WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 09-02-2006 ]
Category
[ Information Technologies ]
sub-Categoy
[ Microsoft ]
      [http://www.grape-info.com/doc/win2000srv/internet-gw/wpad/

      How to detect proxy server automatically
      Last Updated on 14 Feb 2004

      If you have many number of computers in your LAN and sharing the internet, you should prepare a proxy server and cache the internet object to improve the access speed. Then all computer need to point the proxy server, but it's a heavy job for the network administrator to open all browser and point to the proxy server manually.

      If you are using Linux as a gateway, you can configure it as a transparent proxy, then all http packets can be redirected to proxy server transparently. But windows 2000 server can not function as the transparent proxy.

      Windows 2000 Server has another approach to solve the problem, but each approachs don't work for all the workstations and browsers, then you should use several way concurrently.

      Option
      Method to detect proxy automatically
      Support
      Doesn't support
      1
      		Web Proxy Auto-Discovery (WPAD) IE5.0 and above, Netscape Old IE and other browser
      2
      		DHCPINFORM all windows platform? ?
      3
      		Active Directory Group Policy Within a domain
      Windows 2000 Pro, Server
      Windows XP Pro
      Windows 2003 Server       		Outside a domain
      Windows 9x/Me
      Windows XP Home Edition

      Web Proxy Auto-Discovery (WPAD) (Option1)
      The IE 5 (and higher) and Netscape Web Proxy Auto-Discovery (WPAD) feature enables web clients to automatically detect proxy settings without user intervention. The algorithm used by WPAD prepends the hostname "wpad" to the fully-qualified domain name and progressively removes subdomains until it either finds a WPAD server answering the hostname or reaches the third-level domain. For instance, web clients in the domain a.b.hoge.com would query wpad.a.b.hoge.com, wpad.b.hoge.com, then wpad.hoge.com. A vulnerability arises because in international usage, the third-level domain may not be trusted. A malicious user could set up a WPAD server and serve proxy configuration commands of his or her choice.

      1. All clients should be enabled "Automatic detect settings", even though it's a default value.


      2. Make a wpad.dat and proxy.pac file and copy it into root directory of local web server.

      function FindProxyForURL(url,host)
      { if(isPlainHostName(host)||
      isInNet(host,"      192.168.0.0","255.255.255.0")) return "DIRECT";
      else return "      PROXY 192.168.0.10:8080; DIRECT";
      }

      Note: wpad.dat is referred by WPAD, and proxy.pac is referred by DHCPINFORM (option2) and Active Directory Group Policy (option3)

      3. The web server should have wpad host name (or alias). You need to register to DNS. (A record or CNAME)


      Detect proxy server using DHCPINFORM (Option2)
      DHCP server can send DHCPINFORM message and then client can get javascript URL. DHCP server should be supported using DHCPINFORM. Windows 2000 Server/Windows .NET Server support it.
      1. Open DHCP Window, right click the host name and select "Set Predefined Options..."


      2. Click "Add" button at "Predefined Option and Values" window. And then type as below. You can give any name, but data type and Code should be "String" and "252"


      3. Add "AUTO-PROXY-CONFIG" to each scope options and the value should point your proxy.pac file (make link to proxy.dat or copy same file to proxy.pac)


      Active Directory Group Policy (Option3)
      You can configure proxy to client automatically using Active Directory Group Policy. But it works only computer which belongs to the domain.

      The supported OSs are only
      1. Windows 2000 Professional and Server
      2. Windows XP Professional
      3. Windows 2003 Server

      These are not supported
      1. Windows 9x/Me
      2. Windows XP Home Edition

      1. Open "Active Directory Users and Computers", and then select OU (if you want to apply all your organization, select root domain) and open property. Click "Group Policy" tab, click [New] or [Edit] and open "Group Policy" window. Click "User Configuration"->"Windows Settings"->"Internet Explorer Maintenance"->"Connection"->"Automatic Browser Configuration" and open "Property".


      2. Check [Automatic detect configuration settings] and [Enable Automatic Configuration], set the interval to [Automatic configure every] textbox and URL for proxy.pac file to [Auto-proxy URL] textbox.
      ]


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)