When you want to deploy an autodiscover proxy configuration for your clients, you can use WPAD with DNS.
However Windows Server DNS can reply non-existent domain for an wpad domain name request.
WPAD record in DNS
Non Existant domain
This behavior is by default and can be decomposed in two parts:
- If WPAD configuration is already in place when you install the DNS server, no action is required.
- When you want to set up a new WPAD configuration after DNS installation, you need to edit the block list on all your DNS servers.
Query status
Before to modify anything, you can check if the Global Block list is enabled on your DNS server:
dnscmd /info /enableglobalqueryblocklist |
Query block list
Hostname filtered
If you want to display all records in the block list:
dnscmd /info /globalqueryblocklist |
globalqueryblocklist
By default, two hostnames are blocked by DNS: wpad and isatap.
Disable WPAD filtering
To disable the Global Block list on your DNS server:
dnscmd /config /enableglobalqueryblocklist 0 |
Disable Global Block List
And tada! you can now resolve the wpad record:
WPAD hostname
More
You can find more information about DNS Filtering here
