© 2003 Microsoft Corporation. All rights reserved.
How to Use These Notes |
Back to Top |
Welcome to the release notes for the Windows Server 2003 family. These release notes contain important information that was not available when the documentation for the Windows Server 2003 family was written. The Windows Server 2003 family includes the following products:
Release notes that start with a list of products apply only to the products that are listed with the note. All other notes apply to all products in the Windows Server 2003 family.
In addition to this file, you should read several other files in the \Docs folder on your operating system disc:
You can find additional information at the Web sites that are listed at the end of this document.
Applications |
Back to Top |
Products: Windows Server 2003, Enterprise Edition (64-bit version only); Windows Server 2003, Datacenter Edition (64-bit version only)
These products do not support most 16-bit applications.
Most 32-bit applications that use 16-bit Microsoft ACME Setup versions 2.6, 3.0, 3.01, and 3.1 and InstallShield versions 5.x install correctly.
No 32-bit applications that are installed by other 16-bit setup programs are supported. If you try to install one of these applications, the message "\Setup.exe is not a valid Win32 application" appears, and the setup program closes without installing or starting the application.
Products: Windows Server 2003, Enterprise Edition (64-bit version only); Windows Server 2003, Datacenter Edition (64-bit version only)
These products do not support 32-bit device drivers. Applications that depend on 32-bit device drivers will not function correctly and might cause an error during installation or operation. Most 32-bit antivirus programs are affected and should not be installed on computers that are running these products.
If Windows does not start after you attempt to install a 32-bit driver, start the computer using the last known good configuration as follows:
Note
Completing this procedure provides a way to recover from problems such as a newly added driver that is incorrect for your hardware. It does not solve problems caused by drivers or files that are corrupted or missing. When you start the computer using the last known good configuration, only the information in the registry key HKLM\System\CurrentControlSet is restored. Any changes that you have made in other registry keys remain.
Products: Windows Server 2003, Enterprise Edition (64-bit version only); Windows Server 2003, Datacenter Edition (64-bit version only)
The 64-bit version of Internet Explorer will not load 32-bit Web components from Microsoft, such as the MSN® Money Ticker, or 32-bit Web components from companies other than Microsoft. To load these components, use the 32-bit version of Internet Explorer.
To open the 32-bit version of Internet Explorer, click Start, click All Programs, and then click Internet Explorer (32-bit).
Products: Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition (32-bit version only)
These products provide inbox support for Speech Application Programming Interface (SAPI) version 5.0 engines and programs. To avoid loss of functionality in Microsoft Agent applications that use SAPI version 4.0 speech input and/or output engines, you must install SAPI version 4.0a run-time support and then reinstall the SAPI version 4.0 speech engines, even if they were working with Microsoft Agent before you upgraded. To install SAPI version 4.0a run-time support, click here.
Products: Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition (32-bit version only); Windows Server 2003, Datacenter Edition (32-bit version only)
You cannot install Exchange Server 2000 on a server that is running any product in the Windows Server 2003 family.
Installing a beta release of Exchange Server 2003 on a server that is running one of these products is supported in test labs but not in production environments. You can use a beta release of Exchange Server 2003 in Active Directory® forest environments in which all domain controllers are running products in the Microsoft Windows 2000 Server family. However, you must have at least one domain controller that is running one of the products listed for this note to access all of the new features of that beta release. For information about which features have this requirement, see the online Help for the beta release that you want to use and the document, Microsoft Exchange Server 2003 Getting Started Guide, which ships with beta releases of Exchange Server 2003. Beta releases of Exchange Server 2003 are available from the Microsoft Exchange Server Web site.
If you upgrade a domain controller or a global catalog server to one of the products listed for this note, any Exchange servers in that domain must be running Exchange Server 2000 with Service Pack 2 or Service Pack 3.
Change and Configuration |
Back to Top |
To simplify domain management, you should redirect the default locations for newly created user and computer accounts from the common name to organizational units within the domain. You must redirect these locations if you want to apply Group Policy settings. For details about how to redirect these locations, see article 324949, "Redirecting the Users and Computers Containers in Windows Server 2003 Domains" in the Microsoft Knowledge Base.
Clustering |
Back to Top |
Products: Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition
To modify the cluster security descriptor on a cluster that is running either of these products, you must use Cluster Administrator on a server that is running one of these products or that is running a product in the Windows 2000 Server family with Service Pack 2 or Service Pack 3. If you try to use a server that is running a product in the Windows 2000 Server family or a product in the Windows 2000 Server family with Service Pack 1, the following message appears when you try to save changes:
"Access to the cluster can be granted/denied only to domain users and groups. Please use the Security tab to remove the local users or groups."
For more information, see article 812875, "A Computer running Windows 2000 Cannot Administer the CSD Using the Cluster Administration Utility" in the Microsoft Knowledge Base.
Products: Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition
After you upgrade a cluster node from Windows 2000 to one of these products, you must log on with an account that is a member of both the Domain Admins group and the Administrators group on each cluster node before you can restart the Cluster service. This step is required even if the Domain Admins group is already a member of the Administrators group on each cluster node.
If you log on with an account that does not meet these criteria and then try to start the Cluster service, the following message appears in the Event Log:
"Volume Shadow Copy Service error: The process that hosts the writer with <name> and <ID> does not run under a user with sufficient access rights. Consider running this process under a local account which is either Local System, Administrator or Backup operator."
Products: Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition
If you upgrade a cluster from Microsoft Windows NT Server 4.0 to one of the listed products, you cannot, by default, save changes to a cluster security descriptor.
If you are editing a descriptor using Cluster Administrator, the following error message appears when you try to save your changes:
"The SYSTEM account must always have access to the cluster. Please use the Security tab to add the SYSTEM account."
If you are editing a descriptor using the cluster.exe command-line utility, the following message appears when you try to save your changes:
"The SYSTEM account must always have access to the cluster. Please grant access to the SYSTEM account."
To resolve this issue, see article 812876, "Clusters That Are Upgraded from Windows NT 4.0 Do Not Contain the System SID in the Security Descriptor" in the Microsoft Knowledge Base.
Note
To upgrade from Windows NT Server 4.0 to a product in the Windows Server 2003 family, Service Pack 5 or Service Pack 6a must be installed first.
To use Network Load Balancing Manager to manage servers through a firewall, you must set up your Distributed Component Object Model (DCOM) to use a specified range of ports and then configure the firewall to allow traffic through those ports as described in the white paper, Using Distributed COM with Firewalls on the Microsoft Web site. You must also either allow ICMP Echo Requests to pass through the firewall or start Network Load Balancing Manager with the /noping option. (At a command prompt, type nlbmgr.exe /noping.) For more information about using the /noping option, see the topic "Nlbmgr" in Help and Support Center.
If you do not follow these procedures, the error message "The RPC server is unavailable" or "Host unreachable" will appear.
Directory Services |
Back to Top |
When using the Active Directory administration tools that are included with the Windows Server 2003 family to access domain controllers in a Windows 2000 domain, you must upgrade the domain controllers to Windows 2000 Service Pack 3 or you must revert to the default client policy for Lightweight Directory Access Protocol on the computer where the Active Directory administration tools are installed.
For more information, see article 325465, "Windows 2000 Domain Controllers Require SP3 or Later When Using Windows Server 2003 Administration Tools," in the Microsoft Knowledge Base.
Internet Services |
Back to Top |
Products: Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition
Because of increased security measures, the World Wide Web Publishing Service (WWW service) is not enabled by default in these products after you upgrade from the Windows 2000 Server family with IIS 5.0 unless you have completed one of these steps described for IIS 6.0 in read1st.txt (in the /Docs folder on the operating system disc) before upgrading. If you did not complete the steps described, you can enable and start the WWW service by using the Services snap-in:
Ensure that all unnecessary IIS features have been removed or disabled and that the enabled features are configured with the highest security settings that your organization can support.
For more information, see the topics "What’s Changed" and "Security Best Practices" in IIS 6.0 Help.
Products: Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition (32-bit version only); Windows Server 2003, Datacenter Edition (32-bit version only)
You cannot run SQLXML (XML support for Microsoft SQL Server 2000 databases) and Universal Description, Discovery, and Integration (UDDI) Services on the same computer because SQLXML requires Internet Information Services (IIS) 5.0 isolation mode and UDDI Services requires IIS 6.0 worker process isolation mode.
Do not install SQLXML and UDDI Services on the same computer.
The Windows Server 2003 family does not support Active Server Pages that use the mail object Collaboration Data Objects for Windows NT Server (CDONTS.dll) if you perform a new installation. The Windows Server 2003 family includes Collaborative Data Objects for Windows 2000 (CDOSYS.dll), which replaces CDONTS.dll.
Microsoft recommends that you upgrade your Active Server Pages to use the new object.
Network and Communications |
Back to Top |
If you have configured a computer that is running a product in the Windows Server 2003 family as a mail server, you should not stop and restart the Simple Mail Transfer Protocol (SMTP) virtual server that is specific to the server that is running the POP3 service from IIS Manager in the Microsoft Management Console. Instead, you should stop and restart the SMTP service, either by using Services Manager or by using command-line tools.
If you stop and restart the SMTP virtual server rather than the SMTP service, all e-mail from the Internet will generate and send a Non-Delivery Report (NDR), and all internal e-mail will be sent to the SMTP Badmail folder. The SMTP and POP3 services will appear to run correctly, and no error message will appear. To restore functionality, you must stop and restart the Internet Information Services (IIS) service as described in the IIS 6.0 Help.
Security |
Back to Top |
The default settings in Internet Explorer are more restrictive in the Windows Server 2003 family than in earlier versions of Windows. When you upgrade, any settings that do not match the new default settings will be overwritten. These changes decrease the exposure of your servers to attacks that are launched through Web content. However, users will not be able to view many Web pages correctly when using the default security settings. For users to see these Web pages correctly, you must explicitly grant access. In addition, users will not be able to run executable files from Universal Naming Convention (UNC) shared folders until you have added the shared computer to the Local intranet security zone in Internet Explorer.
For more information about security settings in Internet Explorer, see the online Help for Internet Explorer Enhanced Security Configuration on a computer that is running a product in the Windows Server 2003 family:
The online Help includes instructions for changing the security settings in Internet Explorer. To change these settings, you must log on as a member of the Administrators group on the computer for which you want to change settings.
Because of changes to default security settings in Internet Explorer, users might not be able to download updates from the Web to their computers. To download updates from the Microsoft Download Center, from the Web sites listed in Microsoft security bulletins, or from other download sites, users might need to add these sites to the Trusted Sites zone in Internet Explorer. If a Group Policy setting prevents users from adding sites to the Trusted Sites zone, administrators might need to configure another Group Policy setting to add the required sites.
For more information, see the online Help for Internet Explorer Enhanced Security Configuration as described in the previous note.
Additional Resources |
Back to Top |
To review the most recent hardware and application compatibility information and to find other products that Windows supports, see the Windows Catalog Web site.
To search for technical support information and self-help tools for Microsoft products, see the Microsoft Knowledge Base.
To obtain the latest product updates, see the Windows Update Web site.
Copyright |
Back to Top |
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
© 2003 Microsoft Corporation. All rights reserved.
Microsoft,
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.