There was a time when the announcement that Microsoft had shipped an update for a major product like Exchange was major news. Now the news raises no more than a polite acknowledgement of the engineering effort and commitment of the Exchange product group to making sure that the code is improved over time. So it was when Microsoft announced the availability of Exchange 2013 CU13 and Exchange 2016 CU2 on June 21.
An update was also released for Exchange 2010 SP3 (Rollup Update 14). However, this appeared on June 14 as part of the MS16-079 security update and contains a number of important patches for the Oracle Outside In libraries used for document viewing. See this page for more information about RU14 and KB3151097 for details of how to obtain the software.
Regretfully, through no fault of the Exchange engineers, the sparkle has gone out of on-premises Exchange. Given Microsoft’s focus on Office 365 and the rush to move mailboxes to the cloud in order to attain Satya Nadella’s goal of a $20 billion annualized revenue run rate for commercial cloud products by July 2018, saying that on-premises Microsoft server applications are not as exciting as they once were is hardly an earthshattering observation.
The new capabilities are largely in the category of wholesome improvement rather than compelling new features. It’s good that Exchange now uses SHA-2 certificates as Microsoft began to deprecate the use of SHA-1 certificates some time ago. Now, the self-signed certificates generated by the New-ExchangeCertificate cmdlet are SHA-2, meaning that the server-to-server communications that use these certificates will be more secure.
The news that the Get-ExchangeServer cmdlet in Exchange 2016 CU2 now returns Exchange 2016 server role definitions (Mailbox or Edge) is more housekeeping. Its impact will only be felt by those who have scripts that depend on interrogating servers to determine their use. A workaround is described in Microsoft’s blog.
Aside from these worthy advances, two important changes are included. The first is the support of .NET Framework 4.6.1 for Exchange 2013 and Exchange 2016. Exchange is a .NET application and the good health of that code depends on the underlying framework. Because of the complexity of Exchange, it has taken time for the product group to validate .NET Framework 4.6.1 against all its code modules. Now that testing is complete, you can go ahead and use 4.6.1, but only after upgrading servers to either Exchange 2013 CU13 or Exchange 2016 CU2 (see this post for some good tips).
.NET Framework 4.6.1 remains unsupported for Exchange 2010 servers. Don’t waste your time anticipating that support will ever come. It won’t because Exchange 2010 has been in extended support since January 2015.
The other important change is in how Database Availability Group (DAG) activation preference works in Exchange 2016 CU2. This change was announced on June 16. It’s really quite an important change for any Exchange organization that operates large-scale DAGs because it ensures that Exchange automates the process of returning database copies to the preferred state without administrator intervention.
You probably won’t care too much about a change in activation preference if your DAGs are small (four servers or less) but you will once DAGs scale up towards the 16-server maximum when it is more likely that databases will have four copies and the potential obviously exists for database activations to gradually move away from the preferred state. Activations are perfectly normal and copies can be activated for many reasons, including a temporary server outage or even because of degraded server health, when the Managed Availability system might force a database copy to be swapped for one of its peers. You can rearrange copies manually or use the RedistributeActiveDatabases.ps1 script provided by Microsoft to restore order, but the need to check and adjust becomes just another task on the list for harassed administrators.
I’m a strong fan of automation and regard the change in activation behaviour as a very welcome update. In fact, I am surprised that it has taken so long to come about, if only because Exchange Online is built around very large DAGs where mailboxes are protected by four database copies in line with Microsoft’s Native Data Protection strategy. Given the millions of mailboxes and hundreds of thousands of database copies operational inside Exchange Online, it is logical to assume that Exchange Online is most affected by non-optimum database activation. I therefore conclude that the changes made in Exchange 2016 CU2 is yet another example of how technical innovation has been transferred from the cloud to on-premises customers, which is always a good thing.
As we go forward through future quarterly updates for Exchange, you can expect that much the same mix will be included in the packages: fixes for customer-reported bugs, some improvements in the base to keep Exchange aligned with external movements (like SHA-2), and some measure of innovation, most of which will originate within Exchange Online.
You can’t buck progress and you can’t stop the movement of workload from on-premises to the cloud. However, the cloud is not for everyone and doesn’t meet the need of all organizations. It might never attain that goal. For these reasons it’s important that Microsoft lives up to their commitment to keep improving their on-premises servers for their contracted lifecycle. So far, I think they are doing just that for Exchange.
Follow Tony on Twitter @12Knocksinna.
Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.