Monday, 16 July 2018

.NET Framework 4.7.2 Breaks AAD Connect and Exchange

Hi There,

Time for a new post.

Microsoft made .Net Framework 4.7.2 available on Windows Update on 10 July 2018, just about a week ago. As an "Important / Recommended" update, it gets under the radar at many organizations where all "Important" updates are installed as default practice. .NET updates used to come as "Optional". This time, however, Microsoft deemed this update "Important" for whatever odd reason that escapes me.

Although Microsoft "strongly recommends" the installation of this update, reports have emerged that it doesn't play nicely with AAD Connect. and Exchange. Specifically, CPU utilization of the Microsoft.Identity.Health.AadSync.MonitoringAgent.Startup.exe process goes through the roof, grinding the server to a halt:


Secondly, Microsoft has not (yet) updated the Exchange server prerequisites to reflect support for .NET Framework 4.7.2 - see https://docs.microsoft.com/en-us/exchange/plan-and-deploy/system-requirements:


Sure enough, the update bricks the Exchange OWA and ECP portals too. After you log on, you get a pristine, white browser window, devoid from anything:


I thought OK, let's rebuild some virtual directories. Well, for that I need EMS - as long as it works. It fell flat too:


In fact, looking at the IIS logs, it becomes clear that pretty much everything has gone south.

As recovery steps, first I removed .Net 4.7.2 as some sources indicate on the Internet. Unfortunately that didn't fix the AAD Connect high CPU problem - it returned after an hour or so. And it certainly didn't fix the Exchange problem.

As far as Exchange is concerned, I tried the following:

  • Removed .Net 4.7.2
  • Removed and reinstalled .Net 4.7.1
  • Installed Exchange 2013 CU21 - the server was a tad outdated, on CU13

No joy. The screenshots above were taken after the recovery attempt.

My recommendation to you, dear reader, is to block the installation of .Net 4.7.2 for the time being. It is NOT an "important" update, no matter how much Microsoft would like you to believe.

The update can be blocked with a Registry setting, as documented at KB4342394.

I am in for rebuilding the Exchange server bricked by Microsoft's (not so) "important" .Net update. Thank you Mr. Microsoft, yet another .Net blunder to add to the list.

Happy patching!

Add-Endum

Microsoft has come to its senses and re-published .NET Framework 4.7.2 where it belongs, under "Optional" updates.



11 comments:


  1. This blog gives very important info about .Net Thanks for sharing
    .Net Online Training

    ReplyDelete
  2. Excellent work. There is a growing demand for Dot Net developers across the globe in 2021. If are wish to learn Dot Net development with industry experts we can help you. Softlogic Systems is a Chennai based institute. We provide top quality hands-on training for Dot Net Development. In addition to that, we also had placement team to assist you to get placed in IT companies after completing the training program. Please visit our website for more information.
    Best DotNet training institute in Chennai

    ReplyDelete
  3. Thanks for sharing such good article. This is really helpful.
    .Net Online Training Hyderabad
    Visit us: dot net training

    ReplyDelete
  4. Do you want to create and lead youtube channel about net framework? You can get subscribers for your channel from this site https://soclikes.com

    ReplyDelete
  5. Your internet site is in fact cool and this is a pleasant challenging article. Ms Office 2019 Crack

    ReplyDelete
  6. Excellent blog!!! I really enjoy to read your post and thanks for sharing!
    Sole custody Virginia
    Protective Order Virginia

    ReplyDelete