Applying Service Pack, Rollup Update and Windows update on Exchange Server

Can anyone here please suggest me which steps or sequence that I need to follow in order to successfully bring up the Exchange Server 2010 to the latest service pack and the security updates ?

as at the moment the Version is 14.02.0387.000 (SP2) so I wonder if there is SP3 with Rollup Updates 7 slipstream already installed can be applied once on top of my current SP2 ?

also I haven't done much of Windows Update so there are quite a few updates to the OS that I need to do as well, so which order that I can do or apply ?

I will not install .NET Framework pushed by the Windows Update as it can be notoriously breaks Exchange functionality.
LVL 11
Senior IT System EngineerSenior Systems EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
There are no slipstream installations for Exchange 2010 and rollups. You can do it for NEW installations only, but not for updates.

Depending on how out of date the system is, I would usually service pack Exchange first. Then reboot.
When the machine is back, run Microsoft Update. That will include the rollup and leave that to get on with it.

I have never seen a netframework update break Exchange. I patch many Exchange servers each month, some that I built and some that I didn't and they just go straight in.

Senior IT System EngineerSenior Systems EngineerAuthor Commented:
The most risky part I guess is the CAS where the Webservices and auto discover relies on .NET framework mainly.

But shall I leave the windows update at the very last steps or after SP before the Rollup Updates ?

I'm still on SP2
Simon Butler (Sembee)ConsultantCommented:
As I wrote above, I do the service pack first, unless the machine is heavily out of date (so the service pack complains about missing updates). Then run Microsoft update to update both Windows and Exchange.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

Senior IT System EngineerSenior Systems EngineerAuthor Commented:

So in this case is it recommended to take the snapshot before applying the update for CAS/HT role or the mailbox server can also be snapshot-ted before applying the update ?

I'm worried that if the Update causes some problem that prevents the server to perform the way it should.
Simon Butler (Sembee)ConsultantCommented:
Snapshots are bad for Exchange, I never use them and I have seen nothing but problems from people who do.

Exchange is a living product, it makes changes to the AD domain. If you were to take a snapshot and the update was to fail, you would be unable to go back because of the changes it makes. Your only option would be to rebuild the machine.

Take an Exchange aware backup of the databases if you are that concerned, so that a rebuild is possible.
Hub/CAS role servers don't need a backup, if that fails they can be recovered in less than 90 minutes.

Senior IT System EngineerSenior Systems EngineerAuthor Commented:
Ah, I've never knew that before.

I was under the impression that only the mailbox server cannot be taken by snapshot due to the mailbox server used by the Outlook client to stores email.

now I have just learned something new as well that not even HT/CAS can use the VMware VSS snapshot.

Thank Simon
Simon Butler (Sembee)ConsultantCommented:
Mailbox role is probably the one most affected, so you might get away with doing it on a hub/cas, but it isn't something I would recommend - particularly as you should upgrade the hub/cas first. If you were snapshot before the upgrade and then the upgrade failed midway through, then your snapshot would be an older version than the domain was expecting!

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.