March 1999

Introducing the NT 4.0 Service Pack 4

In October 1998, Microsoft released the latest collection of patches, fixes, updates, and upgrades to the Windows NT 4.0 operating system (OS), Service Pack 4 (SP4). This service pack, available from the Microsoft Web page shown in Figure A, contains a number of significant advancements including enhancements in security, management, and networking.

Figure A: Go to the Microsoft Web site for the latest Service Pack for Windows NT 4.0.


It also contains fixes for known Year 2000 (Y2K) issues as well as support for the Euro--the proposed single currency of the European Union.

In this article, we'll show you the ways you can get the service pack and how to install it on your system. In addition, we'll take a closer look at just what's in this latest group of fixes from Microsoft. Finally, we'll look at some of the problems that have been reported, and where you can look for help if something goes wrong in your own upgrade. CD-ROM, Web install, or traditional download There are three ways to acquire SP4. First, you can order a CD-ROM directly from Microsoft. Next, you can install SP4 directly from the Web using Microsoft's Web-based installation program. Finally, you can download the entire service pack the old fashioned way, using FTP. Getting the CD-ROM To order the CD-ROM from Microsoft, you'll need to pay $14.95 plus $5 shipping and handling ($19.95 plus $7 in Canada). You can call Microsoft at (800) 370-8758 or fax an order to (716) 447-7330 requesting part number 236-01176 for the North American (128-bit) version. You can also mail in an order to the following address:

Microsoft NT Service Pack 4
PO Box 1095
Buffalo, NY 14240-1095

or by mail in Canada:

Microsoft NT Service Pack 4
PO Box 643
Fort Erie, ON L2A6M1

International customers can order SP4 directly through their local Microsoft Subsidiary. It's important to note that Microsoft will only distribute the 128-bit version of the service pack to North American users.

Installing directly from the Web If you want to install SP4 on just one NT machine, you might save some time by installing the service pack directly from the Web. Using the Web install program, you only need to download the files that are needed to update your system. To do this, log on to your NT system as a user with Administrator privileges and point your Web browser to

www.microsoft.com/ntserver/nts/downloads/recommended/
nt4svcpk4/nt4svcpk4.asp

You'll need to use Internet Explorer (IE) 3.02 or later to install directly from the Web.

Next, find and click the Download Windows NT 4.0 Service Pack 4 link and then click the Click Here To Start The Service Pack 4 Download Process Now link. Next, you must determine which version of the service pack you can download. If you're a North American user, select the link for the 128-bit version. If you're an international user, choose the 40-bit link.

Note:
If you're trying to download the 128-bit version of SP4, Microsoft must determine that your IP address comes from a domain that's located in North America. If you're connecting to the Microsoft Web site from behind a firewall, you may not be able to download the North American version of the service pack.

Next, read and accept the Microsoft License Agreement by click on the I Accept link at the bottom of the page. Click the link specifying you're using IE 3.02 or later and then click on the Web-based Installation link. Select the download site that's closest to you for the platform you need. This will launch the File Download dialog box. Select Open This File From Its Current Location, as shown in Figure B, and click OK. This will download and execute the Web-based installation program.

Figure B: You can run the install program immediately after download by selecting Open This File From Its Current Location.


After the installation program executes, it will display the Windows NT Service Pack Setup dialog box. You must check the Accept License Agreement check box, and it's a good idea to leave the Backup Files box checked as well, as shown in Figure C.

Figure C: Creating the backup files might require 40MB of disk space, but it could save you a lot of time.


Click Install to begin the process. The program will then inspect your system and begin file download. The dialog box, shown in Figure D, will display the progress of the download, as well as give you an estimation of the time remaining.

Figure D: This progress dialog box lets you know when the download will be completed.


Occasionally, the install program may prompt you to overwrite a file with a dialog box like the one shown in Figure E.

Figure E: The SP4 installation may ask you if you wish to overwrite files that were installed by the computer manufacturer or other third-party software.


In most cases, you should be able to use the files that come with the service pack. Once the install is complete, you'll be prompted to restart your system to finish the install.

After you reboot your system, you may be presented with a dialog box containing a list of programs that aren't Y2K compliant. A text file named Y2K.txt containing information on how to update any known Y2K bugs is placed in your winnnt/system32 directory. Refer to it for further upgrade instructions.

Traditional download If you plan on upgrading more than one system, it's a good idea to download the entire service pack once and then install it on each of your systems from a machine that's local to the network. Again, point your Web browser to

www.microsoft.com/ntserver/nts/downloads/recommended/
nt4svcpk4/nt4svcpk4.asp

this time using any Web browser you choose. Follow the same directions as above, but this time, instead of the Web-based Installation, choose the Traditional Download. Save the file to a local machine--preferably a network share--so you can later access it.

Next, log on to the system you wish to update as a user with Administrator privileges and run the SP4 install program you just downloaded. The program will run just as described above, but hopefully a bit quicker since you won't need to rely on your Internet connection to download the files. When the install program has finished, you'll need to restart your system.

Again, after restart, you may be urged to download additional software to fix the Y2K bugs on your system. If you're upgrading a number of NT systems, it might save you time if you downloaded the complete Year 2000 Service Pack 4. This contains all of the Y2K fixes as well as everything contained in the traditional download package. It is, however, 76MB, so you might need to let it download overnight (or over the weekend).

Note:
Even if you download the entire Year 2000 Service Pack 4, you won't get everything available on the CD-ROM. The CD-ROM version of the service pack comes with additional hardware support, as well as upgrades for certain software packages.
What have I done? Now that you've upgraded your NT system, just what have you fixed, patched, upgraded, and improved? To start, SP4 includes all updates and enhancements that have been made to NT 4.0 since its release. It contains all of the fixes, patches and updates available in SP3, SP2, and SP1. This means you can go from a fresh install to SP4 without worrying about missing any fixes. A complete list of fixes is available on the Web page where you downloaded the service pack Next, SP4 promises three key features: it will improve the reliability of Windows NT 4.0 immediately, it will improve the infrastructure management capabilities of NT 4.0, and it will prepare your system for the year 200 and Euro currency. Finally, SP4 provides new technology and utilities to improve the way you work on NT today. We'll take a look at some of the more important improvements next.

Management enhancements When you install SP4, you get three enhancements to NT administration: user profile quotas, new events in the system log, and the Windows Management Instrumentation. Let's look at each of these new additions.

The PROQUOTA.EXE utility installed with SP4 allows you to monitor the size of your user profile. If a limit has been set and the user exceeds the limit, he won't be able to log off the computer until he has removed some files and is below the limit.

SP4 will also cause NT to log three new events in the system log. These events are Clean Shutdown, Dirty Shutdown, and System Version. These events can be used to track uptime of your NT system.

The final management enhancement is the installment of the Windows Management Instrumentation (WMI). This improvement brings together the management data from the hardware, drivers, and applications and puts the data in a consistent information store. Used in conjunction with Web-Based Enterprise Management (WBEM), the Desktop Management Task Force (DTMF), and the Common Information Model, the WMI provides a powerful solution for management problems.

Security enhancements SP4 gives you four security improvements: the Security Configuration Manager, NTLMv2 Security, Secure Channel Enhancements, and the Even Log Security Privilege fix. Next, we'll look at each briefly.

The Security Configuration Manager (SCM) allows administrators to apply security configurations for NT Server and Workstation systems. In addition, SCM can also perform security inspections and locate any degradation in system security.

SP4 gives you an enhancement to the NT LAN Manager (NTLM) security protocols named NTLMv2. This update significantly improves the authentication and session security mechanisms of NTLM.

Next, SP4 provides an enhancement to the secure channel protocols used by member workstations, servers, and domain controllers to communicate with each other. In addition to the authentication previously available, you can now encrypt these communications as well as check their integrity.

Finally, SP4 fixes a bug in the Event Log service, which allowed users without the Security privilege to view and manage the security event log. This means that users of the Administrator group won't be able to manage the security log unless they're specifically granted the Security privilege.

Networking enhancements Some of the most impressive improvements come in the area of networking. Among the enhancements are improvements to the Telephony API (TAPI), Microsoft Routing and Remote Access Service, Point to Point Tunneling Protocol performance and security updates, DCOM/HTTP tunneling and the Internet Group Management Protocol v2.

Microsoft Routing and Remote Access Server (RRAS) provides advanced routing and internetworking capabilities. It allows networks that are separated geographically to work on the same network using routing, remote access, and virtual private networks (VPNs). SP4 automatically updates your system if RRAS is already installed.

New performance and security upgrades to the Point to Point Tunneling protocol (PPTP) are also included in the service pack. It's important to note that both the client and server must be running the updated version of PPTP to get the benefits of the upgrade.

SP4 configures your system to allow Distributed COM (DCOM) communication to cross firewalls using the HTTP protocol. This new protocol, known as Tunneling TCP is designed for high performance, using the existing open ports in the firewall.

Finally, the Internet Group Management Protocol (IGMP) v2 installed with SP4 allows a computer to inform its router that it's leaving the group. This update enables a router to determine if all members have left a group and then discontinue forwarding multi-cast packets on to the link. IGMP comes in very handy when users are frequently joining and leaving groups.

Other enhancements SP4 also contains a number of other enhancements and upgrades. Table A lists a few of the more important ones. Some of the additions are only available on the CD-ROM, or by additional download.

Table A: Additional enhancements and upgrades
Type Enhancement Description
Network Remote Winsock (DNS/Port 53)Provides a solution to change the Windows NT DNS server port number and configure it to use a different port when connecting outbound.
Network WINS improvements Provides manual removal of dynamic WINS database records, multi-select operations for WINS database records, and burst mode handling for WINS servers.
Interoperability NTFS 4 and 5 support Provides support for both NTFS 4 (NT 3.51 and 4.0) and NTFS 5 (Windows 2000).
Interoperability Microsoft File and Print Service for NetWare (FPNW) support for Client 32 Allows NT 4.0 to act as a NetWare 3.x Server which is able to process file and print requests from NetWare clients without changing or updating the client software. (Only for systems with FPNW already installed.)
Media Technology NT Server NetShow Services Provides an updated version of NetShow services enabling delivery of high quality audio and video across the Internet and corporate networks.
Media Technology Windows Media Player Provides a media player that supports most local and streaming multimedia file types including WAV, AVI, QuickTime, RealAudio 4.0, and RealVideo 4.0.
Application Remote Procedure Call (RPC) enhancements for Visual Basic (VB) Provides VB enhancements to support a User Data Type allowing the TypeLib arrangement of structures.
Application Visual Studio Analyzer Events Provides a graphical representation of high level behaviors in Visual Studio. Use Visual Studio Analyzer Events to view graphically simple tables of event logs, system performance, and NT performance monitor.

In addition, SP4 provides patches and fixes for the following components: Internet Information Server (IIS), Index Server, Certificate Server, Microsoft Transaction Server (MTS), Message Queue for Windows NT, Message Queue for Windows 95 Client, Simple Mail Transport Protocol (SMTP), and Network News Transport Protocol (NNTP). SP4 also comes with Internet Explorer 4.01 with Service Pack 1.

What can go wrong? A few problems have already been reported for SP4, but by and large it has been a very successful release for Microsoft. One very good resource for learning about the problems with the service pack, as well as possible solutions, can be found on the Geo's Windows NT Tips site at

www.nthelp.com/

When all else fails, you can always uninstall SP4 by opening the Add/Remove Program utility in the Control Panel. Find the Windows NT 4.0 Service Pack 4 entry, as shown in Figure F, and click Add/Remove.

Figure F: Launch the Add/Remove Programs utility from the Control Panel to remove Service Pack 4.


You'll then see a confirmation dialog box, as shown in Figure G. Click Yes to restore your system to Service Pack 3, or whichever service pack you previously installed.

Figure G: Removing Service Pack 4 will revert your system to whichever Service Pack you previously installed.


Conclusion Whenever Microsoft releases these free enhancement, upgrade, and patch collections, it's a very good idea to test them on a few isolated servers before rolling them out to the entire organization. Although the initial reports look very good for Service Pack 4, make sure your servers, workstations, and networks will upgrade smoothly before attempting to install SP4 on all your systems.

Copyright © 1999, ZD Inc. All rights reserved. ZD Journals and the ZD Journals logo are trademarks of ZD Inc. Reproduction in whole or in part in any form or medium without express written permission of ZD Inc. is prohibited. All other product names and logos are trademarks or registered trademarks of their respective owners.