Patching an Exchange 2010 DAG cluster

Prerequisites:

• Download the maintenancewrapper.ps1 script:
• http://blogs.technet.com/b/exchange/archive/2013/04/10/preserving-activation-blocks-after-performing-dag-member-maintenance.aspx
• Check out the collection of commands that I use for checking the DAG status (checkpam.ps1):
• http://zombiecipher.blogspot.com/2013/11/powershell-scriptcommands-to-check-dag.html
• Make sure to have the Exchange scripts copied locally and preferably add its path to your environment variables for Windows:
• C:\Program Files\Microsoft\Exchange Server\V14\Scripts

Move the PAM and cluster manager, place server into maintenance mode and patch

1. Login to the server you want to patch. Note that the maintenancewrapper script should be run on the server you want in maintenance.
2. Run Exchange Management Shell as administrator (right-click → run as administrator).
3. Run the following command to allow unsigned scripts to be run:
• set-executionpolicy unrestricted
4. Move the cluster manager/PAM to another active server (Note: "cluster group" is the default name given by the cluster service):
• cluster.exe group “cluster group” /moveto:[ServerName]
5. Run the maintenancewrapper to put the server into maintenance mode and move the database(s) to the other server (must be run on the server being placed in maintenance mode):
• maintenancewrapper.ps1 –server [ServerName] –action start
6. Run one of the following to verify that the server is in maintenance mode and that the PAM and database have been moved:
• This script will give you quite a few stats for the cluster and servers (See prerequisites above for the commands/script):
• checkpam.ps1
• This command will list the PAM and any servers in maintenance along with the server containing the mounted database:
• get-databaseavailabilitygroup -status | fl name,primaryactivemanager,serversinmaintenance;get-mailboxdatabase | fl server,name
• If the database and PAM do not move, run the following to force it over:
• move-activemailboxdatabase -identity ["Mailbox Database"] -activateOnServer [ServerName] -mountdialoverride ‘none’
• If the move command above does not work, suspend the database copy on the target server for a few seconds, then re-enable it and run the move command again.
• Suspend the target database copy:
• Suspend-MailboxDatabaseCopy -Identity "mailbox database\server" -SuspendComment "Maintenance on MBX1" -Confirm:$False
• Resume the target database copy:
• Resume-MailboxDatabaseCopy -Identity "mailbox database\server"
7. Assuming your server is in maintenance mode and the PAM and cluster are active on the other server, patch and reboot.
8. Once patches complete run the following to remove the server from maintenance mode, make it the PAM, move the cluster back to it, then verify using checkpam script (make sure to run this on the server which is in maintenance):
• This command stops maintenance mode, reinstates the server as the PAM and activates the database copy:
• maintenancewrapper.ps1 –server [ServerName] –action stop
• This command will move the cluster manager back to this server:
• cluster.exe group “cluster group” /moveto:[ServerName]
9. Run checkpam to verify your work and get the health of the DAG:
• checkpam.ps1
10. Run through these steps for each remaining server to be patched.