Exchange Server 2013 SP1 Highlights
On February 25, 2014, Microsoft released Exchange Server 2013 Service Pack 1 (SP1), or Cumulative Update 4 (CU4).
Looking at what SP1 has to offer, you will see not only fixes and enhancements to many existing components, but in addition you will find many new features as well. Key enhancements are found in the areas of security and compliance, architecture and administration, and user experiences. These key enhancements are introduced below.
Security and Compliance
Here you will see improvements in the existing Data Loss Prevention (DLP) feature and the return of S/MIME encryption for Outlook Web App users.
- DLP Policy Tips in Outlook Web App – DLP Policy Tips, the same Policy Tips previously available only in Outlook 2013, are now enabled for Outlook Web App (OWA) and OWA for Devices.
- DLP Document Fingerprinting – DLP Document Fingerprinting expands the capability of allowing you to detect sensitive information such as financial or personal data, to now also detect custom forms used in your organization.
- DLP sensitive information types for new regions – SP1 provides an expanded set of standard DLP sensitive information types covering an increased set of regions. SP1 adds region support for Poland, Finland and Taiwan.
- S/MIME support for OWA – SP1 also reintroduces the S/MIME feature in OWA, enabling OWA users to send and receive signed and encrypted email. This capability is supported when using OWA with Internet Explorer 9 or later (but not for Chrome, Firefox, or Safari). This is functionality that was removed as part of the transition in OWA architecture to deal with multiple device display formats. With Exchange 2013 SP1, S/MIME is supported across Outlook, OWA, and Exchange ActiveSync clients. The Set-OWAVirtualDirectory cmdlet has been updated to allow S/MIME to be enabled or disabled on a server.
Architecture & Administration
These improvements will primarily aid in better meeting customer requirements.
- Windows Server 2012 R2 support – Exchange 2013 SP1 adds Windows Server 2012 R2 as a supported operating system and Active Directory environment for both domain and forest functional levels.
- Exchange Admin Center Cmdlet Logging –Exchange 2010 and Exchange 2007 both provided PowerShell cmdlet logging functionality. This functionality is now included in the Exchange Admin Center (EAC). The logging feature enables you to capture and review the recent (up to 500) commands executed in the EAC user interface while the logging window is open. Logging is invoked from the EAC help menu and continues logging while the logging window remains open.
- ADFS for OWA – Also new for Outlook Web App in SP1 is claims-based authentication for organizations using Active Directory Federation Services..
- Edge Transport server role – SP1 also reintroduces the Edge Transport server role. If you have deployed Exchange 2013 with a supported legacy Edge Transport server, you don’t need to upgrade. That configuration is still supported. Microsoft, however, does recommend that future deployments use the Exchange 2013 Edge Transport role. And it is worth mentioning that the addition of an Exchange 2013 Edge server is quite different from its predecessors in that all administration must be done from PowerShell, so some additional thought and planning may be required.
- MAPI/HTTP – SP1 introduces a new communication method for Exchange Server and Microsoft Outlook called MAPI over HTTP (MAPI/HTTP). RPC is an old mechanism that struggles with the kind of unreliable and often flaky networks (such as public Wi-Fi) that is used so often today. It is hoped that the removal of a layer will make client connections more robust and easier to maintain. MAPI over HTTP makes Outlook connections behave much more like those from EWS, EAS, and OWA clients and should (hopefully) mean that Outlook is better able to cope with scenarios such as resuming from hibernation, network or adapter transitions, network failures, etc.MAPI/HTTP is disabled by default, allowing you to decide when to enable it for your organization. MAPI/HTTP can be used in place of RPC/HTTP (Outlook Anywhere) for your Outlook 2013 SP1 clients while Outlook 2013 RTM and older clients continue to use RPC/HTTP.
- Simpler DAGs –Windows Server 2012 R2 provides the capability of creating DAGs without Cluster Administrative Access Points (in other words, an “IP-less-DAG”). These DAG configurations allow Exchange to entirely manage the DAG, which means the following are no longer required: no IP addresses or IP address resource, no network name resource, and no cluster name object. SP1 enables you to create a DAG without an administrative access point on Windows Server 2012 R2 from EAC or PowerShell. This is an optional DAG configuration for SP1 and requires Windows Server 2012 R2. And remember that the requirement that all of the member servers in a DAG must run the same operating system continues, which means that if you want to deploy Windows 2012 R2, you might have to rebuild DAGs. DAGs with administrative access points continue to be supported.
- SSL offloading – SP1 now supports SSL offloading, allowing you to terminate incoming SSL connections in front of your CAS servers and move the SSL workload (encryption & decryption tasks) to a load balancer device.
The user experience is crucial to running a great messaging platform. The following should help users work faster and smarter.
- Enhanced text editor for OWA – OWA now uses the same rich text editor as SharePoint, thereby improving the user experience, and enabling several new formatting and composition capabilities that you expect from modern Web application – more pasting options, rich previews to linked content, and the ability to create and modify tables.
- Apps for Office in Compose – Mail apps are now available for use during the creation of new mail messages. This allows developers to build and users to leverage apps that can help them while they are composing mails. The compose apps leverage the Apps for Office platform and can be added via the existing Office store or corporate catalogs.
As with all cumulative updates (CUs), SP1 is a full build of Exchange, and the deployment of SP1 is just like the deployment of a cumulative update. Straight forward and simple, for the most part. However, shortly after the release of SP1, a problem with third-party transport extensibility agents that prevented the Transport services restarting following an upgrade to Exchange 2013 SP1, or in some cases prevented the installation of the agents with Exchange 2013 SP1, was discovered. A hotfix has been released to solve this issue. Consult KB 2938053 for more information on this hotfix.
You can find references to this information, as well as more details at the following locations:
You can also learn more about Exchange Server 2013 in the following courses scheduled at LRS Education Services:
Microsoft course 20341: Core Solutions of Microsoft Exchange Server 2013
Microsoft course 20342: Advanced Solutions of Microsoft Exchange Server 2013
These courses may be available to attend using our Virtual Training Platform. Click HERE for a demo!
Please let me know if you have any questions or if you would like more information regarding Exchange 2013 courses scheduled at LRS Education Services.
MCT, MCSA, MCITP, MCTS, MCSE, MCP
LRS Education Services
(877) 832-0678 x1493 toll free