Be warned; if you attempt to upgrade an Exchange 2010 RTM install to Exchange 2010 SP1 and you do not have the correct Powershell Execution Policy in place (and I’m not entirely sure what that is, it’s not documented anywhere obvious but it appears that Unrestricted works – although some have said that it doesn’t – and I can assure you that RemoteSigned doesn’t) it will not warn you, it will not avoid it, it will simply break halfway through the install and leave your server in a state whereby the Exchange binaries are all deleted, half your Windows services are disabled and all the Exchange cruft is still in the registry. The error is akin to the following:
The following error was generated when "$error.Clear();
& $RoleBinPath\ServiceControl.ps1 EnableServices Critical
" was run: "AuthorizationManager check failed.".
The only fix I’ve found for this, after sorting the Powershell Execution policy is to delete all the Exchange keys from HKLM\Software\Microsoft\Exchange and HKLM\Software\Microsoft\ExchangeServer, restart all the disabled services (IIS, WMI, Remote Registry, etc) then run the Exchange 2010 RTM “setup.com /M:RecoverServer”, wait for it to complete and then attempting the SP1 install again.
All I can say is thank god I didn’t test this on a server that happened to have the correct Execution Policy and then subsequently deploy it into production onto one that didn’t.
Update: Thanks to Martin in the comments for pointing me to http://support.microsoft.com/kb/981474 – it looks like it’s not so much what the Execution Policy is set to, but how it’s set. Seems like a really stupid oversight to me; surely Microsoft must have expected people to use GPOs to set Powershell Execution Policies – at the very least some detection logic in the installer to warn the user would be nice.