SuperTekBoy

Practical Help for Exchange & Office 365

Exchange

The F12 easter-egg in Hybrid Configuration Wizard

By 1 Comment

17 Shares
Share
Tweet
+1
Share
Reddit

One of the best-kept secrets in the hybrid configuration wizard (“HCW”)
 is the F12 easter-egg. Jeff Kizner demonstrated this feature during his Ignite session back in September.

Tip: For a break down of Jeff’s session, with notes and timers, I highly recommend checking out 15 Ignite sessions every Exchange admin should see.

If you press F12 this enables a new section called Diagnostic Tools. This section provides shortcuts to the following tools or folders.

Hybrid Configuration Wizard F12 Diagnostic Tools
  • Open Exchange Management Shell opens a remote PowerShell session to your on-premises Exchange servers.
  • Open Exchange Online PowerShell opens a PowerShell connection to Exchange Online. This supports MFA-enabled admin accounts.
  • Open Log File opens the active HCW log file in Notepad. The HCW logs are stored in the profile of the user running the HCW. For example, C:\Users\<user>\AppData\Roaming\Microsoft\Exchange Hybrid Configuration
  • Create Support Package will combine your HCW log files into a single ZIP file which can easily be sent to Microsoft support. This link actually opens a second screen where you can specify to ZIP logs from the last 24 hours, or, between a certain date range. You then have the option to copy the file to the clipboard so it can be easily attached to an email.
  • Open Logging Folder opens the folder location of the HCW logs. 
    The HCW logs are stored in the profile of the user running the HCW. For example, C:\Users\<user>\AppData\Roaming\Microsoft\Exchange Hybrid Configuration
  • Open Process Folder opens a Command Prompt to the HCW process directory.

Pressing F12 a second time will hide these tools.

Twitter

What do you think about this easter-egg? Have you run into any cool easter-eggs in other Microsoft products? Drop a comment below or join the conversation on Twitter

What Ignite taught us about Exchange 2019

By 2 Comments

30 Shares
Share
Tweet
+1
Share
Reddit
Microsoft Ignite

It’s amazing to believe that Microsoft Ignite was over a month ago. With 1,610 sessions Microsoft gave us a massive amount of announcements and demonstrations of new product features. This included Exchange 2019.

If not already, I highly recommend checking out 15 Ignite sessions every Exchange admin should see.  Each session in this article includes extensive notes on what each session contained. In addition, those notes contain timers so you can jump to the section that interests you the most. Hopefully, it will also serve as a reference if you need to search for a certain announcement or feature weeks (or even months) down the road.

Here is what Ignite taught us about Exchange 2019.

Changes to Exchange development

The tagline for Exchange 2016 was that it was “forged in the cloud”. This was a result of Exchange Online and Exchange on-prem sharing a common code base. The greatest benefit of this common code was that it ran in the cloud for a number of months before shipping on-prem as a cumulative update. By the time the code was released on-prem, it had been more than validated as stable and able to run at scale.

Going forward Microsoft has separated Exchange on-prem into its own code branch. This means that Exchange online is no longer driving cumulative updates for on-prem. What will drive updates are security patches and feature requests from customers. So, be sure to make your voice heard on UserVoice, at conferences, and in the various TAP programs.

Exchange 2019 Forked Code Base From Exchange Online

While Microsoft currently plans to keep cumulative updates quarterly, they have opened up the conversation on whether updates should occur less frequently. Common feedback is that the current release cadence of quarterly cumulative updates is too aggressive for some customers. The product group also believes this could result in more stable releases.

[Read more…] about What Ignite taught us about Exchange 2019

Exchange October 2018 Updates

By Leave a Comment

26 Shares
Share
Tweet
+1
Share
Reddit
Exchange Server 2016 CU11

Last week was a big week for Exchange 2016. Microsoft released Cumulative Update 11. At this time no updates were released for Exchange 2013 or Exchange 2010. Exchange 2013 entered extended support back on April 10th, and Microsoft announced in June that cumulative update 21 was the last planned update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2016 Mini

Exchange 2016 Cumulative Update 11KB4134118UM Language Pack

So, what’s new in these Cumulative Updates?

Cumulative Update 11 now officially supports .NET Framework 4.7.2. Framework 4.7.2 is only optional at this point and will not become mandatory until the June 2019 updates. Due to no quarterly update scheduled for December, it is expected that CU13 will be the first version to enforce 4.7.2 as a requirement.

Support for 4.7.2 has been officially added to Exchange 2013 CU21, which was released back in June. 4.7.2 will also be a requirement for Exchange 2019. However, 4.7.2 is preinstalled with Windows Server 2019, so it will not require a separate download. For a great resource on navigating which .NET update goes with which CU I recommend reading Upgrade Paths for CU’s & .NET by Michel de Rooij.

In the June updates, it was stated that all Exchange roles would require Visual C++ 2013. Microsoft has since clarified this statement to the following:

  • Mailbox role will require both Visual C++ 2012 & Visual C++ 2013
  • Edge & Management tools only require Visual C++ 2012

Cumulative Update 11 will now perform prerequisite checks to confirm the necessary versions of Visual C++ are installed.

These updates contain 22 security and bug fixes. Check KB 4134118 for a list of issues CU11 resolves.

[Read more…] about Exchange October 2018 Updates

Free Exchange chapters – Manage Users, Groups & Public Folders

By Leave a Comment

28 Shares
Share
Tweet
+1
Share
Reddit

Last year I was invited to write an Exchange 2016 book with a few fellow MVPs. Unfortunately, due to unforeseen circumstances, the book was later cancelled

Rather than have my chapters go to waste (combined these chapters are 40,000 words) I wanted to offer them to you for free.

Below you will find three chapters covering the management of mailboxes, groups, contacts, mail-enabled users, and public folders.

That said I do want to warn you that these chapters only received a brief technical review. They did not go through any formal editorial process, so I apologize in advance for any errors. Please read these at your own risk.

While I offer these for free I would like to state that my work is under copyright. By viewing or downloading these chapters you agree to the copyright notice below.

Chapter 6 – Managing MailboxesDownload
Chapter 7 – Managing Groups, Contacts & Mail-Enabled UsersDownload
Chapter 8 – Managing Public FoldersDownload

Copyright © 2018 by Gareth Gudger

All rights reserved. No part of these chapters may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher, except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law. For permission requests, please email info@supertekboy.com.

15 Ignite sessions every Exchange admin should see (2018)

By 2 Comments

172 Shares
Share
Tweet
+1
Share
Reddit
Microsoft hosted its annual Ignite conference in Orlando this September. Ignite was massive at 1,610 sessions. That is a lot of sessions! For the first time ever, Microsoft live streamed most of its sessions. Not just the keynotes! You can find the on-demand sessions at the Microsoft Tech Community. Here are the top 15 sessions I think every Exchange admin should watch.

Tip: I have included extensive notes for each session and the time each topic starts. You can expand the session notes under each video by clicking “Show more session notes”



Welcome to Exchange Server 2019
(watch video)

Welcome to Exchange Server 2019
In this session, Greg Taylor and Brent Alinger discuss all the new features shipping in Exchange 2019. They also discuss features that have been discontinued and the system requirements for Exchange 2019.

  • Current state of Exchange Online (1:05 mins)
    • Office 365 revenue 38% YoY growth
    • Office 365 seats 29% YoY growth
    • 135 million users in Office 365
    • Outlook mobile on >100 million devices
    • 94% of Fortune 500 have Office 365
  • Exchange 2019 only available via volume licensing (3:30 mins)
  • Changes to Exchange development (4:20 mins)
    • Exchange on-prem & Exchange online were developed in tandem using the same code
    • Exchange on-prem code moved to its own code branch & will be independent of Exchange online
    • Discussion on cumulative update schedule going forward
  • Unified Messaging removed from Exchange 2019 (10:40 mins)
    • UM functions have been removed
    • Migrating a UM-enabled mailbox to Exchange 2019 will UM-disable that mailbox
    • Recommend replacement is Cloud Voice Mail which can still store voice mail in Exchange mailboxes via EWS or SMTP
    • If you need Unified Messaging:
      • Move all mailboxes to Office 365
      • Migrate to Skype for Business Server 2019 & utilize Cloud Voice Mail
      • Stay on Exchange 2016
      • Deploy a 3rd party voice mail solution
    • For more information see BRK3229 – Everything you need to know about Skype for Business Server
  • Unified Messaging Migration scenarios for Exchange 2019 (15:30 mins)
    • Exchange 2013 or 2016 + Skype for Business
      • Migrate to Skype for Business Server 2019
      • Enable Cloud Voice Mail
      • Migrate to Exchange Server 2019
    • Exchange 2013 or Exchange 2016 + 3rd Party PBX
      • Implement a 3rd party voice mail solution
      • Migrate to Exchange Server 2019
    • Note: Due to the discontinuation of Session Border Controllers, 3rd party PBX systems cannot use Cloud Voice Mail.
  • Vision for Exchange 2019 (17:30 mins)
  • Exchange Server 2019 requires Windows Server 2019 (19:20 mins)
    • Windows Server 2019 available in October
  • Exchange Server 2019 supports Server Core (20:15 mins)
    • Microsoft recommends server core for improved performance, smaller attack surface & smaller disk footprint.
    • Exchange 2019 can still be installed on an OS with a GUI.
  • Exchange 2019 will only use TLS 1.2 (23:15 mins)
    • RC2, RC4, DES, 3DES, MD5 & SHA disabled during install
    • Preference for elliptic curve key exchange
    • Exchange will use forward key secrecy
    • EHLO Blog: Getting ready for TLS 1.2
  • Exchange RAM requirements (25:55 mins)
    • Max supported RAM = 256 GB
    • Mailbox role min RAM = 128 GB (2016 was 8 GB)
    • Edge role min. RAM = 64 GB (2016 was 8 GB)
    • Max processor count = 48 cores (2016 was 24)
  • Search changes in Exchange 2019 (29:35 mins)
    • Big Funnel (powered by Bing technology) replaces Fast Search
    • Indexes now stored in the DBs (in each mailbox)
    • No more potentially huge index files that can become unhealthy
    • Index health no longer an issue for DB failovers or switchovers
    • DB log shipping includes the indexes
    • Outlook 2019 in cached mode will attempt to pull search results from the server (not locally)
    • For more information see – BRK3130 Email search in a flash! Accelerating Exchange 2019 with SSDs (notes and session below)
  • Storage (and MCDB) in Exchange 2019 (32:50 mins)
    • Exchange 2019 can optionally leverage a MetaCache Database (“MCDB”) which is stored on SSD
    • MCDB allows for:
      • Faster logons
      • Faster search
      • Faster retrieval of very small items
    • MCDB caches 10% of key data from a DB including:
      • Index data
      • Mailbox folder structure
      • Very small items
    • If the SSD or MCDB were to fail all requests will be served directly from the mailbox DB on the spindle disk
    • Sizing for MCDB
      • Regardless of whether you deploy MCDB or not, your spindles must always meet the IOPS requirements for your users
      • All servers must have the same spindle & SSD layout
      • Spindle disk to SSD should be 3:1
      • To plan for SSD storage take 5-6% of your total spindle storage
      • Brent’s example
        • 15 spindle disks = 5 SSDs
        • 15 spindle disks at 10 TB each = 150 TB of mailbox storage
        • 5-6% of 150 TB = 10 TB of total MCDB storage
        • 10 TB = 5 SSDs at 2 TB each
  • Code optimizations (45:00 mins)
    • No more UM code
    • No more UM language packs to install
    • Exchange 2019 DVD size reduced by 20%
    • This results in:
      • Faster installs
      • Fewer files and disk usage
      • Improved security
      • Reduced surface area
  • Dynamic Database Cache (46:25 mins)
    • Memory allocation between active & passive DB copies optimized
    • Active copies get more memory and cache than passive copies
  • Performance gains from MCDB & Dynamic Database Cache (49:30 mins)
    • 20% more users per server
    • Latency cut by 50% for many client/server operations
  • Client Access Rules in Exchange 2019 (51:15 mins)
    • This restricts who can access the Exchange Admin Center & Exchange Management Shell
      • For example, allows the Exchange Admin Center to be restricted externally
    • Exchange 2019 should be the front-end for all client communications
    • Administrator mailboxes must be on Exchange 2019 to leverage these rules
  • Remove-CalendarEvents (54:10 mins)
    • Exchange administrators can cancel meetings (not appointments).
    • This is particularly useful to cancel a meeting from an organizer who has left the company
  • Outlook default option for recurring meetings now configures an end-date rather than no-end-date (57:00 mins)
  • Do Not Forward Meetings (57:20 mins)
    • Do Not Forward can now be set on meetings created in OWA.
    • Meeting attendees in OWA will see a banner stating Do Not Forward is enabled & Forward option is greyed out in the menu.
    • Exchange transport enforces the Do Not Forward settings so all Outlook clients honor this setting
    • All other Outlook clients will receive an NDR if they attempt to forward a Do Not Forward meeting
  • New Out of Office (OOF) options in OWA (1:00:20 mins)
    • Automatically decline meeting invites received during the OOF
    • Clear existing meetings during the OOF
    • Mark the user’s calendar as blocked during the OOF
  • Email Address Internationalization (1:01:45 mins)
    • Send/receive messages to/from non-English email addresses such as:
      • Latin
      • Greek
      • Chinese
      • Japanese
      • Cyrillic
      • Hindi
    • Adding EAI proxy addresses or accepted domains in Exchange is not supported
  • Exchange 2019 system requirements (1:03:00 mins)
    • Windows Server 2019
    • .NET Framework 4.7.2 (preinstalled with Windows Server 2019)
    • Forest functional level of Server 2012 R2
    • 128 GB minimum RAM (64 GB for Edge)
    • Minimum coexistence is Exchange 2013
    • For more information see – Exchange Server System Requirements
  • Future plans & roadmap (1:05:15 mins)

Show more session notes
Show less session notes




Hybrid Exchange - Making it easier and faster to move to the cloud
(watch video)

Hybrid Exchange: Making it easier and faster to move to the cloud
In this session, Jeff Kizner discusses all the advancements coming to Exchange hybrid. Topics include:

  • Future vision for hybrid (3:30 mins)
  • Administration challenges (6:00 mins)
  • Organization Configuration Transfer (“OCT”) (7:30 mins)
    • Version 1 released June 2018
    • Performs a one-time transfer of the following objects (and skips any named policy if it exists in the tenant already):
      • Retention policy
      • Retention policy tags
      • OWA mailbox policy
      • Mobile device mailbox policy
      • ActiveSync mailbox policy
  • Jeff demos OCT Version 2 (9:00 mins)
    • Hybrid key acquisition built into the hybrid configuration wizard (“HCW”)
    • Tip: Pressing F12 in the HCW gives you easy access to logs & PowerShell
    • Version 2 grants the administrator the ability to resolve conflicting policies
    • Rollback_OCT script available in the logging folder.
      • This gives you the PowerShell to reverse changes made by OCT
    • Version 2 adds the following objects into one-time transfer:
      • DLP policy
      • Organization configuration
      • ActiveSync device access rules
      • ActiveSync organization settings
      • Malware filter policy
      • Policy tips
      • Address lists
  • Demo of the new Hybrid Agent (24:15 mins)
    • Designed to establish hybrid with zero inbound connections from the cloud (no firewall, DNS, or, certificate changes required)
    • Utilizes Azure App Proxy technology
    • Demo of free/busy & MRS moves with Exchange on-prem not published over HTTPS 443
    • Demo of the following configuration in Exchange Online
  • Hybrid Agent architecture overview (32:50 mins)
    • Hybrid Agent installed on-prem & talks to Hybrid Proxy Service in the cloud
    • Hybrid Agent only needs outbound HTTPS 443 for mailbox moves & HTTP 80 for CRL checks
    • Each hybrid agent gets a unique Hybrid Proxy Service URL
      • URL formed from a randomly generated GUID
      • GUID can only be found in your on-prem logs or your Office 365 tenant
      • GUID combinations are 2 power of 22
      • Hybrid Proxy Service URL is locked down to just the Exchange Online IP addresses
      • Currently available in private preview
  • Hybrid Agent – Free/Busy lookups (36:05 mins)
    • Free/busy lookups from on-prem to cloud go directly to the internet
    • Free/busy lookups from cloud to on-prem use Hybrid Agent
  • Hybrid Agent – Mailbox migrations (37:05 mins)
    • Always uses the hybrid agent
  • Jeff demos setup of the Hybrid Agent (37:20 mins)
    • HCW asks if you want:
      • Classic Hybrid – same hybrid we use today
      • Modern Hybrid – automatically downloads & starts the Hybrid Agent install process
    • Install process
      • Download the agent
      • Install the bits
      • Register agent
        • This generates a certificate for your tenant that can only be used by you
      • Configure agent
        • Certificate valid for 180 days
        • Certificate auto rolled 30 days before expiration
        • Private key is non-exportable
        • Agent identifies a URL to use
      • Validate agent
        • Tests migration endpoint availability
      • Complete configuration
        • Set organization relationship (TargetSharingEpr, etc.)
  • Hybrid Agent Version 1 (43:40 mins)
    • Supports hybrid free/busy and mailbox moves only
    • Version 1 for new hybrid setups only
    • Install 3 or more agents for high availability
    • Dedicated servers not required (install the agent on existing Exchange servers)
    • Hybrid Agent can be installed in DMZ but required HTTPS back to Exchange on-prem servers
    • Hybrid Agent will auto-update
  • Demo solving hybrid Send As with the Hybrid Agent (49:15 mins)
  • Q&A from the audience (55:00 mins)
    • Can we control the updating of the Hybrid Agent?
    • Can we have a PowerShell version of the OCT?
    • What is the scalability of the Hybrid Agent?
    • Can RBAC be integrated into OCT & Hybrid Agent?
    • How can I get rid of Exchange on-prem?
    • Would the Hybrid Agent eliminate the need to keep Office 365 URLs & IPs up to date on our firewall?
    • Does the Hybrid Agent support multi-forest?
    • How does the Hybrid Agent work with organizational sharing of free/busy?
    • When is the Hybrid Agent expected to GA?
    • Do I still need a 3rd-party SSL cert for on-prem Exchange servers in hybrid?
    • Will there be a path from classic to modern hybrid?
    • Will the hybrid agent support multiple geographically dispersed migration endpoints?
    • Are there any advantages to sticking with the classic hybrid?
    • Is the private preview of the Hybrid Agent fully supported?
    • Does the Hybrid Agent remove the requirement to publish Autodiscover on-prem?
    • Will hybrid Send As work in multi-forest?
    • Will hybrid Send As be available in the classic hybrid?
    • Does the Hybrid Agent eliminate all DNS changes I need to make to go to Office 365?

Show more session notes
Show less session notes




Deploying Outlook mobile securely in the enterprise
(watch video)

Deploying Outlook mobile securely in the enterprise
In this session, Ross Smith IV discusses how to secure the Outlook mobile app for Exchange online and on-prem mailboxes using various technologies. Topics include:

  • Current Outlook mobile connectivity model for online & on-prem (2:50 mins)
  • Future Outlook connectivity model will consolidate all Outlook clients to just 2 protocols (5:10 mins)
    • Proprietary and REST protocols to be replaced by Hx starting EOY
    • Outlook Mac, Outlook Mobile & Windows 10 clients will all use Hx
      • Removes the need of the stateless protocol translator
    • Outlook Windows will continue to use MAPI/HTTP
  • ADAL authentication for Exchange online & on-prem mailboxes (7:20 mins)
  • Outlook mobile authentication explained (federated identity) (9:00 mins)
    • Required for user-based certificate authentication
  • Hybrid modern authentication (HMA) for on-prem mailboxes (11:55 mins)
    • Outlook Mobile only makes connections to Exchange Online
    • MRS syncs data between Exchange online and on-prem with ActiveSync
    • Ability to lock down on-prem ActiveSync to IPs for AutoDetect & Exchange online
  • Securing with Conditional Access (16:15 mins)
  • Require Outlook mobile as the exclusive messaging client with conditional access (19:30 mins)
    • Utilizes required approved client app
    • Use two conditional access policies
      • 1st policy matches either iOS or Android using modern auth and forces them to use Outlook mobile
      • 2nd policy matches for ActiveSync using basic auth and forces them to use Outlook mobile
      • In this config Exchange online will quarantine basic auth ActiveSync
  • Sign-in conditional access (26:50 mins)
    • Requires Azure Identity Protection
    • Can block Outlook mobile access based on leaked credentials or suspicious sign-ins
    • Possible action can force a password reset via SSPR
  • InTune MDM (30:25 mins)
    • Android for Enterprise (Android 5.0) is a container for corporate apps & data
    • Isolates corporate and personal data
  • InTune App Protection (35:25 mins)
    • Protects the individual apps without enrolling the device
    • Control access to app & data
    • Controls movement of data
    • Selective wipe of the app (by admin, user, or, offline interval)
    • Corporate data encrypted independent of device-level encryption
    • Personal or unmanaged data is untouched
  • Application configuration policies (47:00 mins)
    • Allows for the configuration & management of apps (e.g. Outlook mobile email account config)
  • New Outlook mobile admin experience in InTune (52:00 mins)
  • Securing data in Office 365 (53:30 mins)
    • Lockbox (just in time) for Office 365 engineers
    • TLS 1.2 encryption for data in flight
    • BitLocker for data at rest
    • Service encryption for data at rest in Exchange Online
  • Azure Information Protection now Microsoft Information Protection (57:00 mins)
    • Discover & classify sensitive data
    • Apply protection (encryption, restriction, watermarks), governance (retention, deletion, archiving), and monitoring (alerts).
    • Outlook mobile can set & see sensitivity labels
    • Estimated release Q2 2019
  • Demo on conditional access policies & user experience (59:00 mins)

Show more session notes
Show less session notes


[Read more…] about 15 Ignite sessions every Exchange admin should see (2018)

Exchange 2019 Public Preview Released

By 3 Comments

34 Shares
Share
Tweet
+1
Share
Reddit
Exchange 2019 Setup Screen DLast week Microsoft announced the public preview of Exchange 2019. It is expected that Exchange 2019 will ship later this year.

You can download the preview bits using the link below. Please note, that this is preview code and you should not deploy this in production.

Exchange 2016 MiniExchange 2019 Public Preview

Server Core supported for Exchange 2019

The biggest announcement is that Exchange 2019 is the first version of Exchange to work on Windows Server Core. The benefit of Server Core is added security. Server core reduces your attack footprint and a smaller footprint means fewer things to secure and keep up to date.

It’s worth noting that from an administrative standpoint Server Core is a bit of a different animal. If you access Server Core via a console or remote session you are only going to see a command line. You will quickly notice that programs which use an MMC, such as Services or Event Viewer, are unavailable. In addition, shell programs such as Windows Explorer, or, Task Manager are also unavailable.

For Exchange, this is not much of an issue because the Exchange Admin Center and Exchange Management Shell can be run remotely from anywhere. For everything else, you will need to use Remote Server Administration Tools or remote PowerShell.  For a list of tools that are directly accessible on Server Core check out the article: What is the Server Core installation option in Windows Server?

For a great write-up on installing Exchange 2019 on Windows Server Core, check out this article from the Exchange Team.

Of course, if you prefer to have the full desktop experience you can still install Exchange 2019 on a server with a GUI. [Read more…] about Exchange 2019 Public Preview Released

Cumulative Update cannot find EnterpriseServiceEndpointsConfig.xml

By Leave a Comment

10 Shares
Share
Tweet
+1
Share
Reddit
While applying a cumulative update I ran across the following error.

Warning:
An unexpected error has occurred and a Watson dump is being generated: Could not find a part of the path 'C:\Windows\Temp\ExchangeSetup\bin\EnterpriseServiceEndpointsConfig.xml'.

The Exchange setup log essentially repeated this same error, without any additional clues. The C:\Windows\Temp\ExchangeSetup\ folder is a staging area used by setup to unpack temporary files. These files are copied to this temporary location during the ‘Initializing Setup’ and ‘Copying Files’ steps.

When navigating to this folder it became apparent that not only was the file in question missing but the entire parent folder too. [Read more…] about Cumulative Update cannot find EnterpriseServiceEndpointsConfig.xml

Exchange Cumulative Update hangs during setup finalization

By 1 Comment

24 Shares
Share
Tweet
+1
Share
Reddit
When performing a cumulative update on Exchange 2013 I ran into an issue where the finalization step was hanging as 45%.

When I checked the Exchange Setup logs I saw the following repeated over and over.

Service  'MSExchangePOP3BE' failed to reach status 'Running'  on this server after waiting for '25000' milliseconds.
[WARNING] Service checkpoint has not progressed. Previous checkpoint='0'- Current checkpoint='0'.
Previous service status query time is '7/5/2018 1:35:37 AM'.
Current service status query time is '7/5/2018 1:36:02 AM'.
Will wait '25000' milliseconds for the service 'MSExchangePOP3BE' to reach status 'Running'.

In this instance, the Exchange setup was unable to start the POP3 backend service. Attempting to start the service manually through the Services MMC also failed. Upon checking the System Event Log the following error was reported.

The address is already in use. Binding: 0.0.0.0:9955.

MSExchange POP3 Backend 1018 - The address is already in use. Binding 9995

This error indicates something else was already listening on port 9955, which was preventing the POP3 backend service from starting (and setup from completing). [Read more…] about Exchange Cumulative Update hangs during setup finalization