Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Exchange 2010 Site Changes

Posted on 2014-02-07
Medium Priority
Last Modified: 2014-02-08
Dear Exchange gurus,

I have two exchange servers in two sites each with the following roles:

a) Client Access
b) Hub Transport
c) Mailbox Role

One is on SP2 Rollup 4 and the other is on SP2 Rollup 1 (or none)

Currently, OWA/ Mobile Access are working properly.

I need to :

1) Update all servers to the best / most stable SP and rollup (not necessarily the last)
2) Can I separate Server 1's roles so in Site A I will have 2 exchange servers - one with CA,HT, and MBX and the other server ONLY MBX role?
3) In what way is 2 advisable? I will thinking of doing this primarily for setting up an fresh EX 2010 SP3 server with all updates and migrating mailboxes to it.

Any tips are appreciated.

Question by:giorgio71
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 20

Expert Comment

by:Peter Hutchison
ID: 39843969
1. I would recommend SP3 at least. Do the CA/HT servers before mailbox servers.
2. Yes, that is possible.
3. Depends on how far apart the sites are. If they are far apart, then users will experience slower access times using Outlook and they may need to change their profiles to pick up a different CAS server.

Author Comment

ID: 39844002

Sorry for not being clear.

In each site there is one exchange server. Each exchange server has the CA/HT/MB roles.

Can I apply SP3 ? Which patch level of SP3 is most stable?

In one of the sites, can I split the one server in two? So one has CA/HT/MB and the other one just MB role?

LVL 38

Accepted Solution

Mahesh earned 2000 total points
ID: 39844006
You can update to Exchange 2010 SP3 directly on all servers one by one followed by any latest rollups

Based on my experience and findings, it is not painless activity but we can try as much as possible to make it painless by implementing proper prerequisites and proper plan. Just thought to share all those prerequisites and planning we had might help to Exchange Administrators.
• Precautionary Measures Prior to Deploy Exchange 2010 Service Packs 3:
 o Important and appropriate latest Windows Server patches must be deployed.
 Do not update KB2506143 (Not supported for exchange 2007 & 2010 and might create issue)
 o Exchange BPA needs to be run and address any critical issue reported by him.
 o Check\search MS online KB articles for known issues with Rollup update \ Service packs.
 For Ex. http://support.microsoft.com/kb/2810617 in case of Exchange 2010 SP2 RU6 and SP3
 o If you are upgrading from RU to newer RU or newer Service Pack, check if Previous RU setup (.msp \ .msi) files must be resided in %Systemroot%\Installer folder or upgrade will fail. Check article. http://support.microsoft.com/kb/2784788
 o Ensure that account to be used must be domain account. Account must be member of Exchange Organization Management and must be local administrator on exchange server. If the same account is used to update AD schema, then it also must be member of Domain Admins, Schema Admins and Enterprise Admins Group Membership.
 o Service Pack \Rollup update sequence must be as below.
¿ UM if you have
¿ Edge Transport

• Activities to be done on Exchange Server to be upgraded prior to Deploy Service Pack:
 o Ensure that you have Latest AD and Exchange Server System State Backup with all Mailbox Databases full backup
 o If you prepared AD schema manually, then force replication to all domain controllers in forest.
 o Uninstall \ Remove any Interim Updates (IU) provided by Microsoft to address specific issues as Service Packs are cumulative and contains all fixes since last service pack.
 o Microsoft has published 2 articles related to PowerShell Execution Policy as below.
¿ http://support.microsoft.com/kb/2668686 – Correct One
¿ http://support.microsoft.com/kb/2810617 – Don’t understand why MS published this confusing article.
 First one is the correct and set your exchange server powershellexecutipolicy accordingly.
 o Check Exchange Server IPv6 status in network card properties and enable it if not enabled already.
 o Disable certificate Revocation Check on Exchange Servers. Check below link.
 o Stop and Disable Antivirus Software services completely.
 o Stop and Disable Backup Software Services Completely.
 o Stop and Disable SCOM services if any. Also on SCOM server put Exchange Server in Maintenance Mode.
 o Stop and Disable SCCM agent services if any.
 o Stop and Disable any 3rd party software processes / services.
 o In case of Hub Transport Server, disable windows Firewall for all profiles but Firewall service must be running. Remove server from NLB. Also remove server from Send Connectors.
 o In case of Mailbox Server, Firewall must be enabled and running. To avoid any disruption, add a custom inbound and outbound firewall rules which allows all programs and allports through all firewall profiles. Check below Link.
 Also put server in Maintenance Mode with scripts provided by Microsoft or as guided in below link.
 o Make sure that File Share Witness (FSW) is online if it is other than HUB Transport Server.
 o Copy Exchange Service pack Binaries in compressed format on Exchange Servers and Extract it with some extraction software to avoid file alteration during transit or copy process.
 o Lastly reboot server to be upgraded and then start Exchange setup from extracted dump.
 o You must run Setup with “elevated Command Prompt” or “Run as Administrator”.

Check my original comment in below blog post

LVL 38

Expert Comment

ID: 39844011
Multirole installation is recommended by MS

However you can split Exchange roles if wanted to.

Remember, if you want to use windows NLB for CAS load balancing and MBX DAG, then you must split CAS and MBX roles on different server as windows NLB Cluster and failover cluster can't co-exists on same server
If you want to use Hardware load balancer, then you don't need to split roles

Since i don't know if you are using DAG, but still you can directly upgrade your both servers to SP3 one by one.
Just check my earlier comment for possible failures and precautionary measures


Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question