Windows & .NET Magazine UPDATE--Microsoft Finally Issues Windows XP SP2 Deployment Aids--August 17, 2004

Make sure your copy of Windows & .NET Magazine UPDATE doesn't get mistakenly blocked by antispam software! Be sure to add [email protected] to your list of allowed senders and contacts.

This Issue Sponsored By

Argent Software

Download: Be Proactive with Real-Time Monitoring!


1. Commentary
- Microsoft Finally Issues Windows XP SP2 Deployment Aids

2. Hot Off the Press
- Microsoft Delays Automatic Update Rollout of XP SP2

3. Networking Perspectives
- Troubleshooting Exchange 2003 Internet Mail

4. Resource:
- Tip: When should I manually defragment a domain controller (DC)?

5. New and Improved
- Easily Work with Compressed Formats
- Type with One Hand
- Tell Us About a Hot Product and Get a T-Shirt!

==== Sponsor: Argent Software ====

Free Download: Monitor Your Entire Infrastructure with ONE Solution
The Argent Guardian monitors servers, applications, any and all SNMP-compliant devices as well as the overall health of the entire network at a fraction of the cost of "framework" solutions. Network Testing Labs states that "The Argent Guardian will cost far less than MOM and yet provide significantly more functionality." Using a patented Agent-Optional architecture, the Argent Guardian is easily installed and monitoring your infrastructure in a matter of hours. Download a fully-functioning copy of the Argent Guardian at:


====1. Commentary: Microsoft Finally Issues Windows XP SP2 Deployment Aids ====
by Paul Thurrott, News Editor, [email protected]

Last week, I spoke with Microsoft about Windows XP Service Pack 2 (SP2) deployment concerns. The good news is that all the information and tools you need to roll out XP SP2 in your environment are now available from the Microsoft Web site (see the links below). The bad and somewhat surprising news is that this information was never made available publicly before, even in beta form. Shame on Microsoft for not making this information available previously.

Shame, I say, because XP SP2 has almost as many new Group Policy Objects (GPOs) as a full-fledged Windows release (609 new GPOs, according to the software giant; the original XP release, by comparison, had about 800 GPOs). And until this week, none of the GPOs were fully documented in a detailed whitepaper. However, Group Product Manager Barry Goffe told me last week that the reported number of GPOs is somewhat inflated. "The bulk of those are in \[Microsoft\] Internet Explorer, about 50 per zone \[or about 250 overall\]," he said, "So it's a little less daunting than it seems at first."

Also, although the whitepaper describing XP SP2 features that you can modify via Group Policy only recently became available, Microsoft did ship an Administrative Template Format (.adm) file during the release candidate (RC) phase of SP2 that was somewhat useful; a Microsoft Excel spreadsheet describing these features in the final release is available as well (see the links below). It will be a while before I can thoroughly study these features and practice modified SP2 rollouts, but I'll report my findings as soon as I can.

In the meantime, you might be interested in some insider details about XP SP2. Goffe told me that Microsoft has been working closely with its OEM partners and corporate customers to best schedule its SP2 rollout. Because XP SP2 changes so many things, Microsoft created documentation called "The Book of Springboard," which the company eventually published to the Web as "Changes to Functionality in Microsoft Windows XP Service Pack 2" (see the link below) and updates regularly. The current version is more than 200 pages long.

One reason why Microsoft has had to update the documentation so often is that XP SP2 has changed, over time, in somewhat subtle ways. For example, the no execute (NX) feature, which helps prevent certain buffer-overrun errors, was triggering errors on poorly written applications. "It turns out that there are a lot of poorly written apps out there," Goffe told me (sorry, he refused to name names). "Many of these have bad pointer handling. When you run them on strict hardware, \[the applications crash\]. Our initial approach in SP2 was to leave NX on across the OS, which we implemented in RC1, and you could use an exception list for opting apps out of NX. This functionality was triggered when an app crashed because of NX. But it turns out that a large chunk of apps that people wanted to use were crashing. So we decided to turn off NX for user-mode apps but leave it turned on for system components. So all the Microsoft bits are protected \[by NX\], which we think is a great thing. But by default it's off for user-mode apps." Goffe also noted that users could optionally cause applications to run with NX enabled, on an application-by-application basis.

Also, developers compiled XP SP2 with the new /gs compiler flag, which might seem uninteresting to nonprogrammers but directly affects everyone who uses the new system because it adds a runtime monitoring layer for real-time memory scanning. Typically, such an activity would add overhead and slow performance, but Goffe told me that the Windows team was particularly excited by how little this much-needed feature affects performance. The results were so positive, in fact, that Microsoft will recompile Windows Server 2003 SP1 with the /gs compiler flag enabled as well. "On the server side, the /gs flag is huge," he said. "So it will be on in Windows 2003 SP1 next year. In testing, the impact to \[Microsoft\] IIS is almost zero. That's huge for a highly tuned app like that, especially when you consider the benefit we get from that."

So far, corporate downloads of the service pack have proceeded exceptionally fast, with few support calls; however, the night is still young. Goffe noted that the 272MB full network installation version of SP2 had been downloaded more than 1 million times in 3 days, and Microsoft had, as of last Thursday, pushed approximately 200TB of data out to customers. "Everyone is super excited about it," he said. "Customers are saying that this is the tipping point to get them to XP. Security is their number one issue by an order of magnitude. We're really trying to do the right thing by our customers and the needs they're expressing to us."

Also, users waiting for the final version of XP SP2 for 64-bit systems will have to wait until the end of the year. Microsoft will release versions for both the Itanium and 64-bit Extended Systems versions of XP.

Finally, conspiracy theorists take note: Microsoft has changed the End User License Agreement (EULA) in SP2. But this time, the effect is overwhelmingly positive. Previously, service pack EULAs prevented administrators from distributing or copying the CD-ROM-based version of those releases. That limitation is gone with SP2: Microsoft wants this update to be disseminated as quickly as possible to as many XP-based machines as possible. A EULA change that won't trigger an outcry from Mark Minasi? I think we can all say "Amen" to that.

Related Resources

Changes to Functionality in Microsoft Windows XP Service Pack 2

Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2

Group Policy Collection

Group Policy Settings Reference for .adm files included with Windows XP Professional Service Pack 2

Managing Windows XP Service Pack 2 Features Using Group Policy

Manually Configuring Windows Firewall in Windows XP Service Pack 2

Programs that may behave differently in Windows XP Service Pack 2

Temporarily Disabling Delivery of Windows XP Service Pack 2 Through Windows Update and Automatic Updates

Windows XP Express Installer

Windows XP Full Network Install dcdf8/WindowsXP-KB835935-SP2-ENU.exe

UPDATE: Microsoft Delays Automatic Update Rollout of XP SP2


==== Sponsor: Download: Be Proactive with Real-Time Monitoring! ====

There are two ways to manage your critical systems: Reactive and Proactive. TNT Software's ELM Enterprise Manager supports the latter. ELM Enterprise Manager is the affordable solution that monitors the health and status of your systems in real-time, provides easy to access Views, and alerts you in time to take prompt corrective action. Be proactive, download you FREE 30 day full featured trial copy of ELM Enterprise Manager NOW and start experiencing the benefits of real-time monitoring.


==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Microsoft Delays Automatic Update Rollout of XP SP2
Microsoft alerted me yesterday that it has decided to suspend the rollout of Windows XP Service Pack 2 (SP2) via Automatic Updates. The delay will give corporate customers more time to install an XP SP2 download-blocking mechanism that the company provided last week. For this reason, XP Home Edition users will start receiving XP SP2 via Automatic Updates on Wednesday, August 18; XP Professional Edition users will start receiving the update via Automatic Updates on Wednesday, August 25. Under the original schedule, both sets of users would have started receiving the update today. To read the complete story, visit the following URL:

==== 3. Networking Perspectives ====
by Alan Sugano, [email protected]

Troubleshooting Exchange 2003 Internet Mail
A client company was having difficulty receiving mail from the Internet and sending mail to a remote Microsoft Exchange Server server. This client runs a combination of Exchange Server 2003 and Exchange 2000 Server platforms. The company has multiple locations with an Exchange server in each location. It has a front-end server to handle incoming mail and Microsoft Outlook Web Access (OWA). Visit the following URL to read how Alan Sugano solved this client's email problems:

==== Announcements ====
(from Windows & .NET Magazine and its partners)

Take our Salary Survey, and Enter to Win $500!
We need your help! Windows & .NET Magazine is launching its first Windows IT Pro Industry Salary Survey, and we want to know all about you and what makes you happy as an IT professional. When you complete the survey (about 15 minutes of your time), you'll be entered in a drawing for one of two $500 American Express gift certificates. Look for the survey results--and how you stack up against your peers--in our December 2004 issue. To take the survey, go to

Harness the Power of Active Directory Provisioning
Join NetIQ for Part 1 of this two-part, live, interactive Web seminar series. Discover the benefits of user provisioning in Active Directory to establish a complete user account life-cycle management solution without the expense of a full-blown identity management solution. Register today!

Sarbanes-Oxley: Race to the Finish Line
The deadline is looming for compliance with the final set of Sarbanes-Oxley requirements. Are you ready, or are you still struggling with Section 404 issues? In this free Web seminar, let the experts of Ernst & Young LLP and NetIQ provide you with the tips and techniques required to maintain proper internal control frameworks. Register today!

~~~~ Hot Release: (Advertisement) InstallShield ~~~~

Repackaging Alone Doesn't Guarantee Software Reliability. Deploying a repackaged MSI application without testing it first can have catastrophic results. AdminStudio provides a complete suite of automated QA tools to ensure the applications you deploy install smoothly and work flawlessly. Download AdminStudio today!

==== Instant Poll ====

Results of Previous Poll
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Do you plan to roll out Windows XP Service Pack 2 (SP2) to users as soon as it becomes available?" Here are the results from the 356 votes:
- 42% Yes
- 50% No
- 7% I'm not sure

(Deviations from 100 percent are due to rounding error.)

New Instant Poll
The next Instant Poll question is, "Can you access enterprise applications from your mobile device?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, b) No.

====4. Resources ====

Tip: When should I manually defragment a domain controller (DC)?
by John Savill,

An online defragmentation of the Active Directory (AD) database occurs during the AD garbage collection process that runs every 12 hours by default. This defragmentation optimizes the database's structure but doesn't shrink the database's size. If you've deleted a large number of records from AD or, more likely, you've disabled a DC as a Global Catalog (GC) server and you have multiple domains, AD might benefit from an offline defragmentation to shrink the physical size of the AD database.

==== Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: )

We're Bringing the Experts Directly to You with 2 New IT Pro Workshop Series On Security and Exchange
Don't miss two intense workshops designed to give you simple and free tools to better secure your networks and Exchange servers. Discover how to prevent hackers from attacking your network and how to perform a security checkup on your Exchange deployment. Get a free 12-month subscription to Windows & .NET Magazine and enter to win an Xbox! Register now!

==== 5. New and Improved ====
by Angie Brew, [email protected]

Easily Work with Compressed Formats
Whirling Dervishes and Neobyte Solutions released Alpha ZIP, a .zip file compression and extraction utility that lets you access and carry out all .zip file-related operations from within Windows Explorer. The integrity check feature lets you verify whether a file is healthy. Alpha ZIP features support for self-extracting files, the ability to compress and email files simultaneously, integration with virus scanners, and easy conversion between different file formats. Alpha Zip can create .zip, .7z, .gz, .jar, .lha, .lzh, .cab, .tar, .uue, and .xxe files, and it can also read and extract from .ace, .arc, .arj, .rar, and .zoo files. Alpha ZIP supports Windows XP/2000/NT/98 and costs $29.95 for a single-user license.

Type with One Hand
FrogPad released a left-handed version of FrogPad, its one-handed, ergonomic keyboard. FrogPad is one-fifth the size of a traditional keyboard and is designed around the 15 most-frequently used letters in the alphabet; those letters are placed in the most efficient places on the keyboard. The product's layout encourages correct ergonomic posture. The device is 5" x 3.5" x 4" and weighs 4.9 ounces, but the keys are the same size as the keys on a standard keyboard. You can purchase the FrogPad with Bluetooth compatibility. The product is a standard USB Plug and Play (PnP) keyboard and is compatible with PCs, Tablet PCs, desktops, laptops, Linux systems, and Macintosh systems. For pricing, contact FrogPad at 713-960-9611.

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Links ====

Comparison Paper: The Argent Guardian Easily Beats Out MOM;6480843;8214395;q?

Free Download--New - Launch NetOp Remote Control from a USB Drive;9571671;8214395;t?


==== Contact Us ====

About the newsletter -- [email protected]
About technical questions --

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring UPDATE -- [email protected]


==== Contact Our Sponsors ====

Primary Sponsor:
Argent Software -- -- 1-860-674-1700

Secondary Sponsor:
TNT Software -- -- 1-360-546-0878

Hot Release:
InstallShield --


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

View the Windows & .NET Magazine Privacy policy at Windows & .NET Magazine a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.