NT 4.0 Service Pack 4 contains so many changes, Microsoft should have called it NT 4.1.
Full of Goodies, and Then Some
NT 4.0 Service Pack 4 contains so many changes, Microsoft should have called it “NT 4.1.”
Like a parking spot on a crowded street or a favorite
relative who lives across the country, we've waited long
for it, and now it's here. Microsoft posted the Windows
NT 4.0 Service Pack 4 on October 21, more than a year
after Service Pack 3 came to the rescue of the late and
Let's be realistic. We're talking about a service pack
for an operating system, not the solution to world peace
or the antidote for Regis and Kathie Lee. Still, you may
find compelling reasons to install this service pack on
both personal and business systems after some careful
planning and even more careful backups.
First and foremost, SP4 contains new fixes for more than
650 NT 4.0 bugs, ranging from security holes to DNS hiccups
to Blue Screen of Death showstoppers.
Secondly, there are a number of enhancements to NT's
core functionality riding along in this service pack.
I imagine we can thank the slip in ship date for NT 5.0uh,
Windows 2000for a number of these. I'll go over
some in greater detail (though you'll get far more information
from the readme file and other articles at www.microsoft.com),
but for now, let's say that were Win2K's release and revenue
not so close in time, Microsoft could probably get away
with calling SP4 Windows NT 4.1. There are no grand leaps
in the capabilities of the OS involved, but the sum of
the small improvements is certainly significant, and goes
well beyond any NT service pack that I can recall.
Before diving into the content, let's go over the several
flavors of SP4, where to get them, and the procedures
for installing them.
Geez, I wish I could give you one URL and tell you, "The
service pack's here. Download it and run the executable."
No such luck. There's more than one site, more than one
executable, and more than one way to install SP4.
First, do you want to download the file and then install
it, install it directly from the Web, or run it from CD?
If the latter, you can order it by mail, online, or by
calling Microsoft at 800-370-8758 in the U.S. Cost is
$15.95 plus $5 shipping and handling. Canadian residents
can order by mail, and their cost is CDN $19.95 plus $7.50
shipping and handling. If you can wait for the media to
arrive, you'll get some bonuses-the CD contains utilities
not available in the downloadable versions. SP4 didn't
make it into the November TechNet, so look for it in the
December mailing. Full details for all the downloads can
be found at www.microsoft.com/ntserver/nts/downloads.
And which version are you ordering? SP4 comes in 40-
and 128-bit encryption flavors. The 128-bit version is
for use in the U.S. and Canada only; to get that version
elsewhere, you'll need a U.S. Commerce Department export
license (the 40-bit version is approved for export.).
If you download the 128-bit version, you'll be required
to fill out an online form with your name, address, and
phone number, and you won't be allowed to download until
the site determines that your Internet gateway is in fact
in the U.S. or Canada. You also have a choice of Intel
x86 or Alpha versions.
If you're downloading, do you want to install from the
Web site or dump the entire executable onto your system
before running it? You'll save some bytes in download
if you do a Web-based install, but is that worth not having
the full package on your system, just in case? If you're
putting the SP on a personal system and you don't mind
taking some risks, go ahead. But if it's going on a box
with any kind of business purpose to it, I'd strongly
suggest downloading the complete service pack-suppose
you need to reinstall and can't get back to the Web site?
OK, 40- or 128-bit? X86 or Alpha? CD, Web-based install,
or full download and install? Enough choices for you?
We're not done yet. There's also a Year 2000 Service Pack
4. This is more than 70M in size, more than twice the
size of the basic service pack, and contains Y2K fixes
for NT 4.0 Option Pack elements, including SP1 for Internet
Explorer 4.01 and Microsoft Data Access Components (MDAC).
If you're not certain whether all your Microsoft code
is Y2K compliant, the regular SP4 will tell you which
Y2K pieces you need. For instance, my test system needed
the updates for both IE and MDAC, but I didn't have to
pull down the full Y2K SP4, since both files were available
as separate downloads.
Once you've got whatever SP4 you're using on your system,
the upgrade is a matter of kicking off the executable,
following some basic prompts, and letting it reboot your
system. My DEC P200 MMX took the upgrade cleanly and rebooted
with no errors; the entire procedure took less than 10
I'll be focusing on the enhancements here. Frankly, SP4
has so many bug fixes that I wouldn't know where to begin.
I'd suggest you look up Knowledge
Base Article Q150734 at microsoft.com for the complete
listing. Remember that NT service packs are cumulative;
SP4 also contains all the bug fixes from SP1, 2, and 3.
The enhancements are kind of all over the map, not focused
on one particular area of the OS. As I mentioned earlier,
some of them aren't in the downloads; you'll have to wait
for the CD to try them out. I'll go through the fixes
by general category.
SP4 includes several changes to NT's TCP/IP suite. Internet
Group Management Protocol (IGMP) version 2 lets a system
inform a router that it's leaving a group. The net result
is fewer packets on the wire. DNS is changed to provide
a workaround for proxies and firewalls, which disable
DNS on port 53, to prevent outsiders from querying an
organization's internal name service structure. The service
pack lets you set another port number for outbound DNS
requests. WINS, which always makes me just a little bit
nervous, gets some improvements in both its code and interface,
including the ability to manually remove dynamic records.
Microsoft claims increased security and performance for
its Point-to-Point Tunneling Protocol, PPTP, but only
if the systems on both sides of a tunnel are running the
SP4 updates. DHCP gets an internal rework to clear up
bugs. On the API side of the fence, SP4 includes version
2.1 of TAPI, the Telephony API, and an update to the IP
Helper API, IPHLPAPI (don't ask me how to pronounce that!)
so that Win32 applications can communicate with a TCP/IP
stack to receive configuration data.
Following along its Windows DNA path, Redmond introducesanother
protocol! Tunneling TCP lets you avoid firewall issues
for DCOM communications by letting them use the HTTP port
(you'll sometimes hear this feature referred to as "DCOM
over HTTP"). This has interesting implications for
n-tier development, especially in the extranet space,
and I'm personally interested in seeing just how strong
the implementation is. Visual Studio receives an update
called Visual Studio Analyzer Events, which graphically
displays application behaviors and performance, and Visual
Basic's ability to use Remote Procedure Calls is boosted
with support of a User Data Type for Access databases.
The service pack also addresses accessibility issues via
several more new APIs.
For those of you who weren't aware, NTFS is due to evolve
in Win2K (if I keep writing that enough, I'll get used
to it). Service Pack 4 updates ntfs.sys to be able to
read the new NTFS version 5 partitions, though it doesn't
provide the full functionality of the new version. If
you're going to be moving to Win2K when it comes out,
you'll need this feature for interoperability's sake.
This isn't a big deal for personal systems in the U.S.,
but if your NT boxes do any kind of international financial
transactions, you'll be pleased to know that SP4 adds
the Euro symbol to the Arial, Courier, and Times New Roman
fonts and the NT keyboard drivers.
Along with fixes for various security holes. SP4 claims
to beef up OS authentication and session security through
NTLM version 2 and requires that administrators be explicitly
given permission to manage the Security Log. There are
also enhancements to the secure channels used by workstations
and member servers to communicate with domain controllers,
and by DCs to communicate with each other. Included on
the CD (in other words, not out yet) is Microsoft's Security
Configuration Manager, which enables finer control of
security configurations for your NT organization. In months
past, this utility was rumored to be not at all compatible
with NetWare NDS, so be cautious before deploying it in
environments where the two OSs coexist.
SP4 includes a useful addition to the event log service:
new events (which show up in the System Log) indicating
whether a system has been shut down clean or dirty ("just
press the big red button, Joe!"). Think of it as
a truth detector. There's also a utility to monitor the
size of user profiles. Most notably, SP4 includes the
Windows Management Interface, or WMI, a mechanism for
system and application management based on the Common
Information Model standard. WMI provides an API for programmers,
flexibility in the "just write a new provider"
context, the ability to interact with third-party management
applications, and accessibility through VB, or at the
command line via the Windows Scripting Host.
But Wait, There's More
I could go on, but let's close this features section
with notes about some other tools and toys. The enhanced
chkdsk utility has a couple of extra switches for NTFS
volumes. On the CD, Microsoft throws in an update of NetShow
Services for NT Server, more finely tuned for enterprise
use or for ISPs. You'll also find PCI and EISA drivers
for Compaq fiber storage devices. Also on the CD: Windows
Media Player, the all-in-one viewer/player for audio and
video files. And what would a 1998 Service Pack be without
a whole buncha Y2K fixes (these are in addition to the
Option Pack fixes in the Year 2000 versions of SP4)? User
Manager/UM for Domains finally recognizes 2000 as a leap
year; you can update the system clock from the Control
Panel Date/Time applet, DHCP Manager lets you use two-digit
references for 2000 through 2009, and Word gets some help
in handling the millennium change.
Whew! That's the problem with doing an article like this-you
have to fight the tendency to spew back the readme file
verbatim, but at the same time, you feel compelled to
summarize it. The readme is particularly important with
this service pack, which has been in extensive Beta and
Release Candidate testing; not just because it's a summary
of what's new and improved, but because (in the grand
NT tradition), SP4 comes complete with its own documented
bugs! So without further ado:
What Don't Work (Officially)
Let's start with what's in the documentation. If you
find yourself using your SP4-built Emergency Repair Disk
to fix a whacked system, you're going to have to copy
the setupdd.sys file from SP4 to your original NT Setup
Disk 2 media. Strong advice: If you install SP4, get that
copy out of the way ASAP, just in case. Don't forget to
reinstall the service pack after you reinstall NT. And
when you install new NT componentsservices and the
likeyou should reinstall SP4. Heck, just reinstall
it whenever you breathe too deeply while in the same zip
code as the system!
Sorry, too much caffeine, deadline and all that.
As Elmer Fudd might say, "Be vewwy, vewwy quiet"
when installing SP4 on a box with a Number Nine Imagine
2 video card. You may (and the documentation isn't more
specific than that) end up with a 16-color screen palette.
On Alpha systems running Remotely Possible 32 with a
Matrox Millenium adapter, stay away from Matrox video
drivers when you install SP4. Make sure you're running
vanilla VGA; otherwise, you'll end up with a nice glowing
blue screen in time for the holidays.
Watch out if you've got a Dell Latitude laptop. Your
Softex APM and PC Card services might cause your system
to become, uh, unusable if you load SP4. Check the readme
for the specific versions of the Softex code with these
There are a few other third-party product issues mentioned
in the readme, including Inoculan, Norton CrashGuard,
Hummingbird Exceed's telnet daemon, NuMega's SoftICE,
and Rational's Visual Quantify.
Separate articles on two other bugs are already in the
Microsoft Knowledge Base. Installing SP4 on a system with
Insyde Software's PowerProfiler software can cause an
eensy driver conflict and another of those pretty blue
screens. Insyde has updated drivers. Don't move the SP4
update.exe file out of the directory that it is extracted
toyou'll get a permissions error message if you
try to run it.
And please note that SP4's uninstall is more like an
procedure. Uninstall won't touch the updated
versions of SChannel and the CryptoAPI. Some of the NTLM
security changes SP4 makes have uninstall consequences
as well, especially if you uninstall SP4 and then try
to reapply another service pack. This is because SP4 actually
modifies the SAM and Security databases. Older versions
of some key files won't be restored when removing SP4,
and you should definitely not overwrite the Samsrv.dll
and Winlogon.exe files when popping in an older service
pack, if you have any intention of actually logging onto
What Don't Work (Anecdotally)
A short stroll through some interesting Web sites and
Usenet groups (including some on Microsoft's Usenet server)
resulted in an engaging array of comments, rants, kvetches,
and notes about SP4's performance and impact. Several
users complained about the service pack causing a noticeable
decrease in disk performance, others about corrupt files
hanging the upgrade. A user reported problems with Windows
95 DHCP clients after installing SP4 on their server.
I've seen reports of increased BSDs after the SP4 install
and of driver incompatibilities. Some versions of Ghost
have run into problems, as has Informix and Stac's ReachOut
It's quite difficult to put these bug reports into their
proper perspective, mostly because no one has any idea
how many people have actually installed Service Pack 4
to date. Other magazines and online news sources may be
trumpeting banner headlines about All The Problems With
SP4 Spell Doom and Gloom for Microsoft, but I can't fathom
that anyone could actually figure out what percentage
of the install base has run into difficulties. This is
where the shell that remains of journalism today looks
so deeply sad. Yes, there are problems with this SP just
like all the others, but can anyone whose name isn't The
Amazing Kreskin (did you know that's his legal name?)
come up with a percentage or absolute number of users
who are having these problems so soon into the game?
I have no interest in apologizing for Microsoft. If they've
let loose a turkey in the ignoble tradition of NT 4.0
Service Pack 2, we'll find out soon enough. For now, my
advice is to pull down the Readme file and decide whether
the fixes and enhancements in SP4 are sufficiently compelling
for you to install the pack. If so, do some online searches
that include your system name and key hardware and software
components and SP4 and see if you turn up any bug reports
or similar nasties. Check out Usenet groups with NT in
their name for SP4 postings. Do the highest level of backup
you're capable of before installing the pack. If you're
considering SP4 for business or enterprise distribution,
put it through its paces on a test system before moving
it into production.
Finally, take notes and let Microsoft and other users
know about any problems you run intoand don't forget
to e-mail us here at MCP Magazine, even if all
you want to say is that SP4's running just fine.
Good luck and don't forget to write.