Sample script to disable and enable Forefront service during Exchange patching

During the installation of Exchange rollup update for Exchange Server 2007 and Exchange Server 2010, some of the Exchange services e.g. the Microsoft Exchange Transport Service may fail to start. This issue occurs because there is a problem with the way in which the Exchange services interact with Forefront during the patching process. The problem is currently being investigated. However, a suggested workaround is to use a Windows PowerShell script to disable and enable the Forefront Service for Exchange during the installation.

A new feature was introduced in Exchange Server 2007 Service Pack 2 to allow administrator run PowerShell scripts during rollup installation. For more information, please refer to https://msexchangeteam.com/archive/2010/06/02/455063.aspx. The script in this article demonstrates how to use CustomPatchInstallerActions.ps1 file to disable and enable the Forefront service for Exchange utilizing this new feature. However the script can be customized by customers for use with other third party products in this way.

In order to allow installer to find the script file, these criteria must be followed:

1. The script file is named as CustomPatchInstallerActions.ps1

2. The script file is placed under <Exchange installation folder>\Scripts\Customization

3. The script file must have three sections:

  • PrePatchInstallActions : User defined actions that will be performed before the installation starts.
  • PostPatchInstallActions : User defined actions that will be performed after installation has finished.
  • PatchRollbackActions : User defined actions that will be performed after rollback of the installation (due to cancellation of installation).

The details for each section are:

PrePatchInstallActions:

  • Stop related services in this order:
    • MSExchangeSA
    • MSExchangeTransport
    • MSExchangeIS
    • FSCController
  • Disable Forefront service by running "fscutility /disable"

PostPatchInstallActions:

  • Enable Forefront service by running "fscutility /enable"
  • Start related services in this order:
    • FSCController
    • MSExchangeSA
    • MSExchangeIS
    • MSExchangeTransport

PatchRollbackActions:

  • The same as PostPatchInstallActions

A log file named CustomPatchInstallerActions.log will be generated under <SystemDrive>\ExchangeSetupLogs. It can be used to track failures generated during the execution.

NOTE: The script needs to be properly signed otherwise you need to run "Set-ExecutionPolicy Unrestricted" in order to run the script.

You can find the sample CustomPatchInstallerActions.ps1.template script HERE.

Credits to the Exchange SE Team