The ExchangeHealthChecker has been around for some time, but many people still seem to be unaware of this useful script. However, it is worth running the script from time to time to prevent problems. The ExchangeHealthChecker analyzes the Exchange configuration and lists the most common configuration problems. The script therefore makes troubleshooting much easier. For example, the ExchangeHealthChecker lists expired certificates, such as an expired OAuth certificate, which is used in the Installation of the July 2021 security updates caused problems. However, the script also lists configuration problems that you may not always have recognized as such (although the recommended 128GB RAM for Exchange 2019 can be ignored in many environments). Nevertheless, I consider the ExchangeHealthChecker to be a very useful script and I have now gotten into the habit of running the script once before installing the Exchange CUs.
The ExchangeHealthChecker can be downloaded here:
Before running the ExchangeHealthChecker, you should make sure that you are always using the latest version. As already mentioned, I download the latest version before installing the Exchange CUs and then run it once. It is important that ExchangeHealthChecker is executed in the "elevated Exchange Shell" (Run as Administrator). Calling the script without any other parameters checks the local Exchange server:
The results are output directly in the shell, but a log is also written in XML and TXT format so that the results can also be further processed by other scripts.
The ExchangeHealthChecker script itself also has the option of preparing the results as an HTML file. To obtain an HTML report, the script can be called after the first run with the -BuildHtmlServersReport parameter:
This creates an easy-to-read report, here is an (abbreviated) example:
The HealthChecker HTML report therefore summarizes configuration problems and open vulnerabilities, and often includes a link to the solution to the problem.