Upgrading/deploying Exchange 2013 cumulative updates

In my previous post we discussed “How to install an Exchange 2013 server on a single Windows 2012 Standard Edition server“.

In this follow up post, we look at updating Exchange 2013 cumulative updates.

Unlike Exchange 2010 rollup updates, Exchange 2013 cumulative updates are effectively full builds of the product and therefore when downloading a full install with the latest build of the product is downloaded.

The Exchange 2013 cumulative update 2 can be downloaded here.

Once downloaded double click on file Exchange-x64.exe to extract the setup files.

Before running setup ensure you have:

  • Taken a backup of the Active Directory as schema updates are applied as part of the upgrade.
  • Taken a full backup of all your Exchange 2013 servers.
  • Documented any Exchange customisations, such as OWA, Web.config files, as these will get overwritten during the upgrade.

If you have multiple Exchange 2013 servers it is recommended that all servers are deployed and upgraded with the same build versions, you should therefore deploy this update to all servers in the shortest time frame possible.

Mailbox servers should be upgraded first followed by your client access servers.


In order to install cumulative updates the Windows PowerShell Script Execution Policy requires it to be set to “unrestricted”. To find out what it’s currently set to run PowerShell command from your Exchange 2013 Server:


To set to “unrestricted” firstly run PowerShell with elevated permissions (run as administrator) then run PowerShell command:

Set-ExecutionPolicy Unrestricted

Enter Y to confirm this setting.

If you have multiple Exchange 2013 servers this will need to be set on each server.

Prepare CAS servers that are part of a network load balanced cluster

This will depend on how the servers are load balanced and what hardware\software is used. You’ll need to refer to the specific suppliers of your solution for the correct procedure to achieve this. Typically you will drain stop the server to block any new connections being made and wait for the existing connections to cease before proceeding.

Prepare mailbox servers that are members of a database availability group (DAG)

Before you install any cumulative update for mailbox servers that are members of a DAG the server should be placed in maintenance mode. To achieve this the following PowerShell commands should be run (assuming the server is called mbx1):

  • Set-MailboxServer mbx1 –DatabaseCopyActivationDisabledAndMoveNow $true
  • Set-MailboxServer mbx1 –DatabaseCopyAutoActivationPolicy Blocked
  • Set-ServerComponentState mbx1 –Component ServerWideOffline –State InActive –Requester Maintenance

Important note: If you have set or unsure of your activation policy run the following PowerShell command to view:

Get-MailboxServer fit0mbx03 | Select DatabaseCopyAutoActivationPolicy

Prepare Active Directory and domains for Exchange 2013 cumulative Update 2

When installing any Exchange 2013 cumulative update the Active Directory schema requires upgrading first. This must be done from a server that has the Active Directory Administration Tools installed and logged in with a user that has enterprise and schema admin permissions. Copy the installation files to this server and from a command prompt with elevated permissions run the following:

setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms


setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms


setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms


Once these commands have been run wait for your Active Directory to replicate the changes before proceeding.

Important note: If you have any third party, anti-virus software installed on your Exchange 2013 servers these applications services should be stopped before attempting the upgrade process

Upgrade process from a command window

This can be achieved by running the following via an elevated command window:

Setup /m:upgrade /IAcceptExchangeServerLicenseTerms

Progress will be displayed on the screen, once successfully completed reboot your server.

 Upgrade process using the GIU

Run the Setup.exe from the extracted location of your exchange-64.exe cumulative update 2 file. Once the GUI has loaded select option “Allow setup to connect to the internet and check for updates.”


When the update check has completed click Next to continue.

Setup will start to copy the files.

The Setup program will detect that Exchange 2013 is already installed and give you the option to Upgrade.

Accept the license agreement:


Setup will then perform a pre-requisites check and should any issues be detected warn you about them:


The upgrade will then start its processes completing various stages of the upgrade, such as pre-requisites, stopping services etc. This can take some time depending on your specific environment but as a guide I would allow 45 minutes per server for the install to complete.


When setup is completed successfully click the finish button.


After the cumulative update has been install restart the server if prompted to do so.

If you had placed the server into maintenance mode then you can run the commands or the script for stopping maintenance mode after the installation is finished (refer to the notes above).

Take mailbox servers that are members of a DAG out of maintenance mode

Before you install any cumulative update for mailbox servers that are members of a DAG the server should be placed in maintenance mode. To achieve this the following PowerShell commands should be run (assuming the server is called mbx1):

  • Set-ServerComponentState mbx1 –Component ServerWideOffline –State Active –Requester Maintenance
  • Set-MailboxServer mbx1 –DatabaseCopyAutoActivationPolicy Unrestricted

(Or set to your settings as required)

  • Set-MailboxServer mbx1 –DatabaseCopyActivationDisabledAndMoveNow $false
  • Set-ServerComponentState mbx1 –Component HubTransport –State Active –Requester Maintenance
  • Resume-ClusterNode –Name mbx1

Post-installation tasks

Once the upgrade has completed its good practice to verify the health of your servers. Here are some useful PowerShell commands to run against your servers:

Mailbox Server DAG members:

  • Test-replicationheatlh
  • Get-MailboxDatabaseCopyStatus
  • Test-ServiceHealth
  • Get-ClusterNode

All Servers

  • Get-ServerComponentState

Check client connectivity to ensure you can connect via:

  • Full Outlook Client
  • Outlook Web App
  • ActiveSync

Test mail routing to ensure you can send\receive emails internally and externally.

To verify the version you are now using at the latest build version login to the Exchange Administration Console (EAC), click servers on the left hand pane, the servers will then be listed in the right hand pane and should display build 712.22:


Remember if you has disabled any services such as anti-virus to re-enable and to update any tailored configurations again such as updates to the web.config file on your backend mailbox servers.

Ryan Godfrey, Infrastructure ConsultantAuthor: Ryan Godfrey, Infrastructure Consultant
Ryan has ten years’ experience with a broad range of skills and knowledge within the IT industry, designing and delivering projects to Foundation IT’s customers. He has been working with Microsoft Exchange from version 5 through to Exchange 2010 during this time, and more recently testing Exchange 2013.


One thought on “Upgrading/deploying Exchange 2013 cumulative updates

  1. Cesar Contreras

    Do you disable UAC before installing major applications such as Exchange 2013?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s