Use a firewall. Either a hardware or software
firewall works, as long as it has an
unused Ethernet interface that you can utilize.
Mark the interface as a connection to an additional
internal or trusted network and set the
appropriate routing and security policies.
Use RRAS. You can use RRAS, available
in Windows Server, as long as the machine you set it up on has two Ethernet interfaces.
This is an attractive option if you also need
to provide infrastructure services such as
DHCP and DNS to your voice VLAN.
Operation Aborted
How many times have you experienced
this behavior: You type a URL into Internet
Explorer’s (IE’s) address bar and press Enter.
The site begins to load, but then you receive
a dialog box with the message “Internet
Explorer cannot open the Internet site <Web
address>. Operation aborted.” When you
try to load the page again, however, you
succeed. I’ve encountered this behavior on
Microsoft’s TechNet site many times but
never thought much about it. When people
in my office started reporting it happening
on other sites, including Google’s home
page, I decided to investigate.
Initially I thought it was a problem with
the web proxy functionality of our ISA Server
firewall. However, even after temporarily
bypassing the firewall, I was still able to
reproduce the problem. Then I thought that
my TCP session was being reset at some
point before the page finished loading. A
network trace proved this wasn’t the cause.
Finally, I started to think that the problem
might be with IE itself, so I dug around
on the Internet and found this Microsoft
article “BUG: Error message when you visit a
Web page or interact with a Web application
in Internet Explorer: ‘Operation aborted’” at support.microsoft.com/kb/927917.
This was my exact problem, but the
cause—script code trying to modify particular
container elements—didn’t explain why
the problem wasn’t occurring continuously.
After all, it’s unlikely that the TechNet site
was modified within the two seconds that it
takes to press F5. However, further examination
indicated that the problem lies with IE’s
parser: The exact order in which the page is
loaded and parsed changes ever so slightly
from refresh to refresh. This would explain
how I could refresh a problem page 10 times
but the problem would occur twice.
I never found a workaround. The article
states that the fix lies with the site author,
who has to modify the code. Let’s hope
Microsoft will fix this problem in IE 8.0.
Passwords Expired
A former colleague of mine contacted me
in a panic: His network was going down around him. The symptoms he described
included a user unable to access Exchange
Server through Microsoft Office Outlook.
Some mapped drives were also inaccessible.
Strangely though, the Internet was
accessible.
While he was troubleshooting the problem
with the user, a user in the next cubicle
experienced the same symptoms. Five minutes
later, someone else across the office
yelled, “I have the same problem!”
I asked my colleague whether he had
checked the obvious: Were those servers
actually experiencing a problem? No.
Were there any recent software, hardware,
or configuration changes? No. Was
basic networking connectivity present and
functioning? Yes.
After thinking for a few moments, I
asked if he had checked the user accounts
in Active Directory (AD) to see if the users
having problems had somehow all locked
themselves out at the same time. He had
checked this, and they weren’t locked out.
Finally, in a Eureka! moment, I asked him
to check whether the users had recently
received a prompt notifying them that their
password would expire soon and asking
whether they would like to change it.
He reported back that they had all been
seeing the prompt for “a few days” and that
today it said there was one day left. No one
likes changing their password, so they had
been clicking No for days. Today was no
different. However, “one day” in this sense
doesn’t mean “24 hours from now”; it really
means “sometime in the next 24 hours.” My
colleague directed the users to log off and
log back on. Sure enough, all were forced
to change their passwords and experienced
no problems afterwards. Because these
people arrive each day at approximately
the same time, the validity period of their
passwords was almost identical. We both
now tell users that “one day” really means
“today.”
Michael Dragone
(mike@mikerochip.com) is a
contributing editor for Windows
IT Pro and a systems engineer
in New York. He is an MCDST
and an MCSE: Messaging and
remembers when Windows IT
Pro was called Windows NT
Magazine.