RE: (WAM) - Proxy Rewrite Method working with Windows 2003
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Date: Mon, 11 Apr 2005 22:34:47 -0700
- From: "Eric Wheeler" <public99 at eawheeler dot com>
- Subject: RE: (WAM) - Proxy Rewrite Method working with Windows 2003
I'm not sure whether or not WINS-redirect will still interfere, but you need
to turn on "loose wildcarding" before Windows 2003 with active directory
will work. After several months of struggle and research, we figured out
that loose wildcarding was the key. Our site now offers proxy rewrite
services without significant issues.
I can be more specific if needed, although it might take me a little time.
My research uncovered a solution under Windows 2000/active directory.
However unbeknownst to me, our IS department had just switched to Win 2003
(actually proxy is easier to implement in 2003 than it is in 2000). So, they
took my solution and adapted it to 2003. Before I can pass on comprehensive
setup instructions under 2003, I would need to sit down with our IS and see
how my solution differs from their implementation. In the meantime, the
following is the Win 2000 solution I found.
The source of this solution is http://forums.devshed.com/t150900/s.html. It
involves two steps: 1) enable LooseWildcarding; and 2) use dnscmd.exe to
create the wildcard record
Step 1: enable LooseWildcarding
a. Search the registry key:
b. Add the dword value: LooseWildcarding.
c. Set it to 1.
d. Restart DNS-Service.
(source of the following reference info:
Registry key: HKLM\SYSTEM\CurrentControlSet\Services\DNS\Parameters
Data type Range Default value
REG_DWORD 0 | 1 0
Determines whether the Domain Name System (DNS) server uses loose
wildcarding, as it does in Windows NT 4.0 and earlier. This method does not
strictly comply with standards for using the wildcard character in resource
records, as specified by RFC 1034, "Domain names-concepts and facilities."
0 Do not use loose wildcarding. Records must match the name and
record type specified in a name query. Otherwise, the DNS server
returns an empty response, meaning that no match was found. This
setting complies with RFC 1034.
1 Use loose wildcarding. If no resource record matches the name and
type specified in the query, the DNS server searches for a related
wildcard record of the type specified in the query. Then, the DNS
server returns a resource record that matches the wildcard
DNS reads its registry entries only when it starts. If you change the value
of this entry by editing the registry, the changes are not effective until
you restart the DNS server.
The default method that the DNS server uses to resolve queries containing
wildcards is changed for Windows 2000. In Windows NT 4.0 and earlier, by
default, the DNS server does not comply with RFC 1034. Instead, it searches
until it finds a record that matches the name and record type in the query.
Windows 2000 does not add this entry to the registry. You can add it by
editing the registry or by using a program that edits the registry.
Step 2: use dnscmd to create the wildcard record
You cannot use the DNS snap-in to create a wildcard character record in a
DNS (Domain Name System) zone on a Windows 2000 domain controller.
To resolve this problem, use the dnscmd command-line tool. Dnscmd is one of
the tools in the Windows 2000 Support Tools package.
Note: To install the dnscmd command-line tool on your computer, run the
setup.exe file that is located in the \Support\Tools folder on the Windows
2000 Server CD.
To create the wildcard character record, type the following command at the
command prompt, and then press ENTER:
dnscmd servername /recordadd zonename * A IPAddress
Note: In this command, servername is a placeholder for the name of the DNS
server, zonename is a placeholder for the zone name where the record will be
created, and IPAddress is a placeholder for the address that the wildcard
character record must point to when the DNS server reads the record. The
/recordadd option is used to add a new record to the zone. The A option
specifies the host address resource record.
After you implement loose wildcarding and create the wildcard record, you
need to add the following line to your wwwoptions file.
For example, our library domain name is library.simpsonuniversity.edu, so
the required line in our wwwoptions file is:
I hope this solution helps others. I certainly can empathize with everyone
struggling with proxy/Windows server issues.
ewheeler at simpsonuniversity dot edu
From: innopac-bounces at innopacusers dot org
[mailto:innopac-bounces at innopacusers dot org] On Behalf Of
Jeff dot Kuntzman at uchsc dot edu
Sent: Monday, April 11, 2005 9:03 AM
To: innopac at innopacusers dot org
Subject: RE: (WAM) - Proxy Rewrite Method working with Windows 2003
We have also worked very hard to try to get proxy rewrite to work in our
Active Directory environment. We've been told that as long as the
WINS-redirect service is enabled it will not work, and our campus
unfortunately still needs to have this turned on.
We are at the point of investigating setting up a separate proxy server
(EZProxy?)at an off campus location.
As a temporary measure, we have an ASP script that basically creates the
rewritten URL based on the user's IP - if you wish I can get you that
ASP code. We are putting the script address as a prefix on all our URLs.
expert, but I'm sure it could be done.
If anyone knows more about this Active Directory problem and correcting
it, I would like to hear from you! We have tried many things including
copying the setup directly from a screenshot of Windows DNS from our
sister campus, where III proxy rewrite is working.
University of Colorado at Denver and Health Sciences Center
UCDHSC Denison Memorial Library
jeff dot kuntzman at uchsc dot edu
>Sent: Wednesday, April 06, 2005 1:13 PM
>To: innopac at innopacusers dot org
>Subject: (WAM) - Proxy Rewrite Method working with Windows 2003
>activeDirectory Intergraded DNS
>I would talk to sites that have been able to get the Web Access
>(WAM) - Proxy Rewrite Method working with Windows 2003 active Directory
>Intergraded DNS. Our ITS person has tried several different ways to
>this work, all to no avail. She needs to know exactly how other sites
>with Windows 2003 active directory integrated DNS has done it.
>I appreciate any assistance.
>Library Systems Administrator 719 389-6895
>Colorado College - Tutt Library Fax 719 389-6082
>1021 N. Cascade Ave.
>Colorado Springs, CO 80903
This message was distributed through the Innovative Users Group INNOPAC list
Public replies: INNOPAC at innopacusers dot org
Update your subscription options: