Whether you’ve been waiting to fix your current installations of Windows 2000 or waiting for the first service pack to begin Windows 2000 deployment, your wait is over. Microsoft recently released Service Pack 1 for Windows 2000 Professional, Server, and Advanced Server. Here’s the scoop on the first maintenance release for Windows 2000.

How to get the service pack
You have three options for obtaining SP1. You can order the CD from Microsoft’s Web site or by calling Microsoft at (800) 851-1644. The Web site offers additional options for ordering, including fax and mail. The CD costs $19.95, including shipping. In addition to the service pack installation and documentation files, the SP1 CD contains a few resources not available through download that make a CD purchase worthwhile:

  • Terminal Services Advanced Client (TSAC): This set of Web components and management tools enables Terminal Services sessions to run within Internet Explorer. TSAC is an upgrade to the Terminal Services client and does not install as part of the SP installation. Instead, you need to install it separately. The package includes three components. The Terminal Services ActiveX Client Control and sample pages provide the same functionality as the Terminal Services client but enable Terminal Services to function across the Web. The second component in the package is the Terminal Services Connections MMC console, an MMC snap-in that enables you to host multiple Terminal Services connections in a single console, simplifying management of multiple servers. The third item in the package is the Terminal Services Full Client Microsoft Installer, which provides a simplified means of deploying the Terminal Services Full Client to Windows 2000 Professional workstations.
  • Service Pack Debug SyMBols: Debug SyMBols allow you to capture information during application and system crashes for troubleshooting purposes. You should install Debug SyMBols only if you’re experiencing a problem and need to capture this data. You’ll find additional information about Debug SyMBols in the \Support\Debug\DBG.htm document on the CD.
  • Updated Windows 2000 deployment tools: The CD includes an updated set of tools that will help you deploy Windows 2000 in the enterprise.
  • A revised version of Microsoft Windows 2000 Guide to Unattended Setup: This document explains how to use Setup in unattended mode to automate Windows 2000 installation for wide-scale deployment. Unattended Setup can also be useful in situations where you need to quickly duplicate a Windows 2000 installation (such as on a machine you use for beta testing).

The Web site also offers two options for downloading the service pack. The Express Installation option installs the service pack to your computer, using the system’s current configuration to determine which service pack components to install. This option is aimed mainly at end users who want a targeted installation and need to reduce download time. The second option is Network Download; this option downloads the service pack compressed archive, which contains all components. You can then use the archive to perform network installations on multiple computers, burn your own CDs, or simply store the file for later reinstallation if it becomes necessary.

In general, you’ll want to download SP1 only if you have a fast, dedicated Internet connection. The Sp1network.exe file weighs in at over 83 MB, a long download for a dial-up connection. If you don’t have access to a fast connection, consider ordering the CD.

What does it fix?
Service Pack 1 addresses a broad range of bugs and quirks in Windows 2000. Some of these were addressed by updates available from the Microsoft Windows Update Web site, but the service pack addresses a much larger set of issues. For a complete list of issues addressed and links to Microsoft Knowledge Base articles on each fix, check out this article on the Microsoft site. Here’s a summary of the issued addressed by SP1:

  • Base OS: Over 60 base operating system issues from expanded hardware support to problems with remote storage. Interface problems are addressed along with more serious problems, such as memory leaks, stop messages, hung systems, security, and corrupted data. Some examples include added support for O2Micro CardBus Controllers OZ6912 and OZ6922, improved DirectX performance, DoS attack from Linux RPC clients, a stop error related to removing a USB hub, inability to back up registry or event logs on dynamic volumes, problems running Setup on systems with Compaq Smart Array Controllers, and a range of other problems both minor and major.
  • Active Directory: 28 issues related to Active Directory, including issues related to the AD in general, LDAP, security, replication, and such services as DNS and WINS. Some performance problems with mixed-mode environments are fixed, as well. Some of the fixes address memory leaks, problems with Dynamic DNS, potential Global Catalog inconsistency, access violations, and several other areas related to the AD.
  • IIS and COM+: 37 different problems related to Internet Information Services and COM+ that address performance, data corruption, service crashes, and security. Some of these fixes improve performance for indexing and searches, clear up programming problems with ASP, and fix IIS problems that can cause high CPU utilization, access violations, and potential security problems.
  • Mail: Seven issues related to the SMTP and NNTP services, some of which affect Exchange Server. For example, the service pack addresses a problem with SMTP generating a mail loop when you move a mailbox from one server to another. Other problems addressed include the SMTP service stopping unexpectedly, a problem with NNTP when Exchange Server 2000, and others.
  • Management and Administration: A handful of fixes that address problems with Performance Monitor, System Monitor, and SMTP Consumer.
  • MDAC and Data Access: Six issues related to ODBC and data access, along with the MDAC 2.5 Service Pack 1. If you’re using MDAC for data access, you should definitely consider installing SP1 to incorporate the MDAC 2.5 SP1.
  • MSMQ: 11 problems with MSMQ, including migration problems, data loss, and access violations.
  • Networking: 50 networking-related issues for networking with various protocols, VPN support, WINS, domain authentication, SNMP, proxy, DNS, and related services. A few of the issues addressed include lost network connections after resuming from hibernation, WINS service stops, problems with VPN input/output filters, problems with unbinding IPX, timeout problems with the FTP service, lost packets, access violations, and performance improvements for network load balancing, among others.
  • Other: 18 miscellaneous issues related to interface problems, character sets and regional settings, logging, Terminal Services, and scripting. Issues addressed include problems displaying and sorting various character sets, security problems such as active scripting being enabled for restricted zones, date and time zone problems, and others.
  • Printing: Nine printing problems, including SNMP, access violations, printer installation, and miscellaneous errors. Some of the issues fixed include access violations in the print spooler, problems with Adobe FrameMaker, and installation errors where the NetBIOS name is different from the Windows 2000 domain name.
  • Security: 23 security issues that include problems with encryption, security through Web access, memory leaks, authentication, and performance. Some of the fixes address potential security problems with Internet Explorer, password vulnerability, lack of protection for private keys with the High Encryption Pack, memory leaks, problems connecting to SSL sites in certain situations, Kerberos password expiration and realm propagation, and others.
  • Setup: Seven issues with hardware detection, installation or upgrade of certain localized versions, and setup failures. Certain SCSI adapters are not properly detected as plug-and-play devices, for example. Some other problems addressed include upgrading the Russian version when IIS 2.0 or 3.0 is installed, incorrect size report for IDE drives greater than 8.4 GB, problems upgrading over BackOffice 4.5, and problems with FrontPage and Visual InterDev.
  • Shell: Four interface problems involving Windows Explorer, Internet Explorer, common dialog boxes, and Word/Excel with HTML files. Two of these fixes correct problems that can lead to application data loss.
  • Stress: SP1 provides several updated files to address problems that typically don’t arise except in high-load situations and which are not easily reproduced without a stress-testing application.

Pre-installation considerations
Before you begin installing SP1, you should be aware of some considerations and potential problems that might affect your installations. First, SP1 does not affect the system’s encryption level. Setup maintains the encryption level (56-bit or 128-bit) in place prior to service pack installation. If you need to upgrade to 128-bit encryption, obtain the High Encryption Pack from Microsoft’s Web site.

Prior to installation, make sure you use Backup to update the ERD and back up the system state data and registry. A full backup is always a good idea, but do these three as a minimum. If you experience problems after installing SP1, you can use these backups to restore your system. You should also consider allowing the service pack setup to back up the files needed to uninstall the service pack should problems arise after installation. You’ll need roughly 205 MB for the uninstallation files under Windows 2000 Professional and 260 MB for Server or Advanced Server. The space you’ll need for the service pack installation itself varies according to the system’s current configuration and whether you’re installing from the CD or from the Web site. For Windows 2000 Professional, you’ll need approximately 215 MB for a CD installation or 345 MB for installation from the Web site. Server and Advanced Server require approximately 290 MB when installing from the CD or 435 MB if installing from the Web site. These numbers include the space required for uninstallation files, so you can reduce the space requirement if you don’t save the uninstall files.

You should also take the time to review the release notes for SP1 prior to installation. This Knowledge Base article details over a dozen installation issues you might encounter when installing SP1 depending on your installation. For example, SP1 doesn’t update the Recovery Console files, so you’ll need to reinstall the Recovery Console after installing the service pack. Another problem to consider, which is referenced in the article, is broken Internet access on systems running ZoneAlarm firewall software. You’ll need to set ZoneAlarm’s security level to Medium to restore connectivity after installing SP1.

One final issue to consider prior to installation is whether you need to create an integrated installation—a flat copy of Windows 2000 that incorporates the service pack changes for installation on new systems. This eliminates the need to install Windows 2000 and then apply the service pack when setting up new systems. To perform an integrated install, you first need a distribution share with the original Windows 2000 files. Then, run Update.exe -s:share, where share points to the location of the distribution share. Update then applies the service pack to the installation share and all new installations from that share will have the service pack changes applied automatically. Check out the SP1 Installation and Deployment Guide for more information.

For more information
You’ll find a considerable amount of information about SP1 on Microsoft’s Web site. You should take the time to read the release notes and readme document, as a minimum. The SP1 Installation and Deployment Guide also offers additional information on large-scale deployment and installation via other methods such as SMS and RIS, as well as command-line switches for Update.exe and SP1network.exe. In a future Daily Drill Down, I’ll offer a more detailed assessment of SP1.

Jim Boyce is a former contributing editor and monthly columnist for WINDOWS Magazine. Jim has authored and co-authored over 40 books about computer software and hardware. He has been involved with computers since the late 1970s as a programmer and systems manager in a variety of capacities. He has a wide range of experience in the MS-DOS, Windows, Windows NT, Windows 2000, and UNIX environments. In addition to a full-time writing career, Jim is a founding partner and vice president of Minnesota WebWorks, a Midwest-based Web development firm.

The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.