This morning I patched one of our two Exchange Servers and ran into some issues that appear to have occurred after installing the Exchange 2016 CU21 July Security Patches KB5004779. Both of my Exchange servers was running Exchange 2016 CU 19 with All Security patches. I installed Exchange 2016 CU21 and this appears to have installed without any problems. I rebooted the server and let Exchange Start. I waited for services to start, verify Windows Event Logs to see that nothing appeared out of the ordinary. I then logged into ECP and verified that the server was online and it was at version 15.1 build 2308.8 and my other server is 15.1 build 2176.2.
I didn't notice any issues so I wanted to apply the security update for Exchange 2016 along with the other patches that was released yesterday for July 2021 patch Tuesday (Windows 2016 OS patch, .Net Patch, Etc). We have WSUS running in our setup so I have always let these updates pull from WSUS and install and have never ran into any issues described in previous posts with services not starting or failed installation. The installation of the updates completed and I rebooted the server.
Once the server rebooted I logged into it and verified that services started correctly and looked at the Windows system logs to verify that Exchange started as normal and no unusual errors. Again I didn't see anything and then tried to login to ECP. I put in my username and password and it just went back to a login screen. This happened several times and I decided to clear the browser (using Chrome version 91.0.4472.124 which is current). I was able to get into ECP and then looked at the server. The databases was mounted and everything looked correct. I then tried to login to Webmail (OWA, Outlook on the web) and ran into the same problem I had with logging into ECP. I would type in my username and password and it would just go back to a login screen or appeared to do nothing. I tested this from multiple devices that was on my network and from a device that was remote and had the same issue. My Outlook client appears to work both Internal and External.
My Exchange Servers are configured behind a BigIP Load Balancer and Exchange was setup F5s iApps for Exchange 2016. This has been in place since we migrated to Exchange 2016 and the only thing I have ever had to add was an iRule for SameSiteCookies to get Chrome to work after one of the CU 2016 for Exchange. Other browsers didn't have this issue.
I verified all of the Virtual Directory permissions and configuration between the two Exchange Servers and they are the same. My next thought was to remove the Exchange 2016 CU21 Security Update and see if the problem still exists because I didn't notice this issue after I had just applied Exchange 2016 CU21.
I removed the July 2021 Security update for Exchange 2016 and rebooted the server. I verified that the Exchange Services started and there was nothing unusual in the event logs. I then tested logging into ECP and didn't have any problems. I then tested logging into OWA with multiple accounts, multiple browsers, and multiple devices. I didn't have any issues with this either.
I currently went into our WSUS server that supplies the updates to our services and declined KB5004779 for Exchange 2016 CU21 and CU20 until I can find out what the issue is and we do more testing with just going from Exchange 2016 CU19 to Exchange 2016 CU21. I would like to see if anyone else has seen issues like this after applying the July 2021 Security Patch for Exchange 2016 CU21.