12/4/13 Update: Exchange 2013 CU3 is now out and I’ve started a new Known Issues list on it here: http://wp.me/p1qPTK-be

11/25/13 Update: Exchange 2010 SP3 RU2 release: https://blog.jasonsherry.net/2013/11/25/exchange-2010-sp3-ru3-2013-cu3-release/ (I will move my “Known Issues” list to this blog post once I have some to list)

7/29/13 Update: Microsoft pulled CU2 a couple of days ago and release CUv2 (but it doesn’t say this anywhere). The new build of CU2 is 15.00.0712.024. Download it here!

7/12, 7/22, 9/2, 9/19 Updates: New issues added to list
7/10/13 Update: Added list of known\possible issues at the end

Download (1.3GB) | EHLO Blog Post on CU2
KB2859928 (not much here) | Release Notes (READ!)

 Today Exchange 2013 RTM CU2 was release, build version 15.0.712.22! Given the new servicing model, that started with Exchange 2013 RTM, this build should have been running in Office 365 for at least a few weeks now. So any major issues should have already been discovered and resolved before the release today. (7/12 So much for that idea, see this post on issues with Public Folder permissions lost: https://blog.jasonsherry.net/2013/07/12/dont-move-your-pf-mailbox-exchange-2013-cu2/ or this one by Tony Redmond: http://windowsitpro.com/blog/new-servicing-model-hiccups-exchange-2010-rtm-cu2-public-folder-permissions-bug-appears)

Given the fixes to OWA SSO and that two major updates have been released  I will now be telling my clients it’s time to upgrade to 2013! If you want help upgrading or doing a cross forest migration to Exchange 2013 contact me!

As with all Cumulative Updates (CUs) this is a FULL BUILD, so when you install you are upgrading the Exchange server to CU2. This build can also be used for fresh installs. There is no UNINSTALL support with CUs, so make sure you TEST, TEST, and RETEST any add-ons and 3^rd party applications in your lab before installing!

Key Notes

1. Updates the Schema, so plan accordantly with your AD team to have /PrepareSchema run
2. Updates the AD settings (RBAC roles have been updated, for example) , so /PrepareAD will need to be run again

New features & improvements:

1. OWA FBA single sign-on redirection improved\fixed
   • Issued fixed from RTM and CU1:
     • Same site: Exchange 2013 and 2007: Users authenticate against Exchange 2013, then are prompted for authentication a second time when redirected to Exchange 2007 CAS, if their mailbox was on Exchange 2007
       • SSO now works, silently redirected and authenticated to 2007 CAS
   • Mixed Site: Exchange 2013 and 2007 in Internet facing site A, user’s mailbox on 2007 in Site B
     • Used to fail with HTTP 500 error, now will silently redirected and authenticate users
   • Cross site: Exchange 2013 in Site A, 2007, 2010, or 2013 in Site B: Users with mailboxes on 2007, 2010, or 2013 prompted to re-authentication when redirected to E12/14/E15 CAS
     • SSO now works, silently redirected and authenticated
   • Note: Make sure your Exchange 2010 server is running SP3 UR1 or higher, there is a known issue with request proxied to a Exchange 2010 SP3. See the Release Notes for more info.
2. Support for 100 databases per server (Enterprise Edition only)
   • 2013 RTM and CU1 only supported 50 database. Due to customer request and changes made in CU2 this has been increased to 100.
   • CPU and RAM requirements will probably limit the number of database to less than 100 on most mailbox servers
     • For more info on this topic see this EHLO post: Per-Server Database Limits Explained
   • Exchange 2013 Storage Calculator has been updated to support 100 database also
3. DAG Management Service
   • Adds a new service, MSExchangeDAGMgmt, which will offload the Replication Service by providing information on health status and logging events in the same location MSExchangeRepl used to, i.e. Application Eventlog using the same Crimson channel, but still using MSExchangeRepl as source.
4. OWA Search improvements
   • Previously searching for keywords within OWA did not give indications of the location of the keyword.  Exchange 2013 RTM CU2 improves OWA’s search results highlighting feature:
     • Auto-expand conversation items that have hits in them
     • Auto-scroll to the first search hit
     • Hit navigation within a conversation
5. Managed Availability improvements
   • In addition to improvements in various probes and monitors, there have been changes to the responder throttling framework
6. Updateable Shell Help
   • Introduces the capability for administrators to get updates to Exchange Management Shell cmdlets without needing to deploy a new service pack or cumulative update
7. Coming soon: Witness Server in Azure Cloud
   • For Azure clients this will allow them to deploy a FSW on an Azure server, which allow organizations with two datacenters to enable automated failover between their two sites.

Known\Possible Issues
Below are a list of issues reported by my peers in the Exchange MVP community and elsewhere. This is NOT an official list from Microsoft by any means. If you have run into issues that only started after installing CU2 please post a comment on this blog post. Also include a link to where you’ve posted the issue on the TechNet forms.

Read the Release Notes, it list multiple officially known issues!

1. Important: Install fails with the following error: (7/10)
   • The following error was generated when “$error.Clear();
     & $RoleBinPath\ServiceControl.ps1 EnableServices Critical
     ” was run: “AuthorizationManager check failed.”.
     AuthorizationManager check failed.
   • Cause: A GPO or the local policy sets the Windows PowerShell Execution policy to a status other than Undefined.
   • Workaround:
     • Disable the GPO\policy before installing CU2
     • If you already started and it failed:
       1. Disable GPO\policy and to a GPUPDATE /Force on the server
       2. Recover the server 1st using RTM or CU1:
          Setup /m:RecoverServer /IAcceptExchangeServerLicenseTerms
       3. Then install CU2
   • See KB2668686 (For Exchange 2010 SP2) for more details
   • 7/11: A note has been added to the EHLO blog post on CU2 about this issue:
     • To prevent issues during the installation or upgrade of Exchange 2013 RTM CU2, you should ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted”. Failure to do so could cause the Exchange 2013 server to be in an unusable state and some downtime could occur. To verify the policy settings, run the Get-ExecutionPolicy cmdlet from PowerShell on the Exchange 2013 Server(s). If the policies are NOT set to Unrestricted you should use the resolution steps in the following article to adjust the settings KB 981474.
2. CRITICAL: BSOD being caused by Health Monitoring (8/18)
   • Per this TechNet thread the Health Monitoring service can BSOD a server after installing CU2
   • I have not seen this issue on the two servers I run in production or the four at one of my clients running Exchange 2013 CU2
   • Quick Fix: Disable the “Microsoft Exchange Health Manager” service on all 2013 CU2 servers
   • Fixed in CU3
3. CRITICAL: Public Folder permissions are loss after moving a PF mailbox (7/12)

• 7/29/13 Update: Microsoft pulled CU2 a couple of days ago and release CUv2 (but it doesn’t say this anywhere). The new build of CU2 is 15.00.0712.024.
• Download CU2v2 here!
• This EHLO blog post was posted 7/12 about this issue:
• http://blogs.technet.com/b/exchange/archive/2013/07/12/e2013-rtm-cu2-issue-public-folder-permissions-loss-after-pf-mailbox-move.aspx
• This issue is only for “modern” Public Folders, which are stored in a mailbox on Exchange 2013, and only comes up if you move that “mailbox” to another server or database
• See the EHLO blog for more details since it has a long Q&A section and more info on the issue

1. Important: DNS Lookup issues may prevent or delay message delivery or cause items to sit in OWA Drafts folder (7/22)
   • I’ve been following a thread on this since CU1\April but just now getting around to post it here, sorry for the delay if you’ve hit this issue
   • Tony Redmond’s also covered this on his blog here: http://thoughtsofanidlemind.wordpress.com/2013/03/25/exchange-2013-dns-stuck-messages/
   • In some environment message delivery will fail with the following error or be delayed by many seconds or minutes.
     451 4.7.0 Temporary server error. Please try again later. PRX5
   • Threads on MS TechNet Forums: http://bit.ly/14A1JQY & http://bit.ly/13UG1ks
   • Quick Fix:
     • Option A: Set the NIC to use for “External DNS lookups” in EAC under Servers
     • Option B: Set ExternalDNSAdapterEnabled and InternalDNSAdapterEnabled to $false and set DNS servers on ExternalDNSServers and InternalDNSServers with the  Set-FrontendTransportService command
     • Others have used a host file with the Exchange 2013 servers in it, but the above method is easier to manage
2. Minor: OWA authentication gets set to FBA after during the upgrade (7/12)
   • Heard of this one today on a mailing list I’m on. Haven’t confirmed it, but if you have a solution like TMG doing pre-authentication this may affect it.
   • Quick Fix: Turn FBA off, on, and back off per one persons post. Just turning it off doesn’t seem to take.
   • 8/1: KB2871485 covers this, it says just to disabled FBA using these three steps below:
     • Set-OwaVirtualDirectory -Identity “EXCH3\owa (Default Web Site)” -FormsAuthentication $false -WindowsAuthentication $true
     • Set-EcpVirtualDirectory -Identity “EXCH3\ECP (Default Web Site)” -FormsAuthentication $false -WindowsAuthentication $true
     • IISRESET
3. Minor: Transport Server must be restarted after taking server out of maintenance mode (7/10)
   • Per peers after putting a server in maintenance (StartDagServerMaintenance.ps1) and then taking it out (StopDagServerMaintenance.ps1) the Front-End Transport server must be restarted before mailflow will resume to that server
     • 7/10: Just heard of this issue from three peers, I will be installing CU2 today on my servers and should see it also
     • Might be same issue as documented here in Jeff Guillet‘s blog post
       http://www.expta.com/2013/04/exchange-2013-rtm-cu1-stops-transport.html
     • Quick fix: Restart the “Microsoft Exchange Frontend Transport” service
     • For general Exchange 2013 questions or to discuss non-support topics join the “Microsoft Exchange 2013” Facebook group I admin: https://www.facebook.com/groups/MSEX2013
4. Minor: MSDiagnostics Event Error 1006 (9/2)
   • From: http://edwardvbs.wordpress.com/2013/08/22/207/
   • Event ID 1006 gets logged with performance counter errors about free space
     • The performance counter ‘\\SERVER\LogicalDisk(HarddiskVolume1)\Free Megabytes’ sustained a value of ’45,297.00′, for the ’15′ minute(s) interval starting at ’7/21/2013 5:41:00 AM’. Additional information: None. Trigger Name:DatabaseDriveSpaceTrigger. Instance:harddiskvolume4
   • Quick fix: Disable this monitor
     1. Edit “…\ExchangeServer\V15\Bin\Microsoft.Exchange.Diagnostics.Service.exe.config”
     2. Change this value to have “False” instead of “True”
        <add Name=”Microsoft.Exchange.Diagnostics.Service.ExchangeJobs.Triggers.DatabaseDriveSpaceTrigger” Assembly=”Microsoft.Exchange.Diagnostics.Service.ExchangeJobs.dll” Enabled=”False” Role=”Mailbox” />
     3. Restarted the MS Exchange Diagnostics Service
5. Minor: Error when forwarding a calendar (9/2)
   • From: http://edwardvbs.wordpress.com/2013/08/08/exchange-2013-cu2-error-when-forwarding-a-calendar/
   • “…users have come back to me saying they get errors when trying to forward a calendar, here is the error:This message could not be sent. Try sending the message again later, or contact your network administrator. Error is [0x80070005-00000000-00000000]MS have advised this is a know bug and will be fixed in CU3. You can check if you get the same error on OWA as well. CU3 is scheduled to be released in about 3 months time.”
6. Important: On Windows 8.1 or 2012 R2 OWA comes up in Lite mode (9/19)
   • This is a known issue with IE11, which comes with Windows 8.1 and 2012 R2
     • Workaround: Use Firefox or Chrome
     • 2010 SP3 RU3 & 2013 CU3 should fix this issue
7. Minor: Setup incorrect request .NET Framework 4.0
   • .NET Framework 4.5 is required, not 4.0, you do NOT need to install 4.0
   • From Release notes page
8. Minor: Exchange XML application configuration files are overwritten during cumulative update installation
   • Any customized per-server settings you make in Exchange XML application configuration files, for example, web.config files on Client Access servers or the EdgeTransport.exe.config file on Mailbox servers, will be overwritten when you install an Exchange Cumulative Update (CU). Make sure that you save this information so you can easily re-configure your server after the install. You must re-configure these settings after you install an Exchange CU.
   • From Release notes page

For community based support goto TechNet forums: http://social.technet.microsoft.com/Forums/exchange/