Today we are announcing the availability of quarterly servicing cumulative updates for Exchange Server 2016 and 2019. These updates include fixes for customer reported issues as well as all previousl...
Updated Jun 12, 2020
Version 1.0
Blog Post
I have a question and trying to find the best place to post this because it is related with SameSite Cookies and trying to see if CU17 may address this issue. I am currently running two Exchange 2016 Servers CU16 behind a Big IP Load Balancer. I was aware of the change that was stated back in February on the Exchange Team Blog site about SameSite Cookies and needing to have CU16 applied which came out in March. Both of my servers are running CU16 and we are on premises only (no hybrid setup). I just started having issues a few weeks ago with users trying to login to Exchange Web Access from Google Chrome (no issues with Firefox, Microsoft Edge, Microsoft Edge Chromium, Etc). I get a login screen and am able to login and just get redirected back to the login screen. To test this in Chrome I changed the "SameSite by Default Cookies" from "Default" to "Disabled" I was able to login to Web Access with no problem. If I changed it back I had the same behavior. To temporary fix the problem with our Domain devices I was able to modify our Google Chrome ADMX policy to set "Revert to legacy for SameSite Cookies on these sites" for our site for Exchange Web Access.
From the article that was written on the Exchange Team Blog back in February 2020 and other things I have read it was recommended to install the Beta version of Google Chrome and test sites. I ran this for some time and never ran into any issues with Exchange. I also used the Developer Tools in Google Chrome and can see that this appears to be a SameSite Cookie issue being blocked by Google Chrome.
I have found very little about other users having any problems and I wanted to try and find a place to post this to get some suggestions or see if anyone else is having a similar problem. I was going to look at applying CU17 because it does appear to address an issue I have been experiencing for awhile now with exporting E-Discovery Search PSTs. However I have been able to use the workaround for this with the old DLL file.
So my question is has anyone else experienced this issue and do you know if CU17 addresses it? It was my understanding that CU16 was to address the problem with SameSite Cookies and Google Chrome.