Merge pull request #2012 from microsoft/Batre-MSFT-patch-3

Update Emerging-Issues.md
microsoft · Feb 20, 2024 · 16141ba · 16141ba
2 parents 77886de + f043ac2
commit 16141ba
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/docs/Emerging-Issues.md b/docs/Emerging-Issues.md
@@ -9,6 +9,7 @@ This page lists emerging issues for Exchange On-Premises deployments, possible r
 
 |**Updated on** | **Update causing the issue**| **Issue**| **Workaround/Solution**
 |-|-|-|-|
+2/20/2024     | [CU 14 for Exchange 2019](https://support.microsoft.com/KB/5035606)             | Environments that are using SSL offloading configuration may face issues with Outlook connectivity issues after upgrading to Exchange 2019 CU14.  | As announced in [August 2023](https://techcommunity.microsoft.com/t5/exchange-team-blog/coming-soon-enabling-extended-protection-on-exchange-server-by/ba-p/3911849) , by default, starting with CU14, Setup enables the Windows Extended Protection (EP) feature on the Exchange server being installed. Extended Protection isn't supported in environments that use SSL Offloading. SSL termination during SSL Offloading causes Extended Protection to fail. To enable Extended Protection in your Exchange environment, you must not be using SSL offloading with your Load Balancers. Please check [this link](https://learn.microsoft.com/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-extended-protection?view=exchserver-2019#scenarios-that-could-affect-client-connectivity-when-extended-protection-was-enabled)  for more details
 2/19/2024     | [CU 14 for Exchange 2019](https://support.microsoft.com/topic/5036404)             | Exchange 2019 CU14 RecoverServer fails while creating "New-PushNotificationsVirtualDirectory" with following error: <BR><BR>Exception setting "ExtendedProtectionTokenChecking": "Cannot convert null to type "Microsoft.Exchange.Data.Directory.SystemConfiguration.ExtendedProtectionTokenCheckingMode" due to enumeration values that are not valid.<BR>  | Please follow the steps from [this KB](https://support.microsoft.com/topic/5036404) to resolve the issue
 11/23/2023     | [November 2023 Security Update](https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2023-exchange-server-security-updates/ba-p/3980209) for Exchange 2016, Exchange 2019                | Some customers may find queue viewer crashing with error <BR><BR>"Failed to enable constraints. One or more rows contain values violating non-null, unique, or foreign-key constraints" | The error can occur if the Exchange server auth certificate has expired. Solution is to renew the [Exchange server auth certificate manually](https://learn.microsoft.com/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired) or by using [this script](https://microsoft.github.io/CSS-Exchange/Admin/MonitorExchangeAuthCertificate/)
 10/12/2023|[All versions of August 2023 Security Update](https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/ba-p/3892811) for Exchange 2016, Exchange 2019 | Users in account forest can't change expired password in OWA in multi-forest Exchange deployments after installing any version of [August 2023 Security Update for Exchange servers](https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2023-exchange-server-security-updates/ba-p/3892811) <BR><BR>**Note**<BR> The account forest user will be able to change the password after they sign in to Outlook on the web if their password is not yet expired. The issue affects only account forest users who have passwords that are already expired. This change does not affect users in organizations that don't use multiple forests.|** Update on 10/12/2023 ** <BR><BR> Follow steps on [this article](https://support.microsoft.com/topic/users-in-account-forest-can-t-change-expired-password-in-owa-in-multi-forest-exchange-deployments-after-installing-august-2023-su-b17c3579-0233-4d84-9245-755dd1092edb)