Products History Gallery Manuals Download Links Arcade Forum Up&Runng Windows PC News
    Microsoft Windows Vista, 2003 and XP processes and tips.  Includes Group Policy, Active Directory, Windows SharePoint Services, Outlook Shared Calendars, RAID5, McAfee and much more.  
 


Issues with Service Pack 1 for Windows 2003
Prepared by Ian Matthews May 24, 2005

After reading many Microsoft articles, watching several Technet video courses, and a notable amount of testing I can say that SP1 for W2K3 install without much effort.  There are however, a few things you should know prior to upgrading:

  1. If you are using RRAS (Routing and Remote Access Service) you need to either disable or remove it prior to the upgrade.  Apparently the RRAS firewall conflicts with the new Windows Firewall. 

    My experience was that the server could see the internet and PC's on the LAN, but nothing could see that server even though the firewall was disabled.  The solution was to remove SP1, disable RRAS, reinstall SP1, re-enable RRAS and configure it from scratch.
     
  2. fpse2002.JPG (78661 bytes)FPSE2002 (Front Page Server Extensions 2002) gets locked down by SP1.  Basically, you can sign into the main FPSE 2002 Configuration page, but when you try to access the Site Administration for a site you receive an "Error: Access is Denied." message after three apparent password failures.

    The solution is to change the security on the _VTI_BIN folder.  Note that this folder is only viewable in IIS and it does not appear in your file shares (so you can't set NTFS security).  As you can see when you click the graphic to the right, you need to set AUTHENTICATED ACCESS to BASIC.

If you have a DELL server running as a Domain Controller, you must read THIS article.

A week or two after your install, when you are certain the upgrade has gone wee, you should run ADD/REMOVE PROGRAMS, WINDOWS COMPONENTS, and add in the SECURITY CONFIGURATION WIZARD and then run through this excellent lock down tool.

I have successfully installed SP1 on DC's (Domain Controllers), Terminal Servers, Mail Servers (although I have not touched an Exchange server), file and print member servers, and web servers. 

Note that there is a special version of SP1 for Small Business Server.  Click HERE for more information.

You can download SP1 for W2003 HERE.  If you have an hour and want to watch good video overview of the SP1 direct from Microsoft, click HERE.

Keep in mind that if you do experience problems, you can boot into Safe Mode and uninstall it.  I have done so several times and was thrilled to find that the uninstall went very well in all cases.

 
KEY FEATURE EXPLANATION
Windows Firewall Now on by default in systems with new installations of Windows Server 2003 that include Service Pack 1(also known as a slip-stream release). By default, Windows Firewall is not enabled on upgrades to existing Windows Server 2003 installations, in order to maintain stable production configurations already in place and to avoid application compatibility issues on the server. Windows Firewall provides network protection after install while users update their system with the latest patches using the new Post-Setup Security Updates feature.
Security Configuration Wizard A new feature in Windows Server 2003 with Service Pack 1 that provides guided attack surface reduction for your server.
Post-Setup Security Update Designed to protect the server from the risk of infection between the time the server is first started and the application of the most recent security updates are applied from Windows Update. If Windows Firewall is enabled and the administrator did not explicitly enable Windows Firewall using an unattended-setup script or Group Policy, Post-Setup Security Updates opens the first time an administrator logs on.
Data Execution Prevention A new set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. With Service Pack 1, an additional set of DEP security checks, known as software-enforced DEP, have been added to Windows Server 2003.
Internet Explorer Information Bar Replaces many of the common dialog boxes that prompted users for information in previous versions and provides a prominent area for displaying information that users may want to view or act upon.
Internet Explorer Pop-up Blocker Designed to block most unwanted pop-up windows from appearing. Pop-up windows opened when the end user clicks a link will not be blocked.
WebDAV Redirector Allows computers running Windows Server 2003 to use WebDAV (Web-based Distributed Authoring and Versioning) servers, such as Windows SharePoint Services and MSN Communities, as if they were standard file servers.


The following is the hardware specs required for SP1:

 
(C) 2002 trhough 2008 Up & Running Technologies Incorporated
If you want to use any images or text from this site you must get written approval first.  Click HERE to send an email request explaining your intended usage.