Exchange 2016 CU7 Released
Exchange 2016 CU7 has been released to the Microsoft download centre! Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 has the same servicing methodology.
This is build 15.01.1261.035 of Exchange 2016 and the update is helpfully named ExchangeServer2016-x64-CU7.iso which allows us to easily identify the update. Details for the release are contained in KB 4018115.
No Exchange 2010 updates were released today since Exchange 2010 is in extended support. Updates will be released as per the extended support lifecycle policy.
Exchange 2007 is no longer supported, updates are not provided once a product has exited out of extended support.
Update 12-9-2017: Corrected line regarding schema changes
Updates Of Particular Note
.NET Framework 4.7 is not supported at the time of writing. Note that the focus will be placed upon supporting .NET Framework 4.7.1 with the next Exchange CU released for Exchange 2013 and Exchange 2016.
CU7 contains AD DS schema changes - please plan accordingly.
Advanced notification is provided so that administrators can proactively plan to update .NET between the release next Exchange CU and the subsequent CU. This is similar to the approach with .NET 4.6.2 - Please see Exchange 2013 CU16 and Exchange 2016 CU5 .NET Framework Requirement for more details.
As per Active Directory Forest Functional Levels for Exchange Server 2016, it was announced that Exchange Server 2016 would enforce a minimum 2008R2 Forest Functional Level requirement for Active Directory. Cumulative Update 7 for Exchange Server 2016 will now enforce this AD DS requirement.
Some Items For Consideration
Exchange 2016 follows the same servicing paradigm for Exchange 2013 which was previously discussed on the blog. The CU package can be used to perform a new installation, or to upgrade an existing Exchange Server 2016 installation to this CU. Cumulative Updates are well, cumulative. What else can I say…
For customers with a hybrid Exchange deployment, must keep their on-premises Exchange servers updated to the latest update or the one immediately prior ( N or N-1).
Test the CU in a lab which is representative of your environment
Review this post to also factor in AD preparation which is to be done ahead of installing the CU onto the first Exchange server
Follow your organisation’s change management process, and factor the approval time into your change request
Provide appropriate notifications as per your process. This may be to IT teams, or to end users.
After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange 2016. If you uninstall this cumulative update package, Exchange 2016 is removed from the server.
Place the server into SCOM maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
Place the server into Exchange maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
I personally like to restart prior to installing CU. This helps identifies if an issue was due to the CU or happened in this prior restart, and also completes any pending file rename operations. 3rd party AV products are often guilty of this
Restart the server after installing the CU
Ensure that all the relevant services are running
Ensure that event logs are clean, with no errors
Ensure that you consult with all 3rd party vendors which exist as part of your messaging environment. This includes archive, backup, mobility and management services.
Ensure that you do not forget to install this update on management servers, jump servers/workstations and application servers where the management tools were installed for an application. FIM and 3rd party user provisioning solutions are examples of the latter.
Ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. See KB981474.
Disable file system antivirus prior to installing. Do this through the appropriate console. Typically this will be a central admin console, not the local machine.
Verify file system antivirus is actually disabled
Once server has been restarted, re-enable file system antivirus.
Note that customised configuration files are overwritten on installation. Make sure you have any changes fully documented!
CU7 does contain new AD Schema updates for your organisation.
Please enjoy the update responsibly!
What do I mean by that? Well, you need to ensure that you are fully informed about the caveats with the CU and are aware of all of the changes that it will make within your environment. Additionally you will need to test the CU your lab which is representative of your production environment.