Exchange Health Checker has a new home

Today, we are happy to announce that the Exchange Health Checker PowerShell script has a new home: it is now part of the Microsoft CSS-Exchange repository on GitHub!

With the new home comes a new versioning specification. Before the move, the version schema was structured like this:

MAJOR.MINOR.PATCH (e.g. 3.1.2)

The new version uses the following specification:

YEAR.MONTH.DAY.HOURMINUTE (e.g. 21.04.21.1135)

We auto generate the version number during our script build process. This will be updated every time we change any file that the Health Checker uses, to show the latest commit. Because the Health Checker is within a large collection of scripts, each release that is posted might not include a new change for the Health Checker.

We strongly recommend checking for a new version before running the Health Checker script to make sure to benefit from the latest checks and improvements. The script does the update check automatically in case the system has connectivity to the internet and tries to update itself independently.

If your system does not have any connectivity to the internet, simply download the latest version from: https://aka.ms/ExchangeHealthChecker.

We did lots of code optimizations with the latest version (initially released in November 2020). This code optimization makes it easier to add things to the main report output and the HTML report and helps keep them in sync. If you were running older versions of Health Checker, you (hopefully) noticed a large difference in the formatting output to help make the report look more organized and cleaner.

Please note that Health Checker no longer supports Exchange 2010 (End of Life since 10/13/2020). So, if you still running Exchange 2010 (or Exchange 2013 on Windows Server 2008 R2, talking about EOL products), you should move to a supported Exchange and/or operating system version or consider moving to Exchange Online.

A long-term goal is to have Pester testing being built with the script. The breakout of the script and new organization of code provides the foundation for unit testing with Pester. Results will be more efficient checks and fewer False-Positives (FP) / False-Negatives (FN), or bugs.

If you are interested to track our open work items, you can find them here.

Last but not the least, all scripts on Microsoft CSS-Exchange repository are digitally signed when they are released. You can verify the signature by running the Get-AuthenticodeSignature cmdlet. Example:

Get-AuthenticodeSignature -FilePath “C:TempHealthChecker.ps1”

Some of the checks performed by the Exchange Health Checker script

  • General information about the server
    • Server name
    • Exchange version
    • Build number
    • Support state of the Exchange version in use
    • Server role
    • MAPI/HTTP status
    • DAG Name
    • AD Site
  • Server maintenance state
  • Operating system information
    • Version
    • Uptime
    • Time zone
    • Dynamic daylight time status
    • .NET Framework version in use and recommended version
    • Page file size and recommended size
    • Power plan
    • HTTP proxy settings
  • Processor/Hardware Information
    • Multiple information and recommendations for physical or virtual environments
    • Processor recommendations
    • Memory recommendations
  • Network interface controller (NIC) settings, grouped by adapter
  • Check if Visual C++ redistributable is current
  • TCP KeepAliveTime configuration
  • RPC minimum connection timeout settings
  • LmCompatibilityLevel
  • FIPS algorithm policy status
  • CtsProcessorAffinityPercentage settings
  • Credential Guard state
  • TLS settings for TLS 1.0, 1.1 and 1.2 and check if the configuration is correct
  • Certificates on the system and their validity (for example: lifetime, revocation status…)
  • Certificate used in Auth configuration
  • We check if Exchange Web App Pools GC server mode is enabled or not and display the state of each App Pool
  • Exchange vulnerabilities and weak server configuration (for example: SMBv1 settings)

Roadmap… features to come

We are working on more features to make the Exchange Health Checker even better. Here are some of our major improvements which are in development right now and will be available in the Exchange Health Checker in near future:

  • Include more documentation on GitHub pages as a one-stop shop (work in progress). GitHub pages will contain information about every check and cover the why, how the check is done, and how to resolve the issue (if applicable). They will also provide links to relevant Microsoft resources for each specific topic.
  • Unit tests by using Pester framework.
  • Provide the ability to pass multiple servers to the script (aka Pass Server List) instead of running the script for each server.
  • Ability to write out a HTML load balancing report.
  • Check for Exchange hybrid setup.
  • Continue to add checks for additional cases that can be quickly collected.

I have some feedback for you. How can I get in contact with the developer team?

There are several ways to provide feedback. The best one is to file a work item (issue) on GitHub. Just go this way and let us know.

You can also drop us an email to: extoolsfeedback [AT] Microsoft [DOT] com

Finally, there is the comment section at the bottom of this blog post. In case of a feature request or issue report, options above are the fastest/best to bring those to our attention.

We hope you like our script, and we are looking forward to your feedback!

David Paulson and Lukas Sassl


Source link

Share this post via

Leave a Reply