Skill: Intermediate

After a Active Directory migration to Windows 2008 (R2) the “automatically detect settings” setting in your browser can stop working. The reason for this isn’t that obvious and you can spend a lot of time looking for a solution. First a little explanation how this principle works. When “automatically detect settings” is enabled the browser will search for a file called WPAD.DAT located on a webserver called wpad.yourdomain;. To resolve this address a CNAME WPAD must be present in DNS.

This works fine for DNS servers that are running on Windows 2000 or Windows 2003. However on DNS servers on Windows 2008 (R2) a global query block list exists which blocks WPAD. The reason for this is that the file WPAD.DAT is actually a javascript file and can be used for malicious purposes.

To see if the global query block list is enabled use the following command:  dnscmd /info /enableglobalqueryblocklist

Listing which hosts are blocked can be done by: dnscmd /info /globalqueryblocklist

To resolve the issue and remove the block use the following command: dnscmd /config /enableglobalqueryblocklist

Now the proyx settings should be detected again and browsing will work!

Share on FacebookTweet about this on TwitterShare on LinkedInEmail this to someone