It was NT4 SP3 where Microsoft changed the format of the SAM to prepare for AD, wasn't it? And because NTLM had been cracked?
I had nightmares over that update for years.... From: [email protected] [mailto:[email protected]] On Behalf Of Andrew S. Baker Sent: Monday, December 15, 2014 11:17 AM To: ntsysadm Subject: Re: [NTSysADM] Patch pulled kb3004394 No, it's not new. It is very frequent. And, the the case of NT 4.0 SP2, I can still remember the pain that occurred with that deployment. In that case, a primary (but not only) source of conflict was 3rd party AV. The point of this discussion is increasing frequency of issues (even as we acknowledge growing complexity of systems). ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market... On Sun, Dec 14, 2014 at 9:39 PM, John Matteson <[email protected]<mailto:[email protected]>> wrote: Microsoft patches blowing up Microsoft servers/applications isn't anything new. Wasn't it NT 4.0 SP 3 that blew up servers that had been upgraded from NT 3.5 and 3.51. No one knew anything about that until the day after the SP had been released when the wailing of NT administrators and the gnashing of teeth overcame the sound of music on hold at the Microsoft Tech support center? From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Andrew S. Baker Sent: Sunday, December 14, 2014 6:37 PM To: ntsysadm Subject: Re: [NTSysADM] Patch pulled kb3004394 >>However, when you get out into the wider cosmos - lots of hardware, lots of >>software cruft, no rebuilds for years, questionable patch interactions, etc. >>etc. - they really suck. In general, I agree with you. However, I notice that Microsoft's ongoing patching woes are largely occurring between Microsoft's own products. It would be one thing if they were largely happening between Microsoft and 3rd party products, but it's largely internal. ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market... On Sun, Dec 14, 2014 at 3:27 PM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: At least for Exchange and Lync - and I suspect also for Windows - you are making an incorrect assumption. <rant> Lync and Exchange are not patched the way you and I would patch them. Automation makes it easier - and safer - to idle a server in a cluster, format it, re-install WITH THE SLIPSTREAMED patch(es), and then put the server back in service. This is something possible "at scale" - but not practical for even many larger businesses, forget the SMB. The dogfood environment for Lync and Exchange matches the service precisely. Same hardware, same software, same deployment methodology, same support methodology. It is a microcosm of the "real world". Where "the real world" is Microsoft's service environment. And in that microcosm, things are tested very well. Occasionally, something still slips through (as we saw in the Azure outage a couple weeks ago) but comparatively - it's quite rare. However, when you get out into the wider cosmos - lots of hardware, lots of software cruft, no rebuilds for years, questionable patch interactions, etc. etc. - they really suck. And are continuing to get worse, especially on prior-generation software - because no one in their environments runs it live anymore. Most of Microsoft is on Win8.1 and Win10. Win7 is legacy. Vista is the stone ages. XP? Paleozoic. </rant> P.S. Don't get me wrong - I have absolutely no desire to support XP (or Server 2003) anymore. But Microsoft could've invested more of their genius into making that migration/upgrade rock-solid. And it isn't. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Andrew S. Baker Sent: Sunday, December 14, 2014 8:31 AM To: ntsysadm Subject: Re: [NTSysADM] Patch pulled kb3004394 >>The company's update woes have been ongoing for a couple years and steadily >>getting worse, so maybe it didn't layoff the right people. It's truly making >>the company look bad, and there's a growing mistrust among customers. You would think that the organization would recognize the clear connection between ongoing code updates and cloud services, but they do not seem to recognize it. In short, if an organization cannot easily and effectively manage code updates between their own products for on-premises code, what will allow them to successfully manage code is a hosted environment, where the stakes are going to be higher because the impact will almost certainly be felt more broadly? ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market... On Sat, Dec 13, 2014 at 12:20 AM, Jon Harris <[email protected]<mailto:[email protected]>> wrote: Microsoft pulled a patch today. Thank you Rod Trent for posting a link to the article. http://windowsitpro.com/windows-update/kb3004394-finally-pulled-additionally-reported-reason In short anyone that has pushed it needs to remove it. Jon
