Approach Windows Server 2003 SP1 with Caution

By Channel Insider Staff  |  Posted 2005-03-30 Email Print this article Print
 
 
 
 
 
 
 

Opinion: The long-awaited patch will bring important improvements, but look out for the application-compatibility problems also encountered with Windows XP SP2.

Top Microsoft reporter Mary Jo Foley revealed Wednesday that Windows Server 2003 Service Pack 1 has finally been released to manufacturing.

That's the good news. The bad news is that now you'll get to start installing Server 2003 SP1.

I've been looking forward to this patch for a long time. Yes, Server 2003 was a giant step forward over Windows 2000, especially when it came to AD (Active Directory). That said, over the years I've run into any number of minor, but annoying, security problems.

Click here to read about Microsoft putting the final touches on Windows Server 2003 SP1.

I have every hope now that security enhancements—such as better Internet Explorer controls, the addition of an XP SP2-style Windows Firewall, and a new security-configuration wizard that will let you easily stop services and block network ports unless they're needed—will make Server 2003 much better. The new Smart TCP port allocation feature also should bring improved network performance.

Over the years, I have found numerous quirks, for lack of a better word for them, with application integration and the operating system. Since SP1 will include better authentication methods for RPC (remote procedure call) and DCOM (Distributed Component Object Model) services and general tweaking, I think I'll see my applications staying up longer under the new, improved SP1.

Server 2003 SP1 also will be bringing much improved Wi-Fi management goodies to the server plate. These include server-side integration of WPS (Wireless Provisioning Services) for Wi-Fi clients and configuration improvements for Wi-Fi policy group management. The result of all of this should be to make Wi-Fi client management a good deal easier.

So, with so much to like, what's the problem?

It's the same one we saw with XP SP2: application compatibility.

To cite Microsoft itself, "The developers of Windows Server 2003 SP1 strove to provide the highest degree of application compatibility for existing applications written for Windows Server 2003 without compromising security."

Uh-oh.

And, "Windows Server 2003 SP1 addresses known vulnerabilities to Windows Server 2003 by tightening the authorization needed for some services and disabling others altogether. In some cases, this may result in unexpected behavior from your applications."

In other words: Look out! Some applications will break. We just don't know which ones yet.

Click here for an analysis of Windows Server 2003 SP1.

Thus, I suggest that, whether you're a reseller, an integrator or just a systems administrator of a one server-box shop, you take introducing SP1 very slowly and very carefully.

First, you try it on test systems with your real applications. You also can start calling your ISVs to see whether they know of any existing problems.

If that works, then back up your production servers and start patching on a slow, controlled basis. You want to make sure that a problem that doesn't show up at the slow pace of a test server doesn't spring up and bite you when the same application is running in the fast lane of a production system.

Once everything is running well on a small scale, then—and only then—shift the rest of your productions servers to SP1.

While Server 2003 SP1 may not have changed as many things as XP SP2 did, it is still a major upgrade. Treat it with the care and respect it deserves, and in a few months, you and your clients will have a stronger business network. If you don't … well, don't blame me if your customers come after you with tar and feathers.

eWEEK.com Senior Editor Steven J. Vaughan-Nichols has been using and writing about operating systems since the late '80s and thinks he may just have learned something about them along the way.

 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...