Solved

Best practices to update Exchange 2013 servers

Posted on 2014-11-21
9
169 Views
Last Modified: 2014-12-15
Apart from probably staggering the schedules for downtime for critical and security update installs, amongst one's Exchange 2013 clusters, is there any information on best practices for critical and security update installations?

We have two physical sites, say (a) and (b).  Site (a) has one main virtual Exchange 2013 server, along with a 2nd. Exchange 2013 server from site (b) for possible disaster recovery, in that, if site (b) goes down, site (b) can continue to function as it has a server at site (a), etc.

Is there a routine or order in which the servers are updated and then rebooted?
0
Comment
Question by:nurturer69
  • 5
  • 4
9 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
You can only update passive servers - if you attempt to patch an active server then it will failover to become the passive.
Therefore the rule is usually to do the current passive first (rather than trigger a failover), then failover and do the active.
However be aware that in a lot of cases, once you have failed over to the later version, you cannot fail back to an older version. This is because changes are made to the database.

The CAS role is AD site wide, so you will have clients using all servers in an AD site for CAS connectivity - it doesn't matter which DAG the server is a member of. As such, you should patch both servers in the same AD site so that the CAS role is at the same version, then patch the other site.

Simon.
0
 

Author Comment

by:nurturer69
Comment Utility
The updates to install are from Windows Update in Control Panel, or is there a different setup file or executable to run?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Windows Update will just update Windows and other applications - it doesn't do Exchange.
Exchange 2013 Cumulative Updates have to be done separately by downloading the update file and running setup.exe

Simon.
0
 

Author Comment

by:nurturer69
Comment Utility
Will the server need to be placed into maintenance mode thru power shell on the server to be updated?

Example:

Set-ServerComponentState –Identity Server1 –Component HubTransport –State Draining –Requester Maintenance Get-Queue –Server Server1 | Format-Table Identity, MessageCount
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
It doesn't have to be, although you can choose to do so.
I usually do so, but every now and then will not, which gives the failover capability a test.

Simon.
0
 

Author Comment

by:nurturer69
Comment Utility
And is it necessary to update the schema?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
If the update requires it then it will do it for you.

Simon.
0
 

Author Comment

by:nurturer69
Comment Utility
So, as a synopsis:

PART 1:
1) Download Cumulative update to passive server on site 1
2) Place server in maintenance mode (or don't - decision is arbitrary)
3) Launch Cumulative update setup.exe file
4) Wait for completion of updates
5) When complete, reboot server.

PART2:
1) Fail active server as passive, making recently updated passive server the active server on site 1
2) Download Cumulative update to passive server (normally active server) on site 1
2) Place server in maintenance mode (or don't - decision is arbitrary)
3) Launch Cumulative update setup.exe file
4) Wait for completion of updates
5) When complete, reboot server.
6) Fail active server over making it the passive server again.

STEP 3:
Perform testing by logging into EAC and OWA to check mailbox accessibility and Outlook functionality.

STEP 4:
Repeat same steps for site 2

Am I missing anything?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
That is pretty much it. It isn't a difficult process by any means.
However if the schema master is not in the same site as the first server you are updating, you may find you have to wait for the schema updates to fully replicate before you can continue.

Simon.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now