Configure WPAD Through DNS in Windows Server 2003/2008

Link: http://www.safesquid.com/content-filtering/configure-wpad-through-dns-windows-server-20032008

Body:

Note: Active Directory server is required to carry out following steps.

Configure wpad site in your IIS.
1. Open IIS Management Console [ Start==>RUN==>inetmgr==>press enter ]
2. Right Click on “Sites” below Application pool and select “Add web site”
3. *Site Name: wpad / *Physical Path: C:\inetpub\wwwroot” / *Hostname: wpad / Bind with Server Ip address and then click OK.
4. in your site(wpad) add mime type “File name extention(.dat)” “MIME type: application/x-ns-proxy-autoconfig”
5. Right Click on site(wpad) then select explore. and create wpad.dat file as below
# Please copy and paste the following lines in the wpad.dat file, just replace the IP and Port with the IP and port of your proxy server.
//==================================wpad.dat=======================================
function FindProxyForURL(url, host)
{
// If IP address is internal or hostname resolves to internal IP, send direct.
        var resolved_ip = dnsResolve(host);
        if (isInNet(resolved_ip, “10.0.0.0”, “255.0.0.0”) ||
                isInNet(resolved_ip, “172.16.0.0”,  “255.240.0.0”) ||
                isInNet(resolved_ip, “192.168.0.0”, “255.255.0.0”) ||
                isInNet(resolved_ip, “127.0.0.0”, “255.255.255.0”))
                return “DIRECT”;
if (shExpMatch(url, “http://*safesquid.com/*”)) { return proxy_no; }
return “PROXY 192.168.250.100:8080; DIRECT”;
}
//==================================wpad.dat=======================================
DNS set up for automatic proxy:
  Note: Assuming Your domain name is safesquid.local
  1. In your existing domain(safesquid.local) add CNAME Record “Alias: wpad” “FQDN: wpad.safesquid.local” “FQDN For Target: yourhostname.safesquid.local
  2. Then add Zone , Primary Zone, Zone name:wpad, do not allow Dynamic update.
  3. In wpad zone add Host record cotains Blank Name with server IP address.
  4. Then add “Other New Record” and Select TEXT(txt) . “Record Name: wpad” “Text: service: wpad:!http://wpad.safesquid.local:80/wpad.dat
After completion of above steps restart DNS,DNS Client and IIS services.
On the client side please make the following settings in the TCP/IP properties:
  • Set primary DNS as the that of with you server IP
  • Updating automatic configuration settings
  • Enable or change browsers to  ‘Use Automatic detect settings’ in the computers deployed to your users.

# TROUBLESHOOTING for Windows Server 2008, if wpad domain is blocked

C:\Users\Administrator>dnscmd /info /globalqueryblocklist

Query result:
String:  wpad
String:  isatap
Command completed successfully.
C:\Users\Administrator>dnscmd /config /enableglobalqueryblocklist 0
Registry property enableglobalqueryblocklist successfully reset.
Command completed successfully.
C:\Users\Administrator>dnscmd /info /globalqueryblocklist
Query result:
String:  wpad
String:  isatap
Command completed successfully.
C:\Users\Administrator>dnscmd /config /globalqueryblocklist wpad
Registry property globalqueryblocklist successfully reset.
Command completed successfully.
C:\Users\Administrator>dnscmd /info /globalqueryblocklist
Query result:
String:  wpad
Command completed successfully.
C:\Users\Administrator>dnscmd /config /globalqueryblocklist
Registry property globalqueryblocklist successfully reset.
Command completed successfully.
C:\Users\Administrator>dnscmd /info /globalqueryblocklist
Query result:
Command completed successfully.
C:\Users\Administrator>dnscmd /info /globalqueryblocklist
Query result:
Command completed successfully.
C:\Users\Administrator>dnscmd /info /globalqueryblocklist
Query result:
Command completed successfully.
C:\Users\Administrator>nslookup wpad
Server:  localhost
Address:  127.0.0.1
Name:    win2k8dc.esxi1.local
Address:  192.168.250.100
Aliases:  wpad.esxi1.local