It’s been over seven months since Microsoft released Exchange 2000 Service Pack 2 (SP2). Since that time, Exchange Admins have clamored for fixes to fix the fixes in Service Pack 2. It’s no secret that SP2 wasn’t a favorite installation of many Exchange admins, because in some cases, SP2 created more problems than it solved. Recently, Microsoft finally shipped Service Pack 3 (SP3) for Exchange 2000. This service pack fixes problems that occurred as a result of installing SP2 and addresses other problems that have surfaced in Exchange 2000 since SP2 shipped. In this Daily Drill Down, we’ll take a detailed look at Exchange 2000 SP3.

Exchange 2000 Conferencing Server Users beware!

Service Pack 3 is not for you. Exchange 2000 Conferencing Server Service Pack 2, released Dec. 5, 2001, is the latest service pack for you. Learn more about this service pack here.

Service Pack 3 fixes
From the Microsoft Web site, you can see that the list of SP3 fixes for Exchange 2000 Server is quite extensive; of course, it’s nowhere near as long as the list of fixes for something like Windows 2000 or Windows XP. All told, there are 100 fixes in SP3, with some of the more interesting ones correcting problems such as:

  • Some messages that could not be delivered instead remained in the Exchange 2000 Server message queues without triggering the delivery of a nondelivery report (NDR).
  • Exchange 2000 Servers operating with other Exchange 5.5 and Exchange 2000 Servers in a mixed-mode organization sporadically suffered from a memory leak in the Store.exe executable. This, over time, caused the Exchange 2000 Server to become completely unresponsive and appear to bring the database offline.
  • When attempting to migrate mailboxes from Exchange 5.5 Server to Exchange 2000 Server, you may have experienced problems during the migration. This issue was primarily caused by organization names having a comma in them and was not fixed in either Exchange 2000 SP1 or SP2.
  • Sometimes a front-end server used 100 percent CPU when using SSL. This problem, although somewhat rare, occurred when the Inetinfo.exe executable attempted to decrypt the SSL message and subsequently required more than one negotiation with the Domain Controller.
  • A rare open hole in Exchange 2000 Server that could be exploited by a malicious user to send raw messages to the server to use up CPU resources. While the exploit didn’t give the intruder access to change permissions, read mail, or perform any other illicit actions, the usage of valuable CPU time on any Exchange 2000 Server is definitely something worth noting

SP3 does more than just fix bugs in Exchange 2000; it adds new features to Exchange 2000. Several updates to the Exchange 2000 Server system have also been included in this service pack including:

  • The routing server component has been modified to result in fewer LDAP queries to Active Directory, which enhances the search process and increases the routing performance of Exchange 2000.
  • You can now view MAPI messages using an NNTP newsreader.
  • You can run Exchange 2000 SP3 on Windows 2000 SP2 or SP3 member servers in Windows .NET Server domains with Windows .NET Server Domain Controllers and Global Catalog servers.

Obtaining Service Pack 3
You can get Exchange 2000 SP3 from Microsoft’s Exchange 2000 Server SP3 Web site. The download is available in the following languages:

  • English (165.1 MB)
  • French (148.1 MB)
  • German (148.2 MB)
  • Italian (148.0 MB)
  • Japanese (146.3 MB)
  • Spanish (147.9 MB)

Select the language you want from the drop-down list box and click Go. The SP3 download file is a monster. Make sure you have a fast Internet connection or lots of time on your hands when you download it from the site. Save the service pack to a temporary directory on your server and then prepare your server to install it.

Preflight warnings
You can’t just blindly install SP3 on your Exchange server; you must verify a few things first. For example, Windows 2000 SP2 or SP3 must be installed on the server that you are installing Exchange 2000 SP3 on. Additionally, you cannot run Exchange 2000 SP3 on servers running Windows .NET Server. If you want to run Exchange on your .NET server, you must wait until the next version of Exchange Server, code-named Titanium.

Be very careful about installing the service pack. You should first install it in a test environment on a server that mirrors your production server so you can test it to make sure you won’t encounter problems later.

Make sure you fully back up your Exchange server before installing SP3. After SP3 has been applied, you cannot remove it via the Add/Remove Programs applet of the Control Panel. Should you need to back out of an Exchange 2000 Server SP3 deployment, you will need to perform a restoration of the original system state, file system, transaction log files, and databases. Restoring SP2 databases and log file sets to an SP3 server will cause the files to be updated before mounting; restoring a database and log file set that is older than SP2 is not supported and will fail.

If you have an Outlook Web Access implementation setup using a front-end/back-end solution, you must upgrade all front-end servers before upgrading any of the back-end servers. OWA clients download scripts from the front-end servers that they connect to; these scripts aren’t compatible with any back-end servers running an older service pack. For example, suppose you mistakenly upgraded your front-end servers to SP3 while leaving your back-end servers at SP2. If you are running multiple front-end servers, you don’t have to upgrade all of them at once but you must upgrade them all before upgrading any of the back-end servers.

Installation of Exchange 2000 SP3 doesn’t automatically update the help files for OWA clients. You will need to update the files manually or install them by running an .msi file or language pack for each language that is used by your OWA clients. You must remove any existing SP1 or SP2 OWA help files from the Add/Remove Programs applet before installing the SP3 help files. To update your OWA help files, select the Outlook Web Access Help Files option from the Microsoft Exchange SP3 main setup screen. Complete the installation process for each language required by your OWA clients. Alternatively, you can access the help files in the x:\setup\i386\exchange\exchweb directory, where x is the location of your SP3 files.

After an upgrade from Exchange 2000 or Exchange 2000 SP1 to Exchange 2000 SP3, the Exchange MTA Stacks service and the Exchange Information Store (IS) service will not start if you do not meet the following requirements: (This is one of those gotchas you can prevent with careful planning.)

  • At least one available global catalog server resides in a domain where you ran the DomainPrep utility. This utility creates the groups and permissions necessary for servers running Exchange to read and modify user attributes.
  • A Recipient Update Service exists in that same domain.

If you are using a global catalog server in a different domain, you must run DomainPrep in that domain, create a new Recipient Update Service for that domain, and then restart the newly upgraded Exchange 2000 SP3 server. Only by doing this will you get Directory Access to run properly.

Applying Exchange 2000 Service Pack 3
Depending on the configuration of your Exchange organization, the process to apply this service pack can be broken down into three events. You may need to update the Active Directory Connector (ADC) service if you’re using the connector to communicate with older Exchange 5.5 servers. You will then need to apply the update to either single Exchange 2000 Servers or to clustered Exchange 2000 Servers.

The process to update the ADC to service pack is extremely easy and doesn’t even require you to run the main Exchange Setup program. Simply navigate to the ADC\I386 folder of your SP3 files and run Setup.exe. From the list of options, select Reinstall as shown in Figure A.

Figure A
Updating the ADC service is a separate process.

To upgrade a server running Exchange 2000, Exchange 2000 SP1, or Exchange 2000 SP2, run Update.exe located in the \SETUP\I386 folder of your SP3 files. From the component list, shown in Figure B, select Update.

Figure B
Update the Exchange 2000 Server files to SP3.

You’ll be prompted to restart your server (Figure C) after the SP3 files have been applied.

Figure C
Restarting a server after updates is always recommended.

Verifying the service pack was successfully applied
After updating your Exchange 2000 servers, you should take a moment to verify the update was completed successfully. To do so, start the Exchange System Manager, right-click a server, and select Properties from the context menu. You should see build 6249.4 (as shown in Figure D) for all Exchange 2000 Servers that have been updated to SP3. The other common build numbers are:

  • Exchange 2000 = 4417.5
  • Exchange 2000 Service Pack 1 = 4712.7
  • Exchange 2000 Service Pack 2 = 5762.4

Figure D
Verify the server build.

Field reports
I have deployed SP3 on my Exchange servers with no problems, as have several dozen other admins who told me they deployed it with no problems on a wide array of hardware, including Compaq, Dell, HP, and white-box custom-built systems. All of the systems had varying levels of RAM, CPU, and hard drive storage, some with RAID arrays, others without.

So far it seems that SP3 is one of the better recent Microsoft service packs, although only time will tell the true story of its effectiveness. And though Microsoft included over a hundred fixes and improvements, the most important unaddressed problem is still the inability of Exchange 2000 Server to exist in a domain with Windows .NET Server Domain Controllers. Windows .NET Server is on track to ship during the latter part of this year, and the newest version of Exchange Server is set for mid to late 2003. So Microsoft should do something to address this problem soon.