As an Exchange admin, you’re tasked with performing Exchange server maintenance and updates. Small oversights like expired certificates can compromise your entire infrastructure. This guide walks you through common Exchange server maintenance scenarios for both Exchange 2013 and 2016.
SSL Certificate Exchange Updates for Hybrid Server
1. Using a web browser, browse to your on-premises Exchange Admin Center.
2. Navigate to Servers > Certificates.
3. Select the server that has the expiring certificate, and click the Renew link.
4. Provide a UNC path for the CSR .req file.
- Ensure your share path allows full control to the Exchange Trusted Subsystem security principal.
5. Open the CSR .req file in Notepad, and copy/paste the contents into a web form and/or submit them to your CA.
6. Place your new certificate file somewhere accessible via the UNC path from your Exchange server.
7. In the Exchange Admin Center, select the certificate that has the status of “Pending request,” and click the Complete link.
8. Enter the UNC path to the certificate file and click OK.
9. Select your newly uploaded certificate, and click the Edit icon > Services.
10. Tick the boxes for the services (IIS/SMTP) that you wish to assign the SSL certificate to, then click Save.
Install Exchange Updates
Microsoft has changed the Exchange 2013/2016 update process. Instead of downloading and installing sequential Exchange updates, rollups and services packs, you simply run the latest Exchange 2013/2016 Cumulative Update installer on the target Exchange server.
1. To determine your current Exchange 2013/2016 build number, log in to your Exchange server and run the following Exchange Management PowerShell command:
- Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion
2. Visit the link below, and download the desired Exchange 2013/2016 update:
3. Before running the installer, ensure you have read and understand the release notes, system requirements and prerequisites. Once ready, proceed to the update wizard.
4. After you install a cumulative update or service pack, you must restart the computer so changes can be made to the registry and operating system.
Enable Circular Logging in Exchange 2013 & 2016 Mailbox Databases
1. In the EAC, go to Servers > databases.
2. Select the mailbox database you want to configure, and click the icon.
3. Check/uncheck the Enable circular logging checkbox, and click save.
4. Depending on the replication status of the targeted database, a warning message may appear. Click OK to close the warning message.
- If your Exchange database is not replicated: circular logging will require a dismount and mount of the database.
- If your database is replicated: enabling or disabling circular logging takes effect dynamically; there is no need to dismount and re-mount the database.
The Exchange server maintenance steps outlined above are primarily geared toward tier 2 system administrators using the GUI to make changes to an account. You can script all the steps in PowerShell to perform bulk changes. If you need help automating your infrastructure, contact one of Agile IT’s Exchange experts, and help streamline your organization today.