Managing Exchange 2016Paul Robichaux, MVP

Summit 7 Systems paul.Robichaux@summit7systems.com

Setting the Stage

Quick polling questions

• Q1: How many of you currently have Exchange 2013 deployed?

• Q2: How many of you currently run Exchange hybrid with Office 365?

• Q3: How many of you are currently cloud-only with O365?• Q4: Rate your PowerShell knowledge: novice, intermediate,

expert, Don Jones

Disclaimer

• Exchange 2016 is still pre-release software• Microsoft could change literally anything about it between

now and RTM• What we discuss here is based on current publicly available

code

Tool evolution

• In the beginning…– There were only GUI tools– Exchange System Manager, Exchange Management Console– These were supplemented by APIs: CDOEXM, ADSI, etc.

Tool evolution

• Then came the Exchange Management Shell– This frightened and confused many admins– There was still a GUI but all it did was generate cmdlet calls

• Now we have EAC + EMS– Additional management tools in Office 365

What tools do

• They read or change data in AD– All organizational config data for Exchange– Most server config settings

• They read or change data on the local machine– Exchange databases– Local registry– Local configuration files

Management tool familiesFamily Scope Example

PowerShell Local, remote, or global New-MailboxRepairRequest, Get-Mailbox

EAC Local or remote (sometimes global)

Text editor Local machine EdgeTransplant.exe.config

Custom tool Local, remote, or global Exchange Queue Viewer

Built-in tools Local Managed Availability

Managing Exchange 2016

Active Directory

• Yes, there are schema changes – You should assume every CU will have these

• Requires Windows 2008 or later– Domain functional level– Forest functional level– OS on all directory servers

• Base OS requirement: 2012 or 2012 R2

Servicing model changes

• Service packs are dead• Long live cumulative updates!

Exchange Server 2016 Servicing

• Cumulative Update and Security Update packages• Cumulative Updates 1-4 in sync with O365 evergreen• Post Cumulative Update 4 - Security/Critical Defects

CU1

CU2

CU3

CU4

LTSB

CriticalCumulative Updates (Quarterly)

CU5

CU6

Innovation/Frequent Change

O365 (Weekly)

Long Term Servicing Branch (LTSB)

• Aligns with Enterprise adoption cycle• Changes are still sourced from O365• Security Updates as needed/Cumulative cadence• Customers still need to remain current

Exchange 2016 management

• There are not many obvious management changes in Exchange 2016

• Instead, there are a lot of more subtle changes• Including new emphasis on a few 2013 features that were

largely ignored

Architectural changes

• Not in scope for this session– …but basically, the Preferred Architecture is now enforced– Keep this in mind as you think about managing on-prem Exchange

A day in the life

• Exchange 2016 management is not greatly different from Exchange 2013

• There are a few differences– Failovers are up to 33% faster (95% within 18sec)– MAPI/HTTP now on by default– Search changes – Database divergence detection

MAPI/HTTP

• On by default– Advertised by Autodiscover– Requires Outlook support– Can proxy back to Exchange 2013 mailbox– Can control per user

• Requests tunneled into HTTPS– Easier to troubleshoot problems– Faster

The Redundancy API

• Want to know, or specify, which servers can safely be worked on?

• Get-MailboxServerRedundancy and Get-MailboxDatabaseRedundancy

Database move suppression

• Prevents databases from being moved during times you specify– Doesn’t affect failovers

• Opt-in feature– By default, fourth move per hour blocked

• Set as Managed Availability override

Suppressing moves

• Don’t allow more than 2 moves in the next 2 hoursNew-SettingOverride –Component HighAvailability `–Section ActiveManager –Parameters @(“MoveSuppressionLimit=2", `"MoveSuppressionWindow=02:00:00“) `–Name MoveSuppressionDisablePeak –Reason “Reduce peak moves”

• Disallow moves during peak hoursNew-SettingOverride –Component WorkloadManagement `–Section Blackout –Parameters @(“StartTime=07:30:00", ` “EndTime=17:30:00") `–Name "Peak hours" –Server * –Reason “Reduce peak moves”

Forcing moves

• Sometimes you want to deport all databases from a server so you can maintain it

Set-MailboxServer –DatabaseCopyActivationDisabledAndMoveNow

• Prevents new moves from targeting this server• Moves any active databases to other servers IFF

– A healthy replica exists– On a server whose auto-activation policy is not “Blocked”

Log playdown changes

• Replay Lag Manager on by default• Lagged copies will play down when

– Copy health dictates it– Disk space drops below threshold– Database flagged as possibly corrupted– Disk latency < 20ms

A new server role…

• Office Web Apps Server– Can’t be installed on Exchange server– Offers Office web apps to Exchange, SharePoint, Skype– MS suggests using bound namespace, 1 per datacenter– Load balancer persistence required

OWAS management

• Can be configured at two levels– Org level: all servers use this endpoint– Mailbox server: each individual server uses only the configured

endpoint• No real management of OWAS per se

– It’s an IIS app so you may need to restart app pool, etc.

ReFS

• Exchange 2013 supports ReFS• Exchange 2016 recommends ReFS

– With BitLocker• Michel de Rooij did some tests with ReFS on 2013*

– ~14% decrease in IOPS– Average of ~15% lower CPU usage– Increase in write latency

• But MS says that, overall, Exchange 2016 uses ~22% fewer IOPS than 2013 for same workload

• No detailed performance data on ReFS vs NTFS available yet

Azure

• Exchange 2016 is fully supported on Azure• Lots of pros and cons

Related sessions

• “Managed Availability: What’s In It For You”– Wesselius, Tuesday, 1100, Pinyon 3

• “Deploying Exchange 2016”– Guillet, Tuesday, 1100, Pinyon 1