"wpad" host name cannot be resolved

Discussion in 'DNS Server' started by Kane, Apr 23, 2009.

  1. Kane

    Kane Guest

    Hi;

    I am using DNS method to host "wpad" on a Windows Server 2008 Active
    Directory server, "wpad" is mapped to a valid ip address on a web server but
    when I ping "wpad" from server itself or from a workstation, it said "cannot
    find the host name".

    I tried to use another host name, such as "blah" and mapping to the same ip
    address as "wpad", it works fine.

    Looks like, the system does not like this name "wpad". I checked with other
    experts on another newsgroup, they said; it should be work but I have no clue
    what is wrong, why the "wpad" cannot be resolved.

    I am doing a test for Web Proxy Auto Detect, therefore I need put this name
    "wpad" on to my DNS server as a Host (A) record entry. I tried to use CNAME
    but does not work either.
     
    Kane, Apr 23, 2009
    #1
    1. Advertisements

  2. Without knowing what your DNS Scheme is like there is no way to answer that.
    1. It should be a CNAME

    2. The CNAME should point to the ISA Server which creates the FQDN similar
    to
    wpad.myisa.com

    3. Forget ping and connect to the ISA with a web browser using
    http://wpad.myisa.com/wpad.dat and see if the browser give the "Save/Open"
    prompt for the for the script. Then repeat the browser test for the
    http://wpad.myisa.com/wspad.dat to see if you get that script as well

    4. Then do WPAD with DHCP by using the the wpad FQDN as well,...because not
    all clients will use the DNS method properly,...some with use DHCP.


    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Apr 23, 2009
    #2
    1. Advertisements

  3. Kane

    Kane Guest

    Hi Thanks for your response.

    1. I tried to enter http://wpad.company.local/wpad.dat but it does not work,
    then
    2. I tried to enter htt://blah.company.local/wpad.dat, IT WORKS.
    blah.company.local and the wpad.company.local are pointing to the same ip on
    same server, only the host name on DNS is difference.
    3. I am not using ISA.
    4. How can I tell what DNS schema in system? I am using a single DNS server
    on LAN which is a Windows Server 2008 Active Directory controller.
     
    Kane, Apr 23, 2009
    #3
  4. Not schema,...scheme (like plan, method, design).

    What does the DC use for DNS in its TCP/IP Specs?

    What do the clients use in theirs?

    Make sure there is no "wpad" thing anywhere to get in the way (like in WINS
    or HOST files).


    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Apr 23, 2009
    #4
  5. Kane

    Kane Guest

    I checked the event log and found this message.

    The global query block list is a feature that prevents attacks on your
    network by blocking DNS queries for specific host names. This feature has
    caused the DNS server to fail a query with error code NAME ERROR for
    wpad.company.local. even though data for this DNS name exists in the DNS
    database. Other queries in all locally authoritative zones for other names
    that begin with labels in the block list will also fail, but no event will be
    logged when further queries are blocked until the DNS server service on this
    computer is restarted. See product documentation for information about this
    feature and instructions on how to configure it.
     
    Kane, Apr 23, 2009
    #5
  6. I have no idea what that is. Never heard of such a thing.

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
     
    Phillip Windell, Apr 23, 2009
    #6
  7. Whatever product loaded on the machine that is doing this *is* your problem.

    Find it,...kill it dead,...burn it,...bury the ashes.

    Maybe it is some Anti-virus/anti-spyware product that hasn't figured out
    that the correct way to deal with something doing something on your machine
    it should not do is to find and remove the thing,...not simply block the
    traffic. If someone is robbing a bank the police don't just disable the
    getaway car and say "problem solved",...forget the car,...they go after the
    robbers.


    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Apr 23, 2009
    #7
  8. Kane

    Kane Guest

    Kane, Apr 23, 2009
    #8
  9. Another good reason for me to never upgrade above Server2003R2. It is just
    my opinion of course,...but I think that anything MS produced after
    Server2003R2 and XP has been a real debackle. First that mess they call
    "Vista",...and then Server2008 following in the Vista tradition.

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Apr 23, 2009
    #9
  10. Kane

    dean sheets Guest

    This is actually the result of the last dns security patch from microsoft in
    march i think.
    it is to protect against new dns servers publishing wpad entries.

    we ran into this with creating a new dns server recently.

    we just removed the block and all was well.

    fyi
     
    dean sheets, Jun 4, 2009
    #10

  11. Does this happen on Server 2003?
    Where are these block setting located?

    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Jun 4, 2009
    #11
  12. Kane

    Grant Taylor Guest

    Search Microsoft's website for WPAD and / or PAC files and DNS. You
    will find reference to and workarounds for the fact that Windows DNS
    servers will refuse to resolve ""dangerous host names.

    In short, either you disable the DNS global block list or you remove
    wpad (or what ever) from said global block list.



    Grant. . . .
     
    Grant Taylor, Oct 20, 2009
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.