Link to home
Start Free TrialLog in
Avatar of metamatic
metamatic

asked on

To service pack or not to service pack.

I am very much a believer in the "if it ain't bust don't fix it" philosophy. I have two domain controllers running 2003 standard and both are lucky if they get a windows update, let alone have SP1 installed.

But....

I have just bought a new server which I am going to introduce as a member server in the next couple of weeks. The version of 2003 standard that came with this already has SP1 installed. So, are all my servers going to play nicely together or is there any reason why they all need to be service packed to the same level?

And if I do install SP1 on my 2 DC's, am I going to have any nasty surprises in store?

Cheers

Andy
ASKER CERTIFIED SOLUTION
Avatar of Brian
Brian
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
So you don't apply critical security patches?  I hope these servers aren't connected to the Internet in any way.....

SP1 for Windows 2003 introduces additional security as well as bug fixes for a number of issues.

I have applied SP1 to several Windows 2003 server with no problems whatsoever.

If you are dead-set against appying SP1 to your existing servers your new server will not have any problem interacting with them.

The only thing you might run into is that the SP1 server will have additional security for Distruibuted Transactions and will need to be configured properly to not require authentication from the non-SP1 servers, but this is only an issue if you are using Distributed Transactions.

Dave Dietz
Unlike XP SP2 whith which you have to be very carefull, 2003 SP1 is a good one.  Its not going to destroy anything.  It will only help in security. I recomend that you apply it. It also got this nice security configuration wizard, which will guide you in applying propper policies. Still be carefuly with the firewall, i have it disabled all the way.
Having a member server running SP1 connected to others that are SP1-less, should not be any trouble.
P.S. Having critical patches is a must.  True that "if it ain't bust don't fix ", but if there is a patch for something, it means that something IS busted.
You can install SP1 in Windows Server 2003 for sure. If you notice some strange behaviour with them, you have the option to Remove the same SP1.

Beware that SP1 brings new DCOM security options and a Windows Time Issue that can fill your Event Viewer just like that !

If you have Web Servers, then it's a very good idea that you upgrade them to SP1 because it has NOW the ability to Audit IIS metabase Changes, sort of, you change an "A" to "B". In the Audit it tells you who did it, time, and also, and most important, that he/ she changed it from "A"  to "B". ( Very useful in case of a full string ).

Best Regards !