Home
Microsoft

 

Today, we released Exchange Server 2013 RTM Cumulative Update 2 (CU2) to the Microsoft Download Center. In addition to this article, the Exchange 2013 RTM release notes (updated for CU2) are also available.

The final build number for Exchange 2013 RTM CU2 is 15.0.712.24.  If you previously installed the 712.22 build, please upgrade to 712.24 to ensure you are not affected by the following issue.

Note: Some article links may not be available at the time of this post's publication. Updated Exchange 2013 documentation, including Release Notes, will be available on TechNet soon.

Servicing Model Update

In the new Exchange servicing model customers will continue to receive assistance from Microsoft Support for the lifecycle of the Exchange server product - a customer is not required to be at the most current CU to receive assistance. There are two scenarios that we would like to clarify though:

  1. If during the course of a support incident it is determined that the solution is available in a published CU (e.g., CU2), the customer will be required to install the update that contains the fix. We will not be building a new fix to run on top of a CU published earlier (e.g., CU1).
  2. If during the course of a support incident it is determined that you have discovered a new problem for which we confirm a fix is required, that fix will be published in a future CU that you can then install to correct the problem reported.

An important benefit of the Exchange servicing model is that it provides the ability to receive independent security releases outside of the CU or Service Pack (SP) process. What this means for you is that future security fixes will not require you to install a CU to get the individual fix for a reported vulnerability. This allows you to quickly validate and install a security update with confidence knowing that only the fixes which address a particular security problem will be included as part of that release.

Exchange Server Cumulative Updates are scheduled to be released quarterly. We realize that some customers spend several months validating environments, third-party products, etc., and require more time for testing. Therefore, we will continue to ship a Service Pack which provides all of the updates included in prior cumulative updates in one installation and acts as a logical milestone for updating your servers.

Customers who are using Exchange Server 2013 and Office 365 together in an Exchange Hybrid scenario get a rich set of capabilities to manage and run mailboxes on-premises and in the cloud. Updates come to Office 365 frequently and thus customers in hybrid scenarios are strongly recommended to stay current as Cumulative Updates are released. Keeping current will allow your on-premises Exchange Server to be running the same code as the Office 365 Exchange servers. This helps keep consistency between on-premises and Office 365 users and puts you in the best position to take advantage of new features as they are made available in the service. This always updated approach is available for everyone and is the recommend approach for all customers to obtain fixes and new features as soon as they become available.

Overall, the new Exchange Server servicing strategy provides a predictable pattern for releases and provides customer control options for on-premises customers. Each CU receives extensive validation as the builds released in a CU have been deployed in the Office 365 service – you can deploy a CU knowing it has already had datacenter scale validation in the world’s largest and most demanding Exchange environment.

Upgrading/Deploying Cumulative Update 2

Unlike previous versions, cumulative updates do not use the rollup infrastructure; cumulative updates are actually full builds of the product, meaning that when you want to deploy a new server, you simply use the latest cumulative update build available and do not necessarily need to apply additional Exchange Server updates.

Important: To prevent issues during the installation or upgrade of Exchange 2013 RTM CU2, you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted”. Failure to do so could cause the Exchange 2013 server to be in an unusable state and some downtime could occur. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the Exchange 2013 Server(s). If the policies are NOT set to Unrestricted you should use the resolution steps in the following article to adjust the settings KB 981474.

Active Directory Preparation

Prior to upgrading or deploying the new build onto a server, you will need to update Active Directory. For those of you with a diverse Active Directory permissions model you will want to perform the following steps:

  1. Exchange 2013 RTM CU2 includes schema changes. Therefore, you will need to execute setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms.
  2. Exchange 2013 RTM CU2 includes enterprise Active Directory changes (e.g., RBAC roles have been updated to support new cmdlets and/or properties). Therefore, you will need to execute setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms.

Note: If your environment contains only Exchange 2007, and you upgrade to Exchange 2013, keep in mind you cannot deploy Exchange 2010 in that environment at a later time. If you foresee a need to deploy Exchange 2010 servers into your environment, deploy an Exchange 2010 multi-role server (with all four servers roles) prior to executing Exchange 2013 setup.exe /PrepareAD. As long as you retain at least one role of each legacy server, you will continue to be able to install additional servers of that version into your coexistence environment. Once you remove the last server role of a legacy version, you will no longer be able to reintroduce that version into the environment.

Server Deployment

Once the preparatory steps are completed, you can then deploy CU2 and start your coexistence journey. If this is your first Exchange 2013 server deployment, you will need to deploy both an Exchange 2013 Client Access Server and an Exchange 2013 Mailbox Server into the organization. As explained in Exchange 2013 Client Access Server Role, CAS 2013 is simply an authentication and proxy/redirection server; all data processing (including the execution of remote PowerShell cmdlets) occurs on the Mailbox server. You can either deploy a multi-role server or each role separately (just remember if you deploy them separately, you cannot manage the Exchange 2013 environment until you install both roles).

If you already deployed Exchange 2013 RTM code and want to upgrade to CU2, you will run setup.exe /m:upgrade /IAcceptExchangeServerLicenseTerms from a command line after completing the Active Directory preparatory steps or run through the GUI installer. Deploying future cumulative updates will operate in the same manner.

Note: Unlike previous versions, in Exchange 2013, you cannot uninstall a single role from a multi-role server. For example, if you deploy the CAS and MBX roles on a single machine, you cannot later execute setup to remove the CAS role; you can only uninstall all server roles.

Changes in Exchange 2013 RTM CU2

In addition to bug fixes, Exchange 2013 RTM CU2 introduces enhancements in the following areas.

  • Per-server database support
  • OWA Redirection
  • High Availability
  • Managed Availability
  • Cmdlet Help
  • OWA Search Improvements
  • Malware Filter Rules

Per-Server Database Support

As mentioned previously, Exchange 2013 RTM CU2 increases the per-server database support from 50 databases to 100 databases in the Enterprise Edition of the product. Please note that this architectural change may not provide any additional scalability as CPU may be a bottleneck, thereby limiting the number of mailboxes you can deploy per-server.

As promised, the Exchange 2013 Server Role Requirements Calculator has been updated for this architectural change.

OWA Redirection

Depending on your deployment model, Exchange 2013 RTM CU1 supported the following redirection or proxy scenarios:

  1. In environments where Exchange 2013 and Exchange 2010 coexist, Exchange 2013 CAS proxies OWA requests to Exchange 2010 CAS for Exchange 2010 mailboxes.
  2. In environments where Exchange 2013 and Exchange 2007 coexist, Exchange 2013 CAS redirects the request to the Exchange 2007 CAS infrastructure’s ExternalURL. While this redirection is silent, it is not a single sign-on event.
  3. In native Exchange 2013 environments:
    1. Exchange 2013 CAS proxies the OWA request directly to the Exchange 2013 Mailbox server when in a single site.
    2. Exchange 2013 CAS proxies the OWA request directly to the Exchange 2013 Mailbox server when the Mailbox server exists in a different site and the CAS infrastructure in the target site has no ExternalURL defined.
    3. Exchange 2013 CAS proxies the OWA request directly to the Exchange 2013 Mailbox server when the Mailbox server exists in a different site and the CAS infrastructure in the target site has an ExternalURL that matches the source site’s ExternalURL.
    4. Exchange 2013 CAS redirects the OWA request to the CAS infrastructure in the target site when the target site’s ExternalURL does not match the source site’s ExternalURL. While this redirection is silent, it is not a single sign-on event.

Exchange 2013 RTM CU2 changes this behavior by providing a single sign-on experience when Forms-Based Authentication (FBA) is used on the source and destination OWA virtual directories by issuing back to the web browser a hidden FBA form with the fields populated. This hidden form contains the same information as what the user had originally submitted to the source CAS FBA page (username, password, public/private selector) as well as, a redirect to the target Exchange specific path and query string. As soon as this form is loaded it is immediately submitted to the target URL. The result is the user is automatically authenticated and can access the mailbox data.

Many of you may be familiar with this functionality in Exchange 2010 SP2. However, there are differences in the Exchange 2013 RTM CU2 implementation:

  1. Silent redirection is the default behavior in Exchange 2013, meaning that if FBA is enabled on source and target OWA virtual directories, the redirection will also be a single sign-on event.
  2. You can disable silent redirection on the source CAS via the web.config file located at <ExchangeSetupDir>\FrontEnd\HttpProxy\owa by adding the following line in the <appSettings>section:

    <add key="DisableSSORedirects" value="true" />

High Availability

Exchange 2013 RTM CU2 introduces a new service, the DAG Management Service. The DAG Management service contains non-critical code that used to reside in the Replication service. This change does not introduce any additional complexities in event reporting, either – events are written into the Application event log with the source of MSExchangeRepl and crimson channel.

Managed Availability

In addition to improvements in various probes and monitors, there have been changes to the responder throttling framework. Prior to Exchange 2013 RTM CU2, many responders were only throttled per-server (e.g., RestartService). Now, these responders are throttled per group. For example, originally RestartService was throttled based on the number of occurrences that occurred on a server; in Exchange 2013 RTM CU2, RestartService can execute every 60 minutes DAG-wide, with a maximum of 4 restarts per day DAG-wide.

RecoveryAction

Enabled

Per Server

Per Group

Minutes Between Actions

Max Allowed Per Hour

Max Allowed Per Day

Minutes Between Actions

Max Allowed Per Day

ForceReboot

True

720

N/A

1

600

4

SystemFailover

True

60

N/A

1

60

4

RestartService

True

60  

N/A

1

60

4

ResetIISPool

True

60

N/A

1

60

4

DatabaseFailover

True

120

N/A

1

120

4

ComponentOffline

True

60

N/A

1

60

4

ComponentOnline

True

5

12

288

5

Large

MoveClusterGroup

True

240

N/A

1

480

3

ResumeCatalog

True

5

4

8

5

12

WatsonDump

True

480

N/A

1

720

4

Cmdlet Help

Exchange 2013 RTM CU2 introduces the capability for administrators to get updates to Exchange Management Shell cmdlets without needing to deploy a new service pack or cumulative update. Administrators can launch the Exchange Management Shell and run the Update-ExchangeHelp cmdlet to update their local Shell help.

OWA Search Improvements

Previously searching for keywords within OWA did not give indications of the location of the keyword in the search result set. Exchange 2013 RTM CU2 improves OWA’s search results highlighting in three ways:

  1. Conversation items are auto-expanded that have hits in them.
  2. Whenever you search for a term and select a conversation from the result list, OWA will move the scroll position of the reading pane so that the first item part with that search term is in view.
  3. Hit navigation within a conversation – you can jump between search hits quickly using a control built into the reading pane.

Malware Filter Rules

Exchange 2013 RTM CU2 introduces the –MalwareFilterRule cmdlets. You can use the –MalwareFilterRule cmdlets to apply custom malware filter policies to specific users, groups, or domains in your organization. Custom policies always take precedence over the default company-wide policy, but you can change the priority (that is, the running order) of your custom policies.

Looking Ahead

The Exchange Product Group is in the final validation stages to support Windows Azure for Witness Server placement. Specific guidance on using Windows Azure for the Witness Server placement will be available via TechNet at a later date. Support for this scenario will occur once the guidance has been released.

Conclusion

We understand that some features delivered in CU2 were available in Exchange 2010 and haven’t been available until this update. The lack of single sign-on capability in OWA redirection and the reduced per-server database support were due in part to the complete re-write of these components in Exchange 2013. Holding back these features were necessary to meet our code stability and performance criteria for release. It was your feedback which helped prioritize the return of these features. Our new servicing model allows us to add incremental improvements to the product at a faster cadence than the previous model.

As always, we continue to identify ways to better serve your needs through our regular servicing releases. We hope you find these improvements useful. Please keep the feedback coming, we are listening.

Ross Smith IV
Principal Program Manager
Exchange Customer Experience

Updates

  • 7/11/13: Added info about PowerShell Execution Policy and KB981474.
  • 7/11/13: Exchange 2013 Release Notes on TechNet have been refreshed.
  • 7/29/13: Added pointer to updated build of CU2 and updated article.
  • 8/2/13: Added link for CU2 Unified Messaging Language Packs.
73 Comments
Not applicable

I do not know if you have addressed the HIGH CPU Bug for the "Microsoft Sharepoint Search Engine" that has been introduced in E15. But that has rendered my HA unsupported until i finish mailbox moves completely.

Not applicable

Hi Ross - can you elaborate on the malware changes in CU2?

Not applicable

This is great :-) looking forward to upgrading to Exchange 2013 CU2 On-Premises

Not applicable

Still confused and concerned about the storage space requirements.  As an example, if you have a 100GB volume, where you've set quota's on a database of 1GB per user for 80 user's, you've estimated a maximum capacity of 80GB, leaving that extra 20% available.  If you now have to increase the quota's by X% (30% in the examples provided), you're increasing the 1GB quota to, say 1.3GB.  Then for those 80 users in that example, that totals 104GB maximum; not only doing away with the 20% free but also going above the volume size.  I know you said it doesn't actually change underlying storage requirements, but I sounds like that's precisely what it's doing.  Any way to clear that up a bit?

Not applicable

Has this bug been fixed for on-premises version? support.microsoft.com/.../2835562

Not applicable

When Exchange 2013 will be fully stable and will be ready for deployment in production. I suggest MS not to push it to customer. Work with your developers and make it stable first. Also there are not clear design docs or migration docs present for 2013 migration. Deployment assistant tool is also very basic.

Not applicable

Thanks team, great improvements again. A minor request, is it possible to give the file a more descriptive name? Mistakes are easily made when every version has the same name.

Not applicable

@Rick, the storage requirements do not change. Here is a simplified example. An item in a mailbox may have 50 properties (in reality it has way more), and let's say in the past we only used the size of 40 of those properties to calculate the total size of the item towards a user's quota. The space on disk was already utilized within the database, we just didn't report the last 10 properties of space back to the user. In 2013 all 50 theoretical properties are calculated towards total item size and applied towards a user's quota. The space within the DB the mail item uses isn't drastically changing, it is simply more accurately calculated to reflect what the user is actually using.

Not applicable

The DAG Management service contains non-critical code that used to reside in the Replication service. This change does not introduce any additional complexities in event reporting, either – events are written into the Application event log with the source of MSExchangeRepl and crimson channel.

So how does it help, does it just add more info into the crimson? what would happen if I start and stop the service? more details please

Not applicable

why would you just simply calculate the entire space per user to start ?

now after maibox move some users will suddenly report unusual mailbox growth.

not to mention that if you have stats :)

Not applicable

@Brian - so you are saying in the past it was showing 30% less and now it shows the actual size by pulling the more properties this remains same database size on the file?

Not applicable

Hi Team, is there any fix in CU2 on authentication behavior of Outlook Anywhere, to open Public Folders or Shared Mailbox on Exchange 2010? support.microsoft.com/.../en-us

Not applicable

@Addy, we moved internal DAG monitoring code that was previously running inside the Microsoft Exchange Replication service out of that service and into a new service/process called the DAG Management service.  No new events are being logged by this service.  We are logging events as we did before, except that a separate process is now handling that logging.

Not applicable

Hi Ross,

I know the post says "some article links will be unavailable at this stage" but any idea on when we will know more around the schema changes CU2 will bring?

Thanks

Not applicable

@ Massimo - yes.

Not applicable

@ExchangeITPRO, yes pretty much.

@zumarek, this is just one of those things that had been this way forever and with the rewrite of Information Store in 2013 the time was right to finally get it adjusted properly.

Not applicable

Any chance to get s/mime support in the future?

Not applicable

@Massimo: the article you mentioned definitely states the bug seems resolved by this CU.

Not applicable

So I ran this on a newly built EX2013 server (built end of last week using the RTM version (single server which hosts both CAS and Mailboxes - the only Exchange server in the org) - followed the instructions above, prep'd Schema/AD etc - no errors during the install (rebooted for good measure after the process); yet when i run:

Get-ExchangeServer | fl name,edition,admindisplayversion

the version remains as it was before the upgrade - 516.32 (which I understand to be the inital RTM build number) - am I using the correct command to check the build number and should I be seeing a change in build number?

Not applicable

I'm using Exchange Server 2013 RTM. Does Cumulative Update 2 include updates in CU1 ?

Do I need to upgrade to CU1 first then CU2 or just go through CU2 ?

Not applicable

@Jack Chuong

You only have to install CU2. You don't need to install CU1.

Not applicable

hmmz. still no Exchange 2013 category in WSUS catalog

Not applicable

Hi - thanks for the Update ExchangeTeam.

You state that roles cannot be uninstalled from a multi role server, but what about the reverse, can roles be added to a single role server? Can you later run Setup to remove a role?

Thanks in advance.

Rob

Not applicable

@Jeff, that command is fine. After CU2 is applied to a server you should see "Version 15.0 (Build 712.22)" as the AdminDisplayVersion. I just double checked my own lab after applying it.

Not applicable

Hi,

Thanks for this release.

We have installed it on our lab servers and hqve some concerns . it's not possible to send text message (SMS) from OWA anymore.

SMS recipient are not recognized by OWA.

Is is normal, this feature for OWA has been removed ?

Everuthing is working fine with outlook.

Not applicable

Still unable to manage anti-spam agents through the "GUI". Still not selling this product to my customers.

Not applicable

Have you resolved the issue that requires third party transport agents to be recompiled every time you release a CU or SP? It appears that the CU model is going to require ISVs to release updates every time you ship a new one.

Thanks.

Matthew

Not applicable

@Rob - you can add a role to a single-role server, however, you can't remove a role from the now multi-role server. You would need to uninstall Exchange and then install the role that you want on that server.

Not applicable

Is there a list available with bugfixes included in CU2 just like with RU's?

Not applicable

Hi!

Just for heads up...

With CU2 inboundproxyprobe has new TLD in place: contoso.com

You may want to correct your bypassed senders to: inboundproxyprobe@contoso.com to avoid tons of spam from probe engine.

Regards,

Greg

Not applicable

Regarding:

"Prior to Exchange 2013 RTM CU2, many responders were only throttled per-server (e.g., RestartService). Now, these responders are throttled per group."

The text reads to me that teh per-group throttling is in lieu of the per-server throttling, but the table reads to me that they are jointly applied.

Can you please clarifiy if the throttling in CU2 is per-group only, or per-server and per-group.

Thanks!

Not applicable

Ugh... again, I'm having to reset the vdir's for both OWA and ECP because they revert to FBA, despite ECP (on another server) and IIS reporting that WIA (negotiate/negotiate:kerberos/NTLM) is active. What is the "official" cause and resolution? Right now, I'm pointing to CU1  ECP's and resetting the vdir.

Not applicable

I was waiting for this update to fix the problem where redirects for EX2010 users would not render properly.  After applying the update, absolutely nothing has changed.  Does MS even know this is an issue?  This article says that MS claimed that this issue would be fixed in UR2.

www.expta.com/.../owa-2013-cu1-redirection-is-broken-for.html

Not applicable

After CU1 dropped you guys said you would start using more descriptive filenames in future updates... yet CU2 still appears to be named the generic "Exchange-x64.exe"

Not applicable

@ Eliyahu - the issue is because CU's are full builds, and all customizations that have web.config components get overwritten. It shouldn't result in this issue, but it has been, up to now. The issue has been fixed in code, and so CU3 should work just fine, the fix just missed the CU2 deadline.

Not applicable

Can you tell me if CU2 addressed the calendar issue when a MAC OS client connected to Exch 2013: ie: the calendar events may move several hours in any direction?

Not applicable

after installing CU2 owa virtual directory reverted to forms authentication though it is showing basic in shell

any help on this

Not applicable

@ Ghassan - support.microsoft.com/.../2871485

Set it to FBA in EAC, then back to Basic, or use the commands in the KB I provided the link to.

Not applicable

Will S/MIME in OWA ever be supported?

Karl

Not applicable

Any news on Public Folders support for 'Outlook for Mac 2011'?

answers.microsoft.com/.../36a0c6cb-f131-446b-bc12-b93459d8ce2e

Not applicable

Has the issue been resolved with having to specify server IP address in the HOSTS file and specifying the DNS servers for the default front end connector instead of leaving the lookup to all available addresses in case of a DNS query issue which causes the submission queues to backup and requiring a restart of the transport and front-end transport service? This issue has been raised in RTM and RTM CU1.

Not applicable

we have the bug where new retention policies do not apply properly (the user is "stuck" with their old MRM from 2007 and the managed folder assistant throws the ELC error).  Under this new model, does this mean we will be waiting until cu3 for a fix?

Not applicable

@Dan - A server can have a per-server throttling applied to it - for instance we'll only allow that server to have one ForceReboot per day; if that server is a member of a DAG, that one ForceReboot will count toward the max 4 allowed within the group (the DAG in this case).  

@Pesos - unfortunately the build rename was missed with CU2, but we will hopefully have that issue resolved for CU3.  

@Karl - we are aware of the lack of SMIME support in OWA.

@Julian - If you mean

Set-SendConnector To_Partner -SmartHosts "127.0.0.1" -DNSRoutingEnabled $true

will make the connector a DNS connector and ignore the provided smarthosts string.

Then, yes this is fixed in CU2.  If it is another issue, please provide specific details, or work with Microsoft Support to raise an issue.

Ross

Not applicable

since cu2 (can't say for sure if it was there before) we are seeing the bug where when trying to forward an external meeting invite we get

This message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80070005-00000000-00000000].

appears to be hitting o365 as well.  will this not be fixed until cu3?

community.office365.com/.../176107.aspx

Not applicable

@Ross-Here is the link to the issue.

social.technet.microsoft.com/.../451-470-temporary-server-error-please-try-again-later-prx5

Steps taken from Premier were to add local server IP to local HOSTS file and to set the Internal and External DNS servers within the Send connectors of the Default Transport and Front-End Transport service all of which are when the Exchange server front

and back-ends reside on the same box. Is this a bug and is it fixed in CU2?

Not applicable

Since updating to CU2, we have been getting these reports on each drive in the server the drive where Exchange databases are located has 1.3TB of space.

The performance counter '\SERVERLogicalDisk(HarddiskVolume4)Free Megabytes' sustained a value of '45,297.00', for the '15' minute(s) interval starting at '7/21/2013 5:41:00 AM'. Additional information: None. Trigger Name:DatabaseDriveSpaceTrigger. Instance:harddiskvolume4

Along with Event ID 65535, and no Message body in the Alert Event.

Not applicable

Hey,

Looks like we have issues with PowerShell cmdlets logics again..

Set/New-OfflineAddressBook

-VirtualDirectories doesn't work with -WebDistributionEnabled or separately. Each parameter complains that it requires each other, but it doesn't work together at the same time..

Will we have to wait CU3??!?!?

Not applicable

@Mindaugas - can you provide an example of what you are trying to do?

Not applicable

Will this CU fix the problem with Outlook 2007 clients not able to use the calendar sharing wizard?

Not applicable

If we have multiple Exchange servers, which ones should we upgrade first - CAS or MBX?