Could not find WPAD host

This post is also available in: Slovenian




 

DNS entry for WPAD throwing error and there’s no possible redirection of Internet traffic through the desired proxy server.

The enterprise network is commonly using web proxy for secure user access to the Internet. Of course, it is necessary to regulate this that all internet traffic is routed through a proxy server  as transparent traffic redirection, or, as is more usual, by usin the WPAD file.

English: Diagram of a forward proxy.
English: Diagram of a forward proxy. (Photo credit: Wikipedia)

On the IIS server deploy http://wpad.domena/wpad.dat with which users receive information on where to redirect Internet traffic.

Till recently it worked all this without any problems, at the end of last year, the trouble began with DNS erver on Windows Server 2003 installed. In Windows Server 2008 R2, and from the end of last year, the correction kb961063 on Windows Server 2003, is a new feature introduced Global Query Block List, which provides the security that someone can not take over the WPAD and announce on its computer that is the WPAD server. At the same time this feature can be a problem with the right WPAD file.

When looking for the nslookup and it throws out error: can not find WPAD: non-existent domain

Even the ping does not work: ping reguest could not find WPAD host. Please check the name and try again

 
There are two solutions:

  1. varnostno riskier to turn off the function Global Query Block List
  2. varnosto well utilized new functionality by allowing wpad.domena eliminated from the Global Query Block List

 

Deactivating the Global Query Block List

deactivate the command:

dnscmd /config /enableglobalqueryblocklist 0

If you want to later turn back this functionality, just change the value from 0 to 1

WPAD is eliminated from the Global Query Block List

The list is stored in the
HKLM \SYSTEM \CurrentControlSet \Services \DNS \Parameters \GlobalQueryBlockList.

Delete the WPAD entry and make a restart of DNS services to the global list to be reloaded.

This has to be done on each DNS server manually because this can not be replicated to other DNS servers.

Solution source: Michael King

Manage Global Query Block list

• info or sheet is enabled or not: dnscmd /info /enableglobalqueryblocklist
• show hosts: dnscmd /info /globalqueryblocklist
• removal of all hosts: dnscmd /config /globalqueryblocklist

In order to accelerate change I recommended temporary change in group policy for users:

User Configuration – Policies – internet-explorer maintenance – connection – automatic browser configuration temporarily tick enable automatic configuration and add the URL where the WPAD file is. Later, it withdraws and re-ticked automatically detect configuration.

Otherwise, users will had problems getting to internet in others networks on their notebooks.

 

Enhanced by Zemanta

Saša

Works as system engineer in Slovenian Enterprise in Microsoft environment focusing on security, deployments, SharePoint, SCCM and CheckPoint firewall. Author of successful blog about IT security, Microsoft tips & tricks, social media, internet trends.

Leave a Reply