About preparing clients for automatic detection
Microsoft Forefront Threat Management Gateway Web proxy clients can be configured to use automatic detection. You can configure Web browsers to use Web Proxy Automatic Discovery (WPAD) detection, or a static configuration script.
For client computers that do not have Firewall client software, automatic detection is enabled in the browser properties. For client computers with Firewall client software installed, you can automatically push automatic detection settings to clients by configuring the properties of the Forefront TMG network on which Firewall clients are located. Settings are pushed to clients as follows:
- Each time Firewall Client is restarted.
- Each time Detect Now or Test Server is clicked on the Settings tab in the Microsoft Firewall Client management console.
- Every six hours after the previous refresh.
Client support for WPAD
Using automatic discovery with WPAD requires client support for the process. The following table summarizes support for various operating systems.
Operating system | Web proxy clients (Internet Explorer) | Firewall Client for ISA Server 2000 | Firewall Client for ISA Server 2004 | Firewall Client for ISA Server 2006 | Firewall Clients for ISA Server (Web download) |
---|---|---|---|---|---|
Microsoft Windows Server 2003 with Service Pack 1 (SP1) |
All users (DNS and DHCP) |
All users (DNS) Administrators only (DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
Windows 2000 Server |
All users (DNS)Admin users only (DHCP) |
All users (DNS)Admin users only (DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
Windows NT Server 4.0 |
All users (DNS and DHCP) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
Windows XP |
All users (DNS and DHCP) |
All users (DNS)Admin users only (DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
Windows XP with Service Pack 2 (SP2) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
All users (DNS and DHCP) |
Windows Millennium Edition |
All users (DNS and DHCP) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
Windows 98 (Second Edition) |
All users (DNS and DHCP) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
All users (DNS only) |
Windows 95 |
All users (DNS and DHCP) |
All users (static DNS only) |
No Firewall client support |
No Firewall client support |
No Firewall client support |
For Web Proxy clients running on Windows 2000 Server, automatic discovery functionality using a WPAD entry in DHCP is supported only for users who are members of the Administrators or Power Users group. In Windows XP, the Network Configuration Operators group also has the permissions needed to issue DHCP queries. For more information, see the Microsoft Knowledge Base article 312864, "Automatic Proxy Discovery in Internet Explorer with DHCP requires specific permissions." The article includes hotfix details for computers running Windows 2000 Server. For Windows XP, the issue was fixed in Service Pack 2.