Mark Minasi's Tech Forum
Sign up Calendar Latest Topics

  Author   Comment  

New Friend (or an Old Friend who Built a New Account)
Posts: 81
Reply with quote  #1 
I manage a pair in a DAG configuration.

Note: Exchange 2010 SP3

For various reasons (past problems with updates, new style update coming up in October), we were wondering if patching one Exchange server first and then waiting a couple days (?) before patching the other is a good proposition or likely to cause more problems than it might potentially solve.

I suppose if you manage a multitude of Exchange servers (hosting company for example), they are not necessarily all patched at the same time.

In my case, I'm talking about a single pair.

Of course, even now, they are not patched exactly at the same time, but one after another.

If a patch prevented the first server from rebooting we would obviously not install patches on the second before understanding what is going on.

On the other hand, we probably would not want two Exchange servers at different patches levels for too long.

Any ideas on this?

Thanks guys!


Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Posts: 45
Reply with quote  #2 
Ah yes, how long is the piece of string that's the colour purple.

To start with we patch maybe 2 months, possibly 3 months behind. Only exception are security patches and updates, they are installed monthly. We have a rolling policy on customers so not all are patched on a single night, gets spread out over the month.

Too be honest on single site Exchange servers we just patch and deal with the fallout afterwards, with the rolling updates if there are consistent issues we stop investigate and remediate as necessary.

With multiple exchange servers there is a bit more care. Check the updates, see if they mention clusters/ DAGs, see if there were any issues with the standard sites.
Then I'd isolate the .NET updates.
Backup the servers, most are virtual and protected with D2D at this stage.
Patch the .NET updates, they almost always in my experience cause the most issues on a server by server schedule.
Then your OS patches, security updates and then the Exchange updates.

I have to say on Exchange 2013 and 2016 the roll back, or force forward (not sure if the correct term) install of updates seems to be better. Probably a symptom of the bad updates that have been released.

Your on Ex2010, so rolling forward with each set of updates should allow you to fall over to another server should Mr Murphy hit. Also having a baby kept will also help. But consider testing the DR process should one fail badly. You might find out the total build time of a replacement server (including installing, patching, attaching, replicating mail and AD cleanup, might be a 'better known quantity of time' than telling a manager that your not sure how much longer to fix the update issue/ error that has just occurred.

Press any key....
Yes, any key....
OK, try the space bar.
Previous Topic | Next Topic

Quick Navigation:

Easily create a Forum Website with Website Toolbox.