When you install Microsoft Internet Explorer (IE) 5.5 on a Windows NT system, the installation upgrades your system to 128-bit encryption. This upgrade causes problems if you don't work in the United States because 128-bit encryption is legally allowed only in the United States. All non-English-enabled service packs (e.g., Hebrew-enabled Service Pack 6a—SP6a) are 56-bit encrypted, and when you try to install 56-bit SP6a on a 128-bit NT system, you get an error message. Therefore, you can't reapply SP6a after you install a component from the original NT CD-ROM (e.g., DUN).
Microsoft offers no official solution to this problem. I developed the following workaround:
- Extract the 56-bit service pack to a temporary folder on your hard disk by running the command
- In the folder in which you extracted the files, you'll have an Update folder that contains the update.inf file. Use any text editor, such as Notepad, to edit update.inf. As the following example shows, place two semicolons at the beginning of the three lines in the \[CheckSecurity.System32.files\] section of update.inf:
- Use one of two methods to check the DLLs' encryption level: Right-click any one of the DLLs, select Properties, and look for Export version on the Version tab; or in IE, click Help, About, and look for Encryption: 56 Bit in the resulting window.
and specifying a folder such as C:\temp at the prompt.
\[CheckSecurity.System32.files\] ;; SCHANNEL.DLL ;; SECURITY.DLL ;; NTLMSSPS.DLL
Answers to This Month's Reader Challenge
You can find this month's Reader Challenge on page 21. The correct answers to the questions are as follows:
- B. If both names still exist in Server Manager, sometimes Windows NT 4.0 still displays the old name as a BDC instead of a PDC. Just delete the entry; otherwise, replication will fail or produce a lot of error messages. The OS might take a while to remove the name because the system waits for the next replication process to make the final change.