Top Microsoft reporter Mary Jo Foley revealed Wednesday that Windows Server 2003 Service Pack 1 has finally been released to manufacturing.
Thats the good news. The bad news is that now youll get to start installing Server 2003 SP1.
Ive been looking forward to this patch for a long time. Yes, Server 2003 was a giant step forward over Windows 2000, especially when it came to AD (Active Directory). That said, over the years Ive run into any number of minor, but annoying, security problems.
I have every hope now that security enhancements—such as better Internet Explorer controls, the addition of an XP SP2-style Windows Firewall, and a new security-configuration wizard that will let you easily stop services and block network ports unless theyre needed—will make Server 2003 much better. The new Smart TCP port allocation feature also should bring improved network performance.
Over the years, I have found numerous quirks, for lack of a better word for them, with application integration and the operating system. Since SP1 will include better authentication methods for RPC (remote procedure call) and DCOM (Distributed Component Object Model) services and general tweaking, I think Ill see my applications staying up longer under the new, improved SP1.
Server 2003 SP1 also will be bringing much improved Wi-Fi management goodies to the server plate. These include server-side integration of WPS (Wireless Provisioning Services) for Wi-Fi clients and configuration improvements for Wi-Fi policy group management. The result of all of this should be to make Wi-Fi client management a good deal easier.
So, with so much to like, whats the problem?
Its the same one we saw with XP SP2: application compatibility.
To cite Microsoft itself, “The developers of Windows Server 2003 SP1 strove to provide the highest degree of application compatibility for existing applications written for Windows Server 2003 without compromising security.”
Uh-oh.
And, “Windows Server 2003 SP1 addresses known vulnerabilities to Windows Server 2003 by tightening the authorization needed for some services and disabling others altogether. In some cases, this may result in unexpected behavior from your applications.”
In other words: Look out! Some applications will break. We just dont know which ones yet.
Thus, I suggest that, whether youre a reseller, an integrator or just a systems administrator of a one server-box shop, you take introducing SP1 very slowly and very carefully.
First, you try it on test systems with your real applications. You also can start calling your ISVs to see whether they know of any existing problems.