Forum Discussion
How to perform Windows Update for Exchange 2016 DAG Cluster
Hello,
I need to install windows server security update on Exchange 2016 DAG which require reboot the server.
I will install the updates on the first server Tuesday, and the seconde server on Wednesday.
I'm wondering if installing patches on separated days may impact Exchange services, also i need to know the steps to follow before restart each server after installing the patch.
Great question — updating an Exchange 2016 DAG cluster does require careful planning, but patching servers on separate days is generally fine as long as you follow the proper sequence. The whole point of a DAG is to maintain availability during maintenance.
A few best practices before applying updates:
✅ Drain and move active databases – Before patching, use Set-MailboxServer –DatabaseCopyActivationDisabledAndMoveNow $true to drain the server and move all active mailbox databases to another DAG member.
🔄 Check replication health – Run Get-MailboxDatabaseCopyStatus and Test-ReplicationHealth to confirm all copies are healthy before and after patching.
📋 Maintenance mode – Place the node into maintenance mode (StartDagServerMaintenance) so it won’t host active databases during the update.
🗂️ Update, reboot, exit maintenance – Install the Windows Update, reboot, verify services, then run StopDagServerMaintenance to bring the node back online.
🕑 Stagger updates – Doing the first server on Tuesday and the second on Wednesday is fine, as the active databases will run on the patched or unpatched node seamlessly.
As long as you properly drain roles and confirm health checks, Exchange services should remain unaffected for end users during the staggered patching.
2 Replies
Great question — updating an Exchange 2016 DAG cluster does require careful planning, but patching servers on separate days is generally fine as long as you follow the proper sequence. The whole point of a DAG is to maintain availability during maintenance.
A few best practices before applying updates:
✅ Drain and move active databases – Before patching, use Set-MailboxServer –DatabaseCopyActivationDisabledAndMoveNow $true to drain the server and move all active mailbox databases to another DAG member.
🔄 Check replication health – Run Get-MailboxDatabaseCopyStatus and Test-ReplicationHealth to confirm all copies are healthy before and after patching.
📋 Maintenance mode – Place the node into maintenance mode (StartDagServerMaintenance) so it won’t host active databases during the update.
🗂️ Update, reboot, exit maintenance – Install the Windows Update, reboot, verify services, then run StopDagServerMaintenance to bring the node back online.
🕑 Stagger updates – Doing the first server on Tuesday and the second on Wednesday is fine, as the active databases will run on the patched or unpatched node seamlessly.
As long as you properly drain roles and confirm health checks, Exchange services should remain unaffected for end users during the staggered patching.
