Why AAD Connect auto upgrade doesn't always upgrade

Monday, November 16, 2020

Azure AD Connect is a crucial component used to sync user accounts and enable mailboxes on-premises to be migrated to Microsoft 365. Not only does it synchronize accounts from Active Directory to Azure Active Directory, it also is used to configure authentication, provides ways for you to filter objects to sync, enables Exchange hybrid, allows for self-service password reset, enables seamless single sign-on, and more.

AAD Connect receives regular updates that include bug and security fixes as well as feature enhancements. Updates are normally delivered using AAD Connect's auto upgrade feature which is normally enabled by default. You can easily check to see if auto upgrade is configured by running the following cmdlet from your AAD Connect computer:


Auto upgrade may be disabled if your deployment is more complicated (i.e., if you're using SQL Server instead of localDB, etc.) or if your admin has manually disabled it.

If AAD Connect auto upgrade is enabled, you may assume that it will automatically upgrade your AADC instance whenever a new version is released. That's not always the case. Clarification about this was recently added to the Azure AD Connect: Version release history website:

To clarify the use of Auto Upgrade, it is meant to push all important updates and critical fixes to you. This is not necessarily the latest version because not all versions will require/include a fix to a critical security issue (just one example of many). An issue like that would be addressed with a new version provided via Auto Upgrade. If there are no such issues, there are no updates pushed out using Auto Upgrade, and in general if you are using the latest auto upgrade version you should be good. However, if you’d like all the latest features and updates, the best way to see if there are any is to check this page and install them as you see fit.

Please follow this link to read more about auto upgrade.

In other words, auto upgrade will only upgrade if your version of AAD Connect needs it. This is similar to the way that Microsoft Update only applies updates for roles and features that are installed in Windows.

If you still want to manually install the latest version, simply download it from the Microsoft Azure Active Directory Connect website and install it. The current version number is listed in the Details section.

Read more ...

Recap of Exchange and Outlook News for Microsoft Ignite 2020

Thursday, October 1, 2020

I wrote up a recap of the exciting Exchange and Outlook news and announcements from Microsoft Ignite 2020.

There were a number of important announcements and quite a bit of technical content published on-demand. Most of it is still available on the Virtual Hub. Read all about it on the Enow Software blog.

Read more ...

List of Known Issues with iOS 14

Friday, September 25, 2020

The following is a list of known issues with Apple iOS 14:
  • The default browser/mail app selection will be reset after the restart of iOS/iPadOS. This is an iOS14 issue, Apple is aware of the issue. (Fixed today with iOS 14.0.1, check your updates)
  • If the default browser is set to a browser other than Safari, Teams cannot open links. Teams is aware of the issue and is investigating.
  • Apps that rely on MFMailComposeViewController will be directed to the Mail app even when the default mail app is set to a different mail app. This is an iOS14 issue, Apple is aware of the issue.
  • mailto:// links will launch the Mail app if the Mail app has an account profile, even when the default mail app is set to a different mail app. This is an iOS14 issue, Apple is aware of the issue.
  • Notifications previews do not show sender/subject/preview and instead show "Open Outlook to read this message" when the device is enrolled and Outlook is pinned to the management profile. The Outlook team is working with Apple to investigate the issue.
  • On enrolled devices, OneDrive cannot be accessed through the FileProvider API when the app is pinned to the management profile and opening documents from managed to unmanaged apps is not allowed. The same behavior occurs with Google Drive. Apple is aware of the issue.
I will update these items as I get updates.

Read more ...

Announcing Microsoft Exchange Server vNext!

Tuesday, September 22, 2020

Some really exciting Exchange Server news was announced for on premises customers at the Microsoft Ignite virtual conference today! 

Microsoft will be releasing the next versions of Exchange Server, SharePoint Server, and Skype for Business Server the second half of 2021.  These new on-premises server versions will only be available with the purchase of a subscription license, using a similar subscription model to Microsoft 365.

The name for these new on-premises server products has yet to be announced, but it is likely that Microsoft will drop the year from the version name since the new subscription server will be evergreen. Pricing and availability will be announced closer to the release date.

It's important for on-premises customers to know and stay on top of the Exchange Server product lifecycle policies for support and planning.


End of Mainstream Support

End of Extended Support

Exchange Server 2010



Exchange Server 2013



Exchange Server 2016



Exchange Server 2019



As mentioned in the article, Exchange Server 2016 and the End of Mainstream Support, CU19 is the last planned update for Exchange Server 2016 and is due in December 2020. After December 15, 2020, only CU19 or its successors will receive critical updates.

Exchange Server Upgrade Planning

In the near-term, customers who plan to stay on-premises should upgrade to Exchange Server 2019 ASAP to maintain both critical security and non-critical feature updates. This will also put your organization in the best position for when Exchange Server vNext is released in the second half of 2021.

You'll be able to install Exchange Server vNext into an org with Exchange Server 2013, 2016 or 2019. That's one more version than they used to support. And for the first time ever, you'll be able to perform an in-place upgrade from Exchange Server 2019 to Exchange Server vNext. Even in the same DAG. This will make it the easiest Exchange upgrade ever!

The bottom line is, if you're going to be staying on-premises long term - start planning and installing Exchange Server 2019 today!

New hybrid customers or customers who plan to keep some mailboxes on-premises should definitely upgrade to Exchange 2019 and later, Exchange Server vNext when it's released.

Hybrid customers who have completed migrating all their mailboxes to Exchange Online can continue to use their existing Exchange 2016 server for hybrid management. Microsoft hopes to deliver a serverless management solution soon, but it will later than the CU19 release.

Other Exchange and Exchange Online News

Another important bit of news on hybrid is that the new HCW will support establishing a one-to-many on-premises to cloud tenant configuration. This is helpful for divestments and customers with multiple tenants. Just be aware it only works for Exchange 2016/2019 and Hybrid Modern Auth only works with one tenant.

Microsoft is also opening the distribution of the Exchange Server 2019 Capacity Calculator. It previously was available only to Volume License customers. You can get it from https://aka.ms/ExCalc

"Plus Addressing" is now GA in Exchange Online. This lets users create "disposable" email addresses based on their primary email address. This lets users know where their email addresses are being leaked and create Inbox rules to handle them.

View the on-demand session, Exchange, Here, There and Everywhere, delivered by the ever-so-suave Greg Taylor.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 

EXPTA Consulting provides professional upgrade, migration, and hybrid services for on-premises customers of all sizes. We specialize in Exchange, Microsoft 365, Active Directory, and identity solutions and pride ourselves on customer satisfaction.

Examples where we provide turn-key solutions or can work with your IT staff include:

  • Exchange and Active Directory Health Checks
  • Exchange on-premises upgrades and configuration
  • Exchange hybrid configuration and migrations to Exchange Online
  • Hybrid Modern Authentication (MFA) for Exchange on-premises
  • Public Key Infrastructure (PKI) design and deployment
Contact us today for a free consultation.

Read more ...

Roaming Signatures Update for Outlook for Windows

Monday, September 21, 2020

Microsoft announced that it will be rolling out roaming signatures soon in Outlook for Windows. It's expected that this feature will come to Exchange Online for now. Customers using third-party signature solutions will want to prepare for this. Review Outlook roaming signatures options.

(Updated) Outlook for Windows Introduces Roaming Signatures

MC215017, Plan For Change, Published date: Jun 2, 2020

Major update: Announcement

Applies To: All

This message is associated with Microsoft 365 Roadmap ID 60371

When this will happen

We will begin rolling this out to Microsoft 365 Monthly Channel, Targeted, in late September (previously July). (This is Insiders Slow Channel which will soon be called Microsoft Beta.)

We expect to roll this out to the Monthly Channel, Production, in late October (previously August).

How this will affect your organization

The feature is on by default.

Traditionally, signatures were stored locally on a user's Windows device. With this feature, signatures will now be associated with an email account.

Signatures will be stored in the user mailbox and will be available on any devices running Outlook for Windows that has been configured with that email account.

When the feature becomes available, Outlook will read the existing local signatures. Outlook will copy signatures selected as default for New messages or Replies/forwards to the account mailbox, making them available across multiple devices.

What you need to do to prepare

The feature is on by default.

Because this new feature is changing how Outlook manages signatures stored on a local drive, third-party add-ins which provided this functionality will no longer work when this feature is enabled. Learn how to mitigate this for your users.

I know a lot of customers like me are looking forward to this update!

Read more ...

Get ready for Ignite 2020!

Friday, September 18, 2020

Microsoft Ignite 2020 is virtually just around the corner (see what I did there?). Get ready for two days of jam-packed content, so set your OOF for September 22-23 so you can join in for all the goodness uninterrupted.

The Exchange Team published a blog article listing all the sessions around Exchange and Outlook. These include Roadmap Sessions, which focus on what's new and upcoming, and Technical Deep Dives and Walk-Throughs, that take you through the specifics of a particular area of interest. There are also many Learning Path sessions describing how to use technologies to deliver successful solutions to your business.

Of particular note, you'll want to see Exchange - Here, There and Everywhere. This is one of the many pre recorded sessions that you can watch on-demand. Look here for exclusive information about about Microsoft's plans for the future of both on-prem and cloud. This is a must-see presentation for planning and forecasting so sign-up here.

When completing your Schedule Scheduler, you'll notice that sessions have two options -- Save to Backpack (for pre-recorded on-demand sessions) or +Add to Schedule (for live digital breakout sessions). If you can't attend the live session you can add it to your backpack to watch later. Live community events will have an RSVP button where you can save a virtual spot.

While no one will argue that an in-person event is preferred, this virtual event promises to deliver some really good content in a way that everyone can consume on their own schedules. "See" you there!

Read more ...

Microsoft 365 Retention Policy shows "Exchange: 1 distribution result(s) found - Notify Support"

Thursday, September 3, 2020

Microsoft 365 retention policies are configured from Policies in the Microsoft 365 Compliance Center (https://compliance.microsoft.com). You can create retention policies to keep and or delete data in Exchange email, SharePoint sites, OneDrive accounts, Office 365 Groups, Skype for Business, Exchange Public Folders, and Teams channel messages and chats.

When setting up a new retention policy it defaults to configure a policy for Exchange email, SharePoint sites, OneDrive accounts, and Office 365 Groups.

As of this writing, separate retention policies are required for Microsoft Teams data.

If you select Exchange Public Folders but you don't have them in Exchange Online, the policy will show an error saying, "1 distribution result(s) found". The Exchange location has the details, "Recipient not found" and the Action will say, "Notify support".

This isn't a very helpful error message. "Recipient not found" means that the policy couldn't locate the Public Folders mailbox. 

To fix this, simply edit the policy to not include Exchange Public Folders and save it. The policy status will change to "On (pending)" while the change is replicated through all the services. In a short while the status will change to "On (success)".

Read more ...