How to Determine If a Schema Update Is Required During a CU Update for Exchange 2016/2019

Posted by

 How to Determine If a Schema Update Is Required During a CU Update for Exchange 2016/2019




When updating your Exchange 2016 or 2019 server with a new Cumulative Update (CU), it's crucial to determine whether a schema update is required. This ensures that your Active Directory (AD) schema is compatible with the new CU, preventing potential issues. Here’s a step-by-step guide to help you through the process.

1. Check the CU Documentation

Each CU release comes with detailed documentation that specifies whether a schema update is necessary. You can find this information in the release notes or the Active Directory schema changes section

https://learn.microsoft.com/en-us/exchange/plan-and-deploy/active-directory/ad-schema-changes?view=exchserver-2019

Reviewing these documents should be your first step.

2. Review the Exchange Setup Files

The schema changes are included in the .ldf files located in the \\Setup\\Data\\ directory of the Exchange installation files. By examining these files, you can understand the specific changes that will be applied to your AD schema.

Steps to Review .ldf Files for Schema Updates

  1. Locate the .ldf Files:

    • The .ldf files are located in the \\Setup\\Data\\ directory of the Exchange installation files. You need to have access to the Exchange setup files to proceed.

  2. Open the .ldf Files:

    • Use a text editor like Notepad or Notepad++ to open the .ldf files. These files contain the Lightweight Directory Interchange Format (LDIF) data, which specifies the schema changes.

  3. Understand the Structure:

    • The .ldf files include various entries that define changes to the Active Directory schema. Each entry typically includes:
      • dn: The distinguished name of the object being modified.
      • changetype: The type of change (e.g., addmodify).
      • attributes: The attributes being added or modified.

  4. Review the Changes:

    • Carefully review the entries to understand what changes will be applied to the schema. Look for new attributes, classes, or modifications to existing ones.

  5. Cross-Reference with Documentation:

    • Compare the changes in the .ldf files with the official documentation provided by Microsoft. This helps ensure you understand the impact of the changes. You can refer to the Active Directory schema changes documentation for detailed information
      .
Example Entry in an .ldf File

Here’s an example of what an entry in an .ldf file might look like:

dn: CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,DC=cloudmonkeys,DC=xyz
changetype: modify
replace: rangeUpper
rangeUpper: 17003
-

In this example:

  • dn specifies the distinguished name of the schema object.
  • changetype indicates that this is a modification.
  • replace specifies the attribute being modified.
  • rangeUpper is the new value for the attribute.

3. Use the Exchange HealthChecker Script

The Exchange HealthChecker script, available from the Exchange Team's GitHub repository, is a powerful tool that provides detailed information about your current Exchange environment. Running this script can help you determine if your AD schema needs updating


4. Prepare Active Directory

Before applying any schema updates, ensure you have the necessary permissions to extend the AD schema. Follow the guidelines in the Prepare Active Directory and domains documentation to prepare your AD and domains correctly

https://learn.microsoft.com/en-us/Exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019


5. Find the Current Schema Version

You can use a PowerShell script to find the current schema version for Exchange 2016 or 2019. Here’s a simple script you can use:

PowerShell Script to Find Exchange Schema Version
# Exchange Schema Version
$schemaContext = (Get-ADRootDSE).SchemaNamingContext
$schemaObject = "CN=ms-Exch-Schema-Version-Pt," + $schemaContext
$schemaVersion = (Get-ADObject $schemaObject -Property rangeUpper).rangeUpper
Write-Output "Exchange Schema Version: $schemaVersion"

# Exchange Object Version (Domain)
$domainContext = (Get-ADRootDSE).DefaultNamingContext
$domainObject = "CN=Microsoft Exchange System Objects," + $domainContext
$domainVersion = (Get-ADObject $domainObject -Property objectVersion).objectVersion
Write-Output "Exchange Object Version (Domain): $domainVersion"

# Exchange Object Version (Forest)
$forestContext = (Get-ADRootDSE).ConfigurationNamingContext
$forestFilter = "(objectClass=msExchOrganizationContainer)"
$forestVersion = (Get-ADObject -LDAPFilter $forestFilter -SearchBase $forestContext -Property objectVersion).objectVersion
Write-Output "Exchange Object Version (Forest): $forestVersion"

Steps to Run the Script

  1. Open PowerShell as Administrator:

    • Ensure you have the necessary permissions to run the script.

  2. Set Execution Policy:

    • If your execution policy is restricted, you may need to set it to unrestricted:
      Set-ExecutionPolicy Unrestricted -Force

  3. Run the Script:

    • Copy the script into a .ps1 file (e.g., Get-ExchangeSchemaVersion.ps1).
    • Execute the script by running:
      .\Get-ExchangeSchemaVersion.ps1

This script will output the current Exchange schema version along with the object versions for the domain and forest



Conclusion

By following these steps, we can confidently determine whether a schema update is required during a CU update for Exchange 2016 or 2019. Keeping your AD schema up to date is essential for maintaining a healthy and functional Exchange environment.

Location: Chennai, Tamil Nadu, India

Comments

Post a Comment