This blog is a walk-through process of Exchange 2019 Active Directory Update including updating schema, active directory and domains for Microsoft Exchange Server 2019. The same steps can be used for any cumulative update versions.
Go through System Requirement and Prerequisites: https://laexugfoundation.org/prabhat/2019/12/e2019prereq
- Disable the replication on the schema master domain controller by running the following cmdlets:
repadmin /options SchemaMasterDCName +DISABLE_OUTBOUND_REPL
repadmin /options SchemaMasterDCName +DISABLE_INBOUND_REPL
Open Even Viewer and check directory services logs for the event id 1115 and 1113.
Install RSAT AD tools using Windows PowerShell to run AD update and preparation commands from Exchange 2019 server:
If you have already installed in from GUI then you will see below Exit code and Feature Result.
Run Exchange 2019 Schema Update
.\setup.exe /Prepareschema /IacceptExchangeServerLicenseTerms
Restart the DC once schema update completes.
Testing the DC working with the following tools
-Run Dcdiag, replication test will fail which is know because we have disabled replication
-Open mmc and connect to schema and review it is opening nicely. If you don’t see Schema mmc then run the below command and it will appear.
-Open ADUC and see if you can access the AD objects
Run the command to check the schema level.
dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=<Domain>,dc=<local> -scope base -attr rangeUpper
Example: dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,CN=Configuration,DC=Domain,DC=com -scope base -attr rangeUpper
Now verify at Microsoft TechNet link here.
If the result is healthy then Enable the replication on the schema master domain controller, then enable the replication by running the following commands:
repadmin /options SchemaMasterDCName -DISABLE_OUTBOUND_REPL
repadmin /options SchemaMasterDCName -DISABLE_INBOUND_REPL
AD replication and verification:
-Open Active Directory Site and services and force the replication.
-Wait for the replication to complete.
-Open the command prompt and run the following commands to sync all domain controllers
repadmin /syncall /force
Open the command prompt and run the following commands to review the replication and any failed or error.
If you find the domain controller has got corrupted the active directory database, then continue to disable the replication and report a bug at Microsoft.
Once Microsoft collects all the reports, format this domain controller and seize the FSMO roles on the other domain controller. Now wait for Microsoft’s resolution or revised version of Exchange.
Remember you can’t revert FSMO seizing.
Open Even Viewer and check directory services logs for the event id 1114 and 1116
AD schema update has completed.
Important note: No Exchange Server 2013 roles have been detected in this topology. After this operation, you will not be able to install any Exchange Server 2013 roles.
In my setup there is no Exchange 2013 and no Exchange 2016 so Exchange AD preparation is informing that Exchange 2013 and 2016 can’t be installed after we run this command.
If you have any plan or application compatibility requirement to install Exchange 2013 and 2016 then make sure to do it before starting Exchange 2019 schema update.
Run the following Exchange 2019 Active directory Preparation command:
.\setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms /OrganizationName:orgname
PrepareAD has completed here.
In a multi-domain active directory forest, we can either run /preparedomain to update one domain at a time or use /preparealldomains to update all domains in one go.
Run the following Exchange 2019 Domain Preparation command:
.\setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms
Domain Preparation has completed here.
We can again test and run the Active Directory health checks.
This completes Exchange 2019 Active Directory Preparation.