Update: The issue mentioned in this article has been resolved in October 2022 SU (or later). Please see this document for known issues with Extended Protection.
We’ve released an update to the script for enabling Extended Protection on your Exchange Servers after the installation of the Exchange Server August 2022 Security Updates.
This update includes an interim fix to work around a known issue with archive mailboxes when using retention tags, specifically:
Customers using a Retention Policy containing Retention Tags which perform Move to Archive actions should not configure Extended Protection, as enabling Extended Protection will cause automated archiving to stop working.
The updated script provides a short-term workaround for this issue, which will be permanently resolved in a future update. When the future update is released, the workaround in this updated script will need to be reverted after the future update is installed.
By providing this updated script now, customers affected by the known issue being addressed can enable extended protection in their environment without having to wait for the future update to be released.
You can download the updated script at https://aka.ms/ExchangeEPScript. If your computer is Internet-connected, running the original script will auto-update the script to the updated version. Script documentation is at https://aka.ms/ExchangeEPDoc.
When the future update is released, we will provide additional information and instructions for deploying it.
Exchange Server Team
You Had Me at EHLO.