertificateName $TLSCert

After completing this, any queued mail destined for the Office 365 tenant should begin flowing

Copy Receive Connectors from one server to another

When you’re deploying Exchange 2010 Hub Transport servers, oftentimes you need to replicate the Receive Connectors on one server to multiple other servers.  This isn’t such a dawnting task when you have just a few receive connectors or if the Remote IP Ranges isn’t a long list of IP addresses and/or subnets. 

In those cases, manually creating them on each hub transport can be a nightmare.

You can use the following PowerShell commands to help speed up this process.

1. Get a list of all the non-default Receive connectors (i.e everything BUT the Default [SERVERNAME] and Client [SERVERNAME] connector)

$ReceiveConnectors = Get-ReceiveConnector -Server <SOURCE TRANSPORT SERVER> | where {!($_.Name -like “Client*”) -and !($_.name -like “Default*”)}

2. Then use this list to create identical receive connectors on another server.  Repeat this command for each Target Transport Server you want.

foreach ($Connector in $ReceiveConnectors) {New-ReceiveConnector -Server <TARGET TRANSPORT SERVER> -Name $Connector.name -Bindings $Connector.bindings -RemoteIPRanges $Connector.remoteipranges}

3. If you have other unique settings other than the default ones like Authentication and Permissions Groups, you can add those parameters inside the braces {} to copy those settings as well.

Exchange 2010 EMC tries to connect to non-existent servers

The Exchange Management Console isn’t very intuitive when it comes to decommissioning servers in your environment.  If you’ve opened the EMC and it last connected to a server that you then subsequently decommission, it will try to reconnect to that server the next time you open it, and fail.

Fortunately this issue seems to be limited to the user profile.  To resolve this, close the EMC, then open the registry editor and navigate to HKCUSoftwareMicrosoftExchangeserverv14AdminTools
and remove the
NodeStructureSettings
key.

Reopen EMC and it will search for another Exchange server to connect to.