Fun with Service Packs again

Well, if you haven’t heard Microsoft have released Windows Server 2003 Service Pack 2. Better yet it appears as a critical update for Small Business Server. best of all, even for systems without SBS Service Pack 1 it appears as a critical update. Oh joy of joys. This is just like the fiasco when Windows Server 2003 Service Pack 1 appeared as a critical update. If was installed on your system then it would break a whole heap of things. You need to apply Windows Server 2003 Service Pack 1 as part of the Small Business Server 2003 Service Pack 1. So if your SBS system was set to automatically download and install the service pack, guess what? On the next reboot of your server you had a broken SBS.

So did Microsoft learn by this experience? Obviously not, because Windows Server 2003 Service Pack 2 is available as a critical update. Who knows what havoc it will reek on systems with Service Pack 1 already installed. It is our guess that Windows Server 2003 Service Pack 2 should work alright on SBS 2003 R2 or SBS 2003 with SBS Service Pack 1 but systems not meeting this criteria? Who knows? Problem is, someone out there is going to find out the hard way.

This is why we recommend that you don’t download and automatically install Windows Updates on your server. We recommend that you set it to only notify, then you apply the updates and service packs manually.

We are in the process of test Windows Server 2003 Service Pack 2 on our internal systems and we’ll provide feedback when we know more. Until then we would recommend you hang back from installing Windows Server 2003 Service Pack 2 just yet. In our books best let someone else bleed.

HP Lights-out 100c Remote Management Card

Had some fun and games getting this to work on a new HP ML110G4 server. Installing the hardware is simple enough but getting access to card via the network proved very interesting. Supposedly, the iLO card gets an IP address from a DHCP server by default according to the manual. Nope – sorry, card had a static IP address assigned, which we had to change. It also took us quite a while to locate the actual IP address settings in the server BIOS (as a hint look under the Advanced menu in the system BIOS which you get to via F10 at boot).

The biggest problem we found is that we could browse to the IP address of the iLO card but couldn’t log in? Hmmm… hours later after checking we had the right login, talking to HP ( who didn’t know ) turns out the iLO card doesn’t like IE7! Luckily it works with Mozilla ( sorry Microsoft ). HP’s response to this? “We don’t support IE7”.

Why is everything so hard?

Windows Update error 0x8DDD0001

We’ve been seeing a lot of Windows Update errors after apply Internet Explorer 7.0 to SBS 2003 servers. Typically the error tells you that you don’t have some of the Microsoft Update sites in your trusted sites. Problem is that when you look these sites are already in there. The quick fix is simply to go into you Internet Browser, then Tools | Internet Options | Security and select the button “Reset all zones to default levels”. If you restart your browser then Windows Update runs normally.

Unsure, whether this affects any browser security issues but really the only browsing on the server should be for Microsoft Updates and should only be done by someone responsible.

Windows Update Error 0x800A0007

Recently trying to use Windows Update at a customers site that has SBS 2003 Premium R2 (with ISA) and received the following Windows Update error 0x800A0007 on every machine. Hmmm…this wasn’t happening last time, what’s changed? Did some searching on the Net and found a multitude of solutions from simple clearing of the IE cache to reformatting. The common point seemed that this issue was caused by Microsoft Genuine Advantage (yuk!).

So we went to the Microsoft download site and installed Windows Genuine Advantage on the machines manually. The secret is then to reboot the machines and try Windows Update again. Worked on all the machines.

Nice isn’t it that a piece of software designed to ensure you have a legal copy of Windows stuffs up keeping the software up to date? Gotta admit with all the problems that we have had of late we are no fans of Windows Genuine Advantage. We think that perhaps Microsoft should test this sorta thing more thoroughly, but hey that’s just us.

SBS2003 and Windows server SP2

Ok, bottom line at this point of the game is don’t do it. There seem to be plenty of things that Windows Server SP2 could break ( including network connectivity, backups, SBS console and more ). There also seems to be issues with uninstalling the sucker. Since there doesn’t appear to be any real burning need to install this service pack on your SBS server I’d just hang back and let someone else bleed to death.

Even though it appears quite a few (unknowing) folks have installed SP2 on their machines ( thanks mainly to automatic updates and WSUS ) there doesn’t really seem to be any concrete information about what or how the best way to install (or uninstall) the service pack or what needs to be upgraded before hand. It appears that things like HP broadcomm network cards needs to be upgraded but even that appears to be vague.

The hardest issues to resolve are related to certain chipsets of network cards, typically the Broadcom chipset. Here’s an overview of this and some other problems:

• VPN, network and connectivity issues. You may find issues with your ISA 2004 firewall, Outlook connectivity, Remote Desktop, or VPN (Virtual Private Network). If you have Broadcom NICs (network interface cards), first make sure you have the latest drivers installed. Then, use the Registry to disable RSS (Receive Side Scaling) and Task Offloading, as discussed in the SBS blog and the ISA Server blog.

• Help and Support Service missing. Seemingly the largest issue, and one that’s easily fixed, is that the Help and Support Service appears to be missing. The instructions to reinstall this service are discussed on the SBS blog for that platform.

• Issues caused by uninstallation of SP2. Issues caused by removing SP2 include scheduled tasks being altered so you must reenter your passwords. Also, unless you have Windows 2003 R2 or SBS 2003 R2, removing SP2 causes the rollback of MMC 2.0 to have issues. To resolve this, review the known issues in the release notes and remove the files from the %APPDATA%\Microsoft\MMC\ folder.

For the time being, hold off installing Windows Server SP2 on your SBS 2003 servers.

Outlook 2007 update

This update fixes a problem in which a calendar item that is marked as private is opened if it is found by using the Search Desktop feature. The update also fixes performance issues that occur when you work with items in a large .pst file or .ost file.

Direct Download:

http://www.microsoft.com/downloads/details.aspx?FamilyID=c262bcfd-1e09-49b6-9003-c4c47539df66&DisplayLang=en

KB article:

http://support.microsoft.com/?kbid=933493

Getting – RTHDCPL.EXE Illegal System DLL?

And a nasty message like :

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

(Especially on HP workstations)? See this article from Microsoft for fixes and reasons. It is caused after you install security update 925902 (MS07-017).

DNS Vulnerability

Possible DNS vulnerability on SBS2003 server as per the Microsoft article :

http://www.microsoft.com/technet/security/advisory/935964.mspx

The simple fix for the time being is :

1.	On the start menu click ‘Run’ and then type ‘Regedit’ and then press enter.
2.	Navigate to the following registry location: “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters”
3.	On the ‘Edit’ menu select ‘New’ and then click ‘DWORD Value’
4.	Where ‘New Value #1’ is highlighted type ‘RpcProtocol’ for the name of the value and then press enter.
5.	Double click on the newly created value and change the value’s data to ‘4’ (without the quotes).
6.	Restart the DNS service for the change to take effect.