Notes from my field testing:
I have it on 5 machines at this point.
All 5 are behaving perfectly.
On all 5 I ran the new Security Configuration Wizard (SCW) which locks the machine down. Disables unneeded services.
When you run the SCW, it turns on and configures the firewall. This is the same product that comes with XP – SP2. In fact, a lot of SP1 looks and acts like XP – SP2, which should not surprise you.
When you run the SCW on a DC, be careful, our test environment got messed up by it. If you select:
If you check – Computers that have not been configured to use NTLMv2 authentication – then no one can long in. Not even a Windows Server 2003 – SP1 machine, unless you have set that PREVIOUSLY via a Group Policy Object (which I had not in my test network). So, make sure to uncheck it when you hit this screen. DOH. That one had me for 10-15 minutes J
You can always roll back and undo the SCW, it’s an XML file. Very user friendly.
SSL is supposed to be faster, though I have not tested that yet.
Windows Server 2003 SP1 SSL Improvements – I have been playing with it on our test boxes, so far so good. This article tells about a way to gain faster SSL!!!!
I only have it on one Exchange 2003 server, I applied the Hotfix and I was good to go.
I have also started testing SQL 2000 – SP3a, MIIS, IIS, DNS, WINS, etc.
Remember you can install SP1 with little or no trouble. I see problems when you run SCW and don’t fully understand the machine you configuring. Turing the firewall on and making sure it right is not an easy task (if the wizard is wrong).
I did notice a minor pain in the butt. Go link from event message no longer work or link back to MS properly: (only if you run the SCW, and oddly this is even with the Help and Support service still active).
Clicking the link above does nothing. That sucks, because I am seeing different things in the logs now. Like the above DCOM errors. I know why I am getting this error, the SCW turned off DCOM J
DOH! I guess SCW needs to tell the event log not log an error on something it turned off.
In case anyone is wondering, all of the above have been properly reported to Microsoft J