Exchange 2007 SP2 – Upgrade + Fallout

Last night I upgraded our Exchange 2007 box to Service Pack 2.  All in all, things went well for such a major service pack.  The total upgrade process, including prerequisite work, took about 2 hours.  Let's walk through the process including some fallout that happened after the update finished.

Useful Info
Before the upgrade, I was running Exchange 2007 SP1 Update Rollup 8.  I had not installed UR9 yet.  We are running Exchange as a VM (Virtual Machine) inside VMWare ESX 3.5u4.  The box itself has 2 vCPU, 16gigs of RAM, and 400+ gigs of mailstore in a half dozen databases.  My VM sits in a 4-host cluster with about 40Ghz of processing power and 128gigs of ram.

Prerequisite Environment Changes
As usual, before a major Service Pack – there are a list of prereq's for the install.  For Exchange 2007 SP2, the details and pre-req's are outlined well on the EHLO blog.

Let's start off with Windows Installer 4.5 – you can download that here.  Start the install:

Screen shot 2009-09-03 at 6.24.03 PM 

Next

Screen shot 2009-09-03 at 6.24.12 PM 

Accept the EULA.  Next.

Screen shot 2009-09-03 at 6.24.19 PM 

Great.  You're done.  Now, reboot.

Now, let's extend the AD Schema.  What?  Yup, Exchange 2007 SP2 includes a Schema extension to support Exchange 2010.  You can read more about that on the EHLO blog.  Excerpt below:

For those of you that haven't been keeping abreast of the work we
are doing in Exchange 2010, Exchange 2007 SP2 is required for
coexistence with Exchange 2010. This enables support for coexistence
like ensuring Exchange 2010 mailbox Autodiscover requests that are
received by CAS2007 are redirected to the appropriate CAS2010 and
enabling ActiveSync proxy support between CAS2010 and CAS2007.

Therefore,
to minimize the number of times you have to perform a schema extension,
we decided to include the Exchange 2010 RTM schema. For those of you
that are planning to upgrade your Exchange 2007 environments to
Exchange 2010, this will reduce the number of schema extensions you
have to perform. Once you extend the schema with Exchange 2007 SP2, you
will not have to extend the schema with Exchange 2010 RTM.

However
there are direct benefits with deploying the Exchange 2010 schema with
Exchange 2007 SP2. One of the new features in Exchange 2007 SP2 is the
ability for administrators to control certain settings at the
organization level that originally were configured via configuration
files; the schema changes have enabled us to move some of these
settings now into AD. Expect to hear more about this in a future blog
post.

Anyway, let's start.  Drop to an administrative command prompt.

Screen shot 2009-09-07 at 10.04.31 PM 

You're going to run "setup /PrepareSchema" – and wait…

Screen shot 2009-09-07 at 10.23.16 PM 

Great.  That's done.  This took about 20-25 minutes for me.

Now, let's Prepare Active Directory.  Again, back to an administrative command prompt.

Screen shot 2009-09-07 at 10.23.34 PM 

You're going to run "setup /PrepareAD" – and wait…

Screen shot 2009-09-07 at 10.25.02 PM 

Great.  That's done too.  This only took a few minutes for me.

Awesome, now, launch the Exchange 2007 SP2 Setup Program.

Screen shot 2009-09-07 at 10.25.41 PM 

Choose Install.

Screen shot 2009-09-07 at 10.26.39 PM 

Yup.  This is what we want.  Click Next.

Screen shot 2009-09-07 at 10.26.52 PM 

Accept the EULA.  Next.

Screen shot 2009-09-07 at 10.33.37 PM 

Now, the SP2 installer will run through some readiness checks.  Be sure you've shutoff any Antivirus or "backup agents" that might be running.  All looks good.  Click Upgrade and sit back and watch.

Screen shot 2009-09-07 at 11.13.11 PM 

Okey dokey.  On my box, this took just over 36 minutes.  All is well.  For good measure, when I run large updates, I reboot my Exchange box.  So, let's do that.

Box rebooted, email clients re-attach and mail flows… except… Blackberry…

Blackberry Fallout
Yup, Blackberries.  Blackberry interacts with Exchange via the MAPI/CDO tools.  This Exchange SP2 upgraded the MAPI/CDO installed version – and – Blackberry wants those to match.  Simple enough.

So, on my Blackberry server – I downloaded the latest MAPI/CDO installer.  I ran it.  Then I rebooted the Blackberry server.  As soon as it came back online, the service started and mail again started to flow properly on my BES handhelds.

OWA Redirect
I have a simple index.asp redirect set so if you go to http://mail.domain.com – it will automatically redirect to the HTTPS OWA https://mail.domain.com/owa landing page.

<% Response.Redirect "https://mail.domain.com/owa" %>

For some reason, Exchange 2007 SP2 broke my redirect.  It didn't change the file itself, but, it did adjust the security settings of my "Default Web Page" inside IIS.  I re-adjusted those and my OWA redirect worked again.

Anyway, that's that.  All is well.  I'm sure there will be other random goodies that pop up over the next few days, but these were the "big" gotchas and they were resolved in a matter of minutes.  I'm looking forward to learning more about the new Schema inclusions for Exchange 2007 SP2 – and I'm looking foward to learning more about Exchange 2010!  How about you?

6 thoughts on “Exchange 2007 SP2 – Upgrade + Fallout

  1. Excellent! I’m getting ready to do my Exchange 2007 SP2 update in the next week or so. We also run BES. Thanks for the great blog post!

    Cisco

  2. Hey Cisco–

    No worries. Glad you find it helpful. Whenever I see your name on here, or my twitter timeline, I always laugh… I **just** finished a Cisco network conversation… and then see your post.

    Anyway, let me know how your upgrade goes. I expect a better blog from than this from you… 🙂

    –DW

  3. Ahhhh, the IIS redirect was disabled! Great post. My SP2 upgrade went great, the IIS issue was the only one that came up.

    Thx my brother

  4. What did you do to fix the Default Website HTTP Redirect? I have the same problem and now I can’t rediect OWA from http to https if I enable it it gives me the “403-Forbidden access denied” error
    I would very much appreciate your help.
    cheers
    Marc

  5. Marc–

    It’s been several years, and honestly, I forgot how I did this with Exchange 2007.

    However, I just went through this same process with Exchange 2010 and followed this resource here: http://www.ucblogs.net/blogs/exchange/archive/2010/04/28/Redirecting-the-root-web-site-to-_2F00_owa-and-forcing-SSL-in-Exchange-2010.aspx

    I’m sure you can follow / translate that to Exchange 2007.

    And, there’s a great Exchange Ninja’s script to help with all the various Virtual Directories – again – this is the 2010 version but you can adjust/translate

    http://virtualbarrymartin.me/2009/12/29/how-to-setup-exchange-2010-to-use-a-single-certificate-for-internal-and-external-use/

    Hope that helps. Good luck!

    –DW

  6. Hey Daryl,

    I never did make the SP2 update. I did, however, do the SP3 update this evening in preparation for our Exchange 2010 migration this summer. I remembered you had an awesome post, so I checked it out again and it reminded me about the BES MAPI/CDO updates needed. Thanks again for the awesome posts that you always do. I’m looking over your Exchange 2010 posts as well. I’m sure they will help greatly! 🙂

    Thanks dude!
    Cisco

Comments are closed.