What's New in Windows Server 2003 Service Pack 2
Applies To: Windows Server 2003 with SP2
This document outlines some changes in functionality between earlier versions of the Microsoft® Windows Server® 2003 and Microsoft Windows® XP Professional x64 Edition operating systems, and Windows Server 2003 with Service Pack 2 (SP2) and Windows XP Professional x64 Edition with SP2. Examples and details are provided for several of the technologies that are experiencing the biggest changes.
Unless otherwise specified, these notes apply to the following versions and editions:
Windows Server 2003 with SP2
Windows Server 2003 R2 with SP2
Windows Server 2003 x64 Editions with SP2
Windows Server 2003 R2 x64 Editions with SP2
Windows Server 2003 for Itanium-based Systems with SP2
Windows XP Professional x64 Edition with SP2
A new event log event has been created to address certain situations in which the Cluster service account becomes excessively restricted by domain policy.
The new event ID is 1239. The event text includes troubleshooting information. You can also refer to article 871236 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkID=69284) for further information.
Data access components
XmlLite is new with Windows Server 2003 SP2. XmlLite is a fast, low-level, native XML parser with a small memory footprint. For more information, including the Programmer's Guide and API reference, see the MSDN Web site (http://go.microsoft.com/fwlink/?LinkID=69285).
New options have been added to the Dcdiag.exe Domain Name System (DNS) tests. These new options are /x and /xsl:xslfile.xsl or /xsl:xsltfile.xslt. They generate XML tags when the tests are run with the /test:dns option. You can use this new output mechanism to more easily parse the verbose log that the DNS tests generate.
To direct the XML output file to XMLLog.xml, use the /x option. For example:
dcdiag /test:dns /v /e /x:XMLLog.xml
Note: The /x: option only works with the /test:dns option.
To add the processing instructions that reference the specified style sheet, use the /xsl:xslfile.xsl or /xsl:xsltfile.xslt option. For example:
dcdiag /test:dns /v /e /x:XMLLog.xml; /xsl:xslfile.xsl
dcdiag /test:dns /v /e /x:XMLLog.xml; /xsl:xsltfile.xslt
Note: The /xsl:xslfile.xsl or /xsl:xsltfile.xslt option only works with the /test:dns /x:XMLLog.xml option.
Icacls.exe is an upgrade of the Cacls.exe tool in Windows Server 2003 SP2, and can be used to reset the access control lists (ACLs) on files from Recovery Console, and to back up ACLs. Also, unlike Cacls.exe, Icacles.exe correctly propagates the creation of inherited ACLs and changes to them.
Microsoft Message Queuing
The default storage limit for message queuing has been changed to 1 gigabyte (GB). If you choose to have a storage limit of more than 1 GB, you can change the storage limit setting in Microsoft Management Console (MMC) on the General tab of Message Queuing Properties.
Networking and communications
This version of Windows Server 2003 SP2 includes an update that enables you to simplify the creation and maintenance of Internet Protocol security (IPsec) policy. This update enables you to use an IPsec "Simple Policy". For most environments, the installation of this update allows you to reduce the number of IPsec filters that are required for a Server Isolation deployment or for a Domain Isolation deployment. You can reduce the number of IPsec filters from many hundreds of filters to only two filters. For more information about this update for Windows Server 2003 and Windows XP, see article 914841 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkID=69286).
Group Policy support for non-broadcasting networks and Wi-Fi Protected Access 2 (WPA2) settings has been added to the Windows wireless client in Windows Server 2003 SP2. This update allows the Windows wireless client to accept additional wireless Group Policy configuration options. These new settings include support for WPA2 parameters and non-broadcast networks.
The Windows wireless client now supports WPA2, which enables you to take advantage of high levels of standards-based connection and encryption security. New security features include:
Non-broadcast network profiles are now marked with a flag to improve the security of the Windows wireless client.
Windows will not automatically connect to a peer-to-peer network, even if it has been automatically saved in the preferred network list. You must manually connect to a peer-to-peer network profile.
- Non-broadcast network profiles are now marked with a flag to improve the security of the Windows wireless client.
Windows Deployment Services
Starting with this version of Windows Server 2003 with SP2, Remote Installation Services is replaced by Windows Deployment Services. You can use Windows Deployment Services to set up new computers through a network-based installation without having to be physically present at each computer and without having to install directly from DVD media. For more information about Windows Deployment Services, see the Windows Deployment Services Update Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkID=69289).