Alerts

THE ISSUE:

This only applies to our agencies (DOTs) and does NOT apply to our contractors.

The version of Expedite Entry that shipped with the 5.7a release automatically closes within seconds of opening an EBS file.

THE SOLUTION:

The Entry program has been modified to fix this issue. It is currently in testing and under review. Once we receive notice the issue has been resolved, the new executable will be made available for our agencies.

THE ISSUE:

When installing Expedite Bid, a Windows registry entry is set which tells Expedite where to submit bid information. The registry entry points to a script name at the end of a URL. Older versions of Expedite (prior to version 5) use the script name "expedite.pl". Newer versions of Expedite Bid (starting with version 5) use the script name "expedite". The "expedite.pl" script name is no longer valid due to recent updates to our servers.

This issue impacts contractors who have had a version of Expedite Bid installed on their computer which is prior to version 5. Upgrading to a newer version of Bid does not change the old registry entry. When a contractor who has had a version of Expedite Bid prior to version 5 installed on their computer tries to submit a bid, they get an "Error 500" message. This error occurs even when the contractor is submitting the bid with a newer version of Expedite Bid.

In order to fix this issue, the existing registry entry needs to be modified to reflect the new script name.

THE SOLUTION:

A tool has been created called "Expedite.REG". This tool modifies the Windows registry entry for Expedite Bid to reflect the new script name.

To use the tool, simply download it to your desktop and double click it.

You'll only need to follow these steps once. This fix is permanent in nature and does not need to be repeated before each Expedite use.

Expedite Bid is supported on the following Windows operating systems: Windows2000 and WindowsXP.

If you are using an operating system not listed above and are using Expedite Bid with digital IDs, we first suggest you back up your digital ID(s) to a diskette, CD, DVD or your network drive, if applicable.

To Back up a Digital ID: Open Expedite Bid. Select "Tools" then select "Manage Digital IDs". Insert a diskette, CD, or DVD into your PC. Highlight the ID showing in the box that you want to back up. Select "Export ID to File" and select the drive where your media (diskette, CD, or DVD) is located or select the network drive if your computer is connected to a local area network and you are going to backup your Digital ID to a network drive. Your digital ID is now backed up.

We then suggest that you upgrade your operating system to one of the versions listed above. Once you have upgraded, re-install Expedite Bid, and import your ID from the media or network drive into Expedite Bid.

To Import ID back into Expedite Bid: Open Expedite Bid. Select "tools" then select "Manage Digital IDs". If the Digital ID is backed up on media, insert the media (diskette, CD, DVD) that contains your ID file into your PC. Select "Import ID from File" from Expedite Bid. Select the drive that contains your media, or if your Digital ID was backed up on a network drive, select the network drive and select the digital ID to import into Expedite Bid. You should now see your digital ID showing in the digital ID box that is being displayed.

Bid Express strives to maintain a high level of support but unfortunately we cannot guarantee the functionality of Expedite Bid on any platforms older than Windows2000 or platforms that are no longer supported by Microsoft.

This notice is to notify you of an important change being made to Bid Express that will affect Internet bid submission. One of the checks performed during bid submission is to verify that the bidder is using a minimum version of the Expedite Bid software application. Currently, the minimum version is set to Expedite 4.2b which is an outdated version of Expedite. Expedite 5.1a is the oldest version being used among our Bid Express states. This is good progress, since this release incorporates the important A+B (Cost + Time) Bidding feature and has several other functions that improve the performance of the software and help reduce bidding errors.

In order to continue providing you with the highest possible level of service, we are updating Bid Express to check for a minimum version of Expedite 5.1a, effective on Monday, May 2, 2005. As Bid Express agencies migrate to more recent versions, the check done by Bid Express for the minimum version will change again at a future date. We will notify you when this occurs again.

If you are not currently using Expedite Bid 5.1a or better, we urge you to upgrade as soon as possible to the version that the agency(s) you bid in is(are) currently using. Below is a list of the state agencies and their version of Expedite. You can also determine the version of Expedite being used by selecting "Expedite" from the Utilities tab from your DOT Bid Express site. Provide the information requested and you will be presented a list of agencies and the corresponding version of Expedite.

Please backup any digital IDs you may have if you haven't done so already.

You may find instructions on how to backup your Digital ID and upgrade your Expedite Bid Software located on Bid Express: http://www.bidx.com/cgi-bin/membersonly

The following is a list of versions of Expedite Bid currently being used with Bid Express:

5.1a: Arizona
5.2b: Michigan, Minnesota, North Carolina, North Dakota, Ohio, Wisconsin, Vermont
5.3a: Florida, Georgia, Iowa, Maine, Nebraska, New Jersey, Oklahoma, South Carolina, Tennessee, Virginia
5.5a: Montana

The information in this article applies to: Microsoft Internet Security and Acceleration Server 2000

This article was previously published under Q295667

SUMMARY

This article describes how to allow connections to third-party Internet-based update services. The typical scenario that is addressed in this article is the connection to a software vendor update service from an update application that is connected to the Internet through Microsoft Internet Security and Acceleration Server (ISA) 2000. Update programs include, but are not limited to, programs that download software updates automatically (such as program updates, anti-virus updates, and so forth) or programs that connect to a service provider and update account information, such as Internet postage stamp programs, or Internet shipping management programs.

Requests to the Internet are recognized by ISA as HTTP requests and are sent to the HTTP redirector filter, which is enabled by default in Microsoft Small Business Server 2000. If the HTTP redirector is configured to forward requests to the Web Proxy, the Web Proxy in ISA evaluates the request based on the configuration for outgoing Web requests, protocol rules are checked, and then the Web Proxy authenticates the connection.

The information in this article is based on the following assumptions: Applications connect to an update server over port 80 (HTTP) or port 443 (HTTPS). The ISA server is installed in Firewall mode or Integrated mode, which is the default in SBS. The Microsoft Firewall Client is properly installed and configured on the client computer.

-OR-

The client computer is configured to use ISA as its default gateway (Secure-NAT client). The Site and Content rules are correctly configured for the sites that you want to access.

MORE INFORMATION

There are four different methods that you can use to open access on your ISA server for these connections. Use one of the following methods based on your specific network needs and requirements.

* Method 1:

Create an Allow Protocol Rule If your network needs do not dictate the enforcing of rules by limiting users to specific sites, the simplest way to open up access is to create an "Allow All/All/All" rule. However, this type of rule effectively disables any deny rules and limits your ability to restrict users' Internet use on your network, but you may find this rule useful for troubleshooting.

To create an "Allow All/All/All" rule:

• In ISA Management, click your server to select it.
• Click to expand Access Policy.
• Right-click Protocol Rules, and then click New.
• Create an allow protocol rule, and then click Next.
• Enable the rule to apply to all IP traffic, and then click Next.
• Click to select the schedule, and then click Next.
• Click Any Request, click Next, and then click Finish.

* Method 2:

Enable Basic Authentication for Outgoing Web Requests If you want to control access to certain users, and your browser and third-party application allow you to configure a proxy server and support basic authentication, you can enable basic authentication for Outgoing Web Requests:

• In ISA Management, right-click your server, and then click Properties.
• On the Outgoing Web Requests tab, click the configured listener that you want to change, and then click Edit.
• Click Basic authentication, and then select the domain in which the accounts exist that you want to authenticate.

NOTE: this method works only if you can configure your application to use a proxy server and provide credentials for that proxy server.

* Method 3:

Grant Access to a Specified Computer To grant access to a specific computer, you have to enable ISA to pass this connection by creating a Client Address Set and a protocol rule that allows the specific protocols from the specific client computers (based on IP address):

• In ISA Management, right-click your server, and then click Properties.
• Click to expand Access Policy.
• Right-click Protocol Rules, and then click New.
• Create a protocol rule that applies to the specific protocol that you want to allow (such as HTTP) or click All Protocols.
• Select the schedule for this protocol rule.
• Click Specific Computers (client address sets) as the client type to which this rule should apply.
• Create a client address set or use an existing one that contains the clients to which you want to grant access.
• Click Next, and then click Finish.

To resolve this, create a protocol rule that allows all HTTP and HTTPS traffic for the specific IP address of the computer that is in use.

* Method 4:

Forward All Requests to the Internet You can configure the HTTP Redirector Filter to forward all requests directly to the Internet instead of passing them to the Web Proxy. This configuration causes these requests to not utilize the performance gains that are provided by the Web Proxy Cache. To do this:

• In ISA Management, navigate to Servers and Arrays, Server_name, Extensions
• Click to expand Extensions, and then click the Application Filters folder.
• Click Http Redirector Filter, and then click Properties.
• On the Options tab, click to select the option that you want. For example, if you click Send to requested Web server, this bypasses the Web proxy on your ISA server, which skips the authentication checking.

We are committed to secure, timely, and reliable delivery of your bids to the agencies that use Bid Express. A problem with one contractor's bid submission occurred last week when an out of date version of a bid was submitted to a DOT even though the updated version of the bid was displayed in Expedite at the time of submission. We want you to be aware of that potential error and ways you can avoid it happening to you.

We have determined the cause of this error, and found that the circumstances that caused it are very rare and unlikely to affect other bidders. Also, the error can only occur in older versions of Expedite; versions 5.2a and later are immune to it. However, your bids are the foundation of your livelihood and we want to reduce any potential for errors, no matter how rare they already are.

The error was caused by a file read/write error on the diskette the contractor was working from. When he submitted his bid, the "file save" operation that Expedite performs automatically failed, probably due to a bad or marginal diskette. Expedite did not detect the file save failure and continued with the bid submission process. When Expedite encrypted and digitally signed the bid for submission, it read it from the diskette. Since the automatic save had failed, the version that was read and submitted was out of date instead of current. In fact, it was the original blank bid file.

This error cannot occur in Expedite 5.2a and later because they do not use the working file for bid submission. Instead, they create a temporary file on your hard drive and then encrypt and digitally sign that temporary copy. Since this file is created by the automatic save at the start of bid submission, it will not even exist if that save fails, after which the encryption and signing steps will fail with a user error message instead of finding and using an out of date version of the file.

In order to eliminate even the small possibility of this error affecting you in the future, we recommend that you perform the following steps when submitting bids from Expedite to Bid Express:

- Work with your bid on a hard drive instead of a diskette. Hard drives have far fewer data read/write errors than diskettes do.
- After you submit your bid, exit Expedite, then restart Expedite and open your bid file up again. You are now seeing the same file contents that were submitted to Bid Express. Check it to make sure the contents are up to date with the most recent prices you entered. If they aren't, correct your prices, save your bid, and resubmit your bid. You may want to copy your bid file to another disk drive before doing this, since the disk you were using may have a hardware problem.

Problem:

Some Windows XP users will not be able to perform digital signature or cryptographic functions with current versions of Expedite. These functions are required for Internet bid submission.

Details:

Info Tech has discovered that Windows XP's tighter default security restrictions can prevent Expedite's digital signature capabilities from functioning when logged in as a "Limited User". There are no other known issues with Expedite under Windows XP. Therefore, only agencies or bidders using Expedite for Internet bid submission can be affected by this newly discovered issue. Those agencies and bidders can perform digital signature functions under Windows XP by raising the Windows XP privilege level of any affected users to "Administrator" level.

The planned June 2003 release of Expedite is the first that will be fully tested and certified under Windows XP. We recommend that all agencies that use Expedite upgrade to the new version when it becomes available. It is especially important that agencies using Internet bid submission adopt this new release. Bidders must use the same release of Expedite as the agency, so their actions will depend on the agencies' actions.

Affected programs:

Expedite Bid.

Solution:

Bidders should upgrade to the June 2003 release when it becomes available. Until then, Expedite users can use Windows XP by doing any of the following:

1 - Not performing any Internet bid submission functions (Digital ID creation or import, bid submission, bid bond verification, and bid withdrawal).
2 - Setting the affected users' Windows XP privilege level to "Administrator". A user that already has "Adminstrator" privilege can do this using the Windows XP Control Panel's User Accounts applet.
3 - Using the Windows 2000 operating system with Expedite.