Best practices to update Exchange 2013 servers

Apart from probably staggering the schedules for downtime for critical and security update installs, amongst one's Exchange 2013 clusters, is there any information on best practices for critical and security update installations?

We have two physical sites, say (a) and (b).  Site (a) has one main virtual Exchange 2013 server, along with a 2nd. Exchange 2013 server from site (b) for possible disaster recovery, in that, if site (b) goes down, site (b) can continue to function as it has a server at site (a), etc.

Is there a routine or order in which the servers are updated and then rebooted?
nurturer69Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
You can only update passive servers - if you attempt to patch an active server then it will failover to become the passive.
Therefore the rule is usually to do the current passive first (rather than trigger a failover), then failover and do the active.
However be aware that in a lot of cases, once you have failed over to the later version, you cannot fail back to an older version. This is because changes are made to the database.

The CAS role is AD site wide, so you will have clients using all servers in an AD site for CAS connectivity - it doesn't matter which DAG the server is a member of. As such, you should patch both servers in the same AD site so that the CAS role is at the same version, then patch the other site.

Simon.
0
nurturer69Author Commented:
The updates to install are from Windows Update in Control Panel, or is there a different setup file or executable to run?
0
Simon Butler (Sembee)ConsultantCommented:
Windows Update will just update Windows and other applications - it doesn't do Exchange.
Exchange 2013 Cumulative Updates have to be done separately by downloading the update file and running setup.exe

Simon.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

nurturer69Author Commented:
Will the server need to be placed into maintenance mode thru power shell on the server to be updated?

Example:

Set-ServerComponentState –Identity Server1 –Component HubTransport –State Draining –Requester Maintenance Get-Queue –Server Server1 | Format-Table Identity, MessageCount
0
Simon Butler (Sembee)ConsultantCommented:
It doesn't have to be, although you can choose to do so.
I usually do so, but every now and then will not, which gives the failover capability a test.

Simon.
0
nurturer69Author Commented:
And is it necessary to update the schema?
0
Simon Butler (Sembee)ConsultantCommented:
If the update requires it then it will do it for you.

Simon.
0
nurturer69Author Commented:
So, as a synopsis:

PART 1:
1) Download Cumulative update to passive server on site 1
2) Place server in maintenance mode (or don't - decision is arbitrary)
3) Launch Cumulative update setup.exe file
4) Wait for completion of updates
5) When complete, reboot server.

PART2:
1) Fail active server as passive, making recently updated passive server the active server on site 1
2) Download Cumulative update to passive server (normally active server) on site 1
2) Place server in maintenance mode (or don't - decision is arbitrary)
3) Launch Cumulative update setup.exe file
4) Wait for completion of updates
5) When complete, reboot server.
6) Fail active server over making it the passive server again.

STEP 3:
Perform testing by logging into EAC and OWA to check mailbox accessibility and Outlook functionality.

STEP 4:
Repeat same steps for site 2

Am I missing anything?
0
Simon Butler (Sembee)ConsultantCommented:
That is pretty much it. It isn't a difficult process by any means.
However if the schema master is not in the same site as the first server you are updating, you may find you have to wait for the schema updates to fully replicate before you can continue.

Simon.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.