Solved

WPAD configured in trusted domain causing issues in our domain

Posted on 2013-01-22
2
1,011 Views
Last Modified: 2013-01-28
Hi All

We have a Windows 2008R2 domain, we do not have WPAD configured in our own domain, We are a healthcare organisation and we have a 2 way trust with another domain of a seperate healthcare org, we have conditonal forwarding configured for their internal domain name.

They have recently configured WPAD on their domain, this has led to people who use our DNS servers that do not have proxy servers configured being directed to our partners proxy server. This does not effect people who are members of our own domain as they have proxy settings configured by GPO, however we have a large number of doctors practices that are just workgroup members who use our DNS settings as the long term goal is to migrate them to our domain, however in the interim the WPAD setting is causing us some pain.

Is there a way we can stop the WPAD from the trusted domain taking effect, we have the globalqueryblocklist setting enabled and WPAD is in there however this doess not seem to stop it

Any help would be very much appreciated.

Thanks
0
Comment
Question by:ncomper
2 Comments
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 38808205
Do you have DHCP telling clients to use the additional domain as a dns suffix?  That's the only way they might be querying for wpad.otherdomain.com that springs to mind.  If so I would ask if that additional suffix is necessary.

I haven't tested this myself but I think you should be able to essentially set up a split DNS to work around this.  Just define a Forward Lookup Zone for wpad.otherdomain.com, but don't put any records in it, all other queries for otherdomain.com should be handled by your conditional forwarder.

The blocklist applies to all zones that the DNS server is authoritative for, but not to queries through forwarders, etc.
0
 
LVL 5

Author Closing Comment

by:ncomper
ID: 38827579
Excellent thanks, the dummy DNS zone worked for us
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now