Exciting Things in Exchange 2019
It has become a sort of a tradition to use the admin’s blog for informing you on what’s new in the newest Exchange Server version. Now, it is time to answer the question: What is new in Exchange 2019?
Judging from the Exchange Server 2019 Now Available post, you could assume that Exchange 2019 does not have a lot of new things to offer. Generally speaking, it follows the same pattern as the previous on-premises editions: It is an Exchange Online that you can install locally. More or less. However, it turns out that there is a lot more going on under the hood. If you have seen the Welcome to Exchange 2019 session at MS Ignite conference, you probably know that there are some changes that are not that obvious but which make the Exchange 2019 release one-of-a-kind.
Use the links below for easier navigation.
- The key development changes
- Exchange 2019 requirements
- Unified Messaging removed
- Security-focused release Exchange
- Scale & performance improvements
- Changes to search
- Client Access Rules
- What is new in Exchange for the end users
- Exchange 2019 roadmap
- Interesting facts about Exchange 2019
The key development changes
As stated during Microsoft Ignite 2018, the newest on-premises release is available only in the Volume Licensing model and is aimed mainly at large enterprises. Greg Taylor started the conference by acknowledging that there are customers who prefer to keep their data on-premises, instead of going into the cloud. No doubt, Microsoft will do everything they can to adapt their online environments to fit even the most demanding security, reliability and dependability needs of the current on-prem users.
Although those statements let us suspect the future of Microsoft’s on-premises server solutions, they do not tell us much about what is new in Exchange 2019. The fact is that to fit the needs of the largest enterprises, which are the most important on-premises users, Microsoft completely redefined the way the on-premises software is built.
From now on, the on-premises Exchange and Exchange Online will have their code branched. What does it mean? The on-premises Exchange will not be an “offline copy” of its online counterpart anymore. Since most on-premises organizations value dependability over innovation, future Exchange 2019 updates will put more stress on security and less on the functionalities department. The ultimate goal is to ensure a consistent on-premises experience. The CU updates with potential functionality changes will be separated from security updates, so that admins can decide what to implement. At the same time, Exchange Online will offer the highest level of innovation. Despite the focus on the innovation, end-user experience and functionalities, the security aspect in unlikely to be overlooked, let’s hope.
Exchange 2019 requirements
A complete list of Exchange 2019 system requirements, is available at this site. Below, I list a shortened version.
- Windows Server 2019 regardless whether it is the Mailbox or Edge Transport role (Windows Server Core is recommended but not required)
- .Net Framework 4.7.2
- AD FFL 2012R2+
- Coexistence with Exchange 2013+ (although there are a few exceptions)
- 128-256 GB RAM for Mailbox Server, minimum of 64 GB for Edge Transport
With the great focus on scalability and performance, the minimum RAM requirement might come as a bit of surprise. According to the documentation, Exchange 2016 required only 8 GB of RAM. As far as I have tested it, small Exchange 2016 organizations worked just fine with 8-16 GB. While it is possible to install Exchange 2019 with less memory, it will not let you experience any of the performance-boosting functionalities.
Almost every official post about Exchange 2019 states that it is recommended to install this newest version of Exchange on Windows Server Core. Mind that it does not mean that you cannot install it with the Desktop Experience.
Unified Messaging removed
With Exchange 2019, Microsoft says goodbye to the UM role. Organizations which use Unified Messaging probably are not thrilled to learn that.
Probably the first question that springs to mind is what happens with voicemail upon migration to Exchange 2019? All UM enabled mailboxes will be disabled. There will be no voice mail or auto-attendant processing or any UM settings available in Outlook, Outlook on the web, or in Exchange Control Panel. The good news is that the existing voicemail will remain in form of attachments. There are a few proposed ways to deal with the lack of this functionality in Exchange 2019:
- Switch to the cloud voicemail. This requires moving to Office 365 or using the cloud voicemail feature as a part of a hybrid environment.
- Use Skype for Business 2019.
- Remain on Exchange 2016 (its extended support ends on 10/14/2025)
- Use third-party voice mail solutions
Microsoft emphasizes that regardless of the chosen substitute for UM, it is crucial to deploy it before the migration. So, for example, the best workflow is to deploy Skype for Business 2019 Server first, and then migrate to Exchange 2019.
Security-focused release of Exchange
Each and every Exchange version was announced to be more secure than the previous one. This time; however, the Exchange development team went an extra mile to ensure maximum security of the newest release.
Even before the official release of Exchange 2019, it was mentioned that Exchange 2019 has been created with Windows Server Core version in mind. The most important reason for this decision is, that’s right, security. You can install Exchange 2019 on Windows Server with Desktop Experience, but you will not be able to take advantage of the improvements mentioned below.
The most obvious advantages of the Server Core edition are that it has smaller footprint, greatly reduced attack surface and less features not crucial for the mail server. Thanks to that, not only the security aspect is strengthened, but also the server’s performance should reach a higher level.
Just to be perfectly clear, installing Exchange on the Server Core version does not mean you will need to switch to using PowerShell for all your administrative needs. All Microsoft Management Console (MMC) tools, like Hybrid Configuration Wizard, Event Viewer or EAC can be used remotely.
A while ago, there was an announcement that TLS versions prior to TLS 1.2 will not be supported. While Exchange environments could still use the older versions of the protocol, it was not recommended. With Exchange 2019, there is no choice: the server does not support TLS 1.1 and older versions. You cannot use old protocols for your own safety.
Scale & performance improvements
Now, let’s get technical. Exchange 2019 has been redesigned to use Server Garbage Collection (GC), instead of Workstation GC. Translating to English, previous on-premises Exchange versions used .NET libraries in Workstation Mode, Exchange 2019 has switched to the Server mode. What is the difference? Simply speaking, the workstation mode is the best when it comes to handling small number of long running applications. It minimizes latency when processes have to run non-stop, but, at the same time, does not allow the server to use the most of its CPU power.
When it comes to the Server GC, it is best for handling a large number of jobs and allows each of those jobs to get all the CPU power of a single core. Server GC can deal with more requests per second and can maximize efficiency whenever multiple processors are used. Thanks to this switch, Exchange 2019 handles more processors – up to 48 per server and makes better use of their power.
Another change is the way Exchange 2019 handles memory. Tiered storage, Metacache database (MCDB) and dynamic cache are the functionalities that redesign the memory usage. All those new features are implemented to maximize performance and minimize latency and it is almost impossible to analyze how they work separately.
Tiered storage enables the server to use SSD (solid-state drive) and good old physical JBOD (just a bunch of disks) storage together. Generally speaking, SSD is much faster but has limited use lifecycle. JBOD is slower but more reliable and much, much cheaper. The idea is to use JBOD to store everything and SSD drives to store the items used the most. How does Exchange Server know what to push to SSD drives? That is thanks to MCDB. This Metacache database stores the newest data, especially smallest items which are best handled by the SSD memory.
Now, whenever user sends a request to the server, it is forwarded to both SSD (MCDB) and JBOD storages. SSD processes requests more quickly and in case of its failure, JBOD automatically takes over. Thanks to MCDB, the server is much quicker to handle small items, search and logon requests.
Finally, dynamic cache. Without it, both passive and active databases were assumed to be active. Now, Exchange identifies which databases are active, allowing a better use of the available resources.
According to what we have been told at Ignite, the combination of tiered storage, MCDB and dynamic cache decreases latency by up to 50%. It is also possible to use larger disks and increase the number of users you can put on a server by 20% (without decreasing performance).
Changes to search
Changes to the search mechanism have become a kind of tradition for the on-premises Exchange releases. This change is codenamed Big Funnel and uses the technology implemented in Bing.
Now before all Google enthusiasts boo this mention, here is what it means for the search mechanism: index files are in each mailbox. This, theoretically, means that problems with unhealthy indexes should become a thing of the past. It also should speed up item search for users. This is good news. In some environments, rebuilding a failed search index has been a frequent maintenance task, and a one quite heavy on the server.
We have yet to learn if and how changes in the search mechanism influence the server-wide search queries through eDiscovery and the Search-Mailbox cmdlet.
Client Access Rules
In Exchange 2019, you can selectively allow or restrict access to Exchange admin center and to PowerShell. The criteria can base on IP Address, authentication type and user property values. Thanks to those rules, it is possible to ensure that there are no unauthorized connections to your Exchange environment, or to allow certain users to use PowerShell for specific time frames.
This functionality sounds useful. There are a few catches, though:
- You can only use the PowerShell to manage Client Access Rules. As a result, you need to be extremely careful not to block PowerShell access for your own account and create a highest priority rule to always allow PS access for the domain admin before anything else.
- Client Access Rules use a cache. Because of that, it is not possible to block someone’s access to administrative tools immediately. The first rule created in an organization can take up to 24 hours before it starts working. After this, any changes to Client Access Rules can take up to 1 hour to take effect.
- Although Exchange 2019 can coexist with its two latest predecessors (Exchange 2013 and Exchange 2016 to be precise), Client Access Rules only work in clean Exchange 2019 environments.
What’s new in Exchange 2019 for end users
Exchange 2019 is neither functionality, nor end-user focused release. That being said, there are some changes to calendars and Out of Office messages, which directly influence end users.
When it comes to calendars, those who organize meetings might notice three changes:
- Default End Date. Although it is the admin who sets it up and benefits the most out of it, those who organize meetings need to know of the change. The default end date eliminates the problem of periodic meetings or events that recur to the end of the world. It might feel cumbersome if someone is used to setting up daily standups or briefings just once. But, at the same time, it makes life easier for those who have to manage organization’s calendars and clear them from potential “ghost meetings.”
- Do Not Forward. A meeting organizer can prevent attendees from forwarding meeting requests to other recipients. The flag works like server-side Outlook rules – you create it in the email client but Exchange enforces it in the transport. Unfortunately, mixed Exchange environments might experience some issues, as Exchange 2013 does not support this. Worth remembering in case of Exchange 2013 and 2019 coexistence.
- Improved calendar management. This, again, helps administrators more than end users. A new cmdlet, Remove-CalendarEvents, lets you use PowerShell to cancel future meetings. For example, when someone takes a leave of absence or leaves the organization, the cmdlet lets you remove (or preview) all meetings organized by this particular mailbox. The mailbox must be mail-enabled to work, as meeting cancellations must be sent out for it to work.
Changes applied to out of office messages include three additional options available while configuring an out of office message:
- Block my calendar for this period
- Decline all meeting requests send for this period
- Decline & cancel all meeting requests sent during this period
The features are self-explanatory and, in my opinion, quite helpful. As long as everyone remembers to set up an out-of-office message before leaving, those options make the task of organizing meetings easier. And prevent the calendar from being spammed while you are away. The only catch is that it seems the new options are not implemented, yet.
Exchange 2019 roadmap
Currently, the planned list of major updates for Exchange 2019 looks like that:
- Deploying on-premises Modern Authentication and block legacy Auth Mechanism (No more NTLM and basic Auth)
- Extending the beforementioned Client Access Rules to protocols other than Exchange Admin Center and PowerShell
- Mailbox encryption using Customer Keys (already implemented in Office 365)
- Changes to Monitoring & Analytics tools
- Blocking RPC over HTTP protocol. MAPI over HTTP is already the default and recommended transport protocol.
Interesting facts about Exchange 2019
Exchange 2019 turned out to be full of surprises when it comes to the release:
- “New to Exchange 2019 is the ability to upgrade your operating system to a newer version while Exchange is installed on Windows Server 2019 or later” (source)
- Exchange 2019 is ready to handle non-English characters in email addresses. While it is possible to send email to and receive it from such addresses, you cannot add a proxy or an accepted domain with special characters just yet. Basically, this Exchange version prepares ground for the change to come.
- Exchange 2019 official release was announced at October 22, 2018 at the TechNet blog. Unfortunately, due to a bug in Windows Server 2019, its rollout has been paused.
- Exchange Server 2019 Public Preview could have been installed on Windows Server 2016 (both Core and with Desktop Experience). The final release requires Windows Server 2019.
- The Windows Server Evaluation media has been announced to be available soon on November 13, 2018 in Update on Windows Server 2019 availability. On January, 4th, still no media is available in the evaluation center (https://www.microsoft.com/en-us/cloud-platform/windows-server-trial). This fact has generated some negative feedback. In the meantime, customers have the option to deploy and test Windows Server 2019 in Azure.
- At the day of this article is published, according to the product lifecycle, Extended Support End Date (also known as the end of life) for Exchange 2016 and Exchange 2019 is the same: 10/14/2025. It does not mean everyone will stop using it right away (I’m looking at you, Exchange 2003 admins!) but that’s the deadline for some companies to migrate to a newer version. If it comes.
This is a short recap of what is new in Exchange 2019. If you would like to learn more about any of the mentioned topics, or feel that I have missed an important feature, let me know in a comment.