Managed Availability – an administrative overview

1. Configuration of Managed Availability

After installing Exchange 2013 in production, there might be some HealthSets in an Unhealthy state.

2. AlertValue “Unhealthy”

The first step you have to do is a HealthReport from the entire server:
Get-HealthReport -Server | where {$_.alertvalue -ne “Healthy”}

Note: The property “NotApplicable” shows whether Monitors have been disabled by Set-ServerComponentState for their component. Most Monitors are not dependent on this, and report “NotApplicable”.

Let’s take a look at HealthSet “Autodiscover.Protocol” and why it’s in an Unhealthy state.
To get all information about the Autodiscover.Protocol HealthSet, we have to analyze the Monitoring Item Identity:

Continue reading “Managed Availability – an administrative overview”

Managed Availability – Exchange Server 2013 restarts frequently

My Exchange 2013 SP 1 servers restarts frequently and don’t displayed a blue screen. The root cause from Exchange 2013 CU 2 was already solved in Exchange 2013 CU 3 so I have to investigate further. The CU 2 problem is described in the KB2883202 article.

My environment contains a 4 node DAG with Exchange Server 2013 SP 1 based on Windows Server 2012.
I was looking for a “*ForceReboot*”  by Managed Availability and found the following Requester:

(Get-WinEvent -LogName Microsoft-Exchange-ManagedAvailability/* | % {[XML]$_.toXml()}).event.userData.eventXml| ?{$_.ActionID -like “*ForceReboot*”} | ft RequesterName–> ServiceHealthMSExchangeReplForceReboot

Continue reading “Managed Availability – Exchange Server 2013 restarts frequently”

Exchange 2013 coexistence with legacy Exchange versions and Kerberos authentication

If you would like to use Kerberos authentication during coexistence between Exchange 2010 and Exchange 2013 SP1 to remove the NTLM authentication bottlenecks in large Exchange environments, you have to consider some important things.

Kerberos is not enabled by default in Exchange 2013 SP1 and needs some manual configuration tasks.

Note: Exchange 2013 SP1 proxies connections to Exchange 2007 and Exchange 2010 resources utilizing NTLM authentication.

First of all you have to consider to re-use the existing Exchange 2010 ASA with new human-know credentials or create a new ASA for the Exchange 2013 SP1 organization.

If you consider to re-use the existing Exchange 2010 ASA:

  • Advantage: One ASA for both Exchange 2010 and Exchange 2013 SP1 servers
  • Disadvantage: You have to use human-know credentials instead of machine-generated credentials

If you consider to create a new ASA for the Exchange 2013 SP1 organization:

  • Advantage: You can use the .\RollAlternateServiceAccountPassword.ps1 script against Exchange 2013 SP1 multi-role servers.
  • Disadvantage: The Service Principal Names (SPN) must be moved from the existing Exchange 2010 ASA to the new Exchange 2013 SP1 ASA for any hostname you will be moving from Exchange 2010 to Exchange 2013 SP1

Continue reading “Exchange 2013 coexistence with legacy Exchange versions and Kerberos authentication”

Exchange 2013 Cumulative Update 5 (CU5)

Microsoft released the quarterly servicing update to Exchange Server 2013. There is only one new feature: improvements in the OAB management for distributed environments.

You can read the full blog post at the Exchange Team Blog.

A great fix is KB2924519 which repairs the CU2 Installation issue when Exchange was installed on another drive than C (for example D), then the empty D:\TransportRoles\Logs\SyncHealth\Hub was created.

Also there are some changes to the Hybrid Configuration Wizard as well. You can check out the article from Michael van Horenbeeck at the ENow blog.

The complete list of reported issues is available at the Microsoft support site.